openstack/openstack-manuals
Code Issues Proposed changes
cd8356339d
openstack-manuals/doc/common/tables/keystone-federation.xml
Atsushi SAKAI e9b476491f Update Config Reference for keystone 
Updates for Liberty Release

 Main changes are oslo_messaging issue like ceilometer/nova etc.
 And Adds keystone-tokenless.xml file.

Change-Id: Ib19008917e6c214238fc397faa3ce54b53d2f7e1
2015-10-14 16:31:43 +09:00

47 lines
2.5 KiB
XML
Raw Blame History

<?xml version='1.0' encoding='UTF-8'?>
<para xmlns="http://docbook.org/ns/docbook" version="5.0">
<!-- Warning: Do not edit this file. It is automatically
generated and your changes will be overwritten.
The tool to do so lives in openstack-doc-tools repository. -->
<table rules="all" xml:id="config_table_keystone_federation">
<caption>Description of federation configuration options</caption>
<col width="50%"/>
<col width="50%"/>
<thead>
<tr>
<th>Configuration option = Default value</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<th colspan="2">[federation]</th>
</tr>
<tr>
<td><option>assertion_prefix</option> = <replaceable></replaceable></td>
<td>(StrOpt) Value to be used when filtering assertion parameters from the environment.</td>
</tr>
<tr>
<td><option>driver</option> = <replaceable>sql</replaceable></td>
<td>(StrOpt) Entrypoint for the federation backend driver in the keystone.federation namespace.</td>
</tr>
<tr>
<td><option>federated_domain_name</option> = <replaceable>Federated</replaceable></td>
<td>(StrOpt) A domain name that is reserved to allow federated ephemeral users to have a domain concept. Note that an admin will not be able to create a domain with this name or update an existing domain to this name. You are not advised to change this value unless you really have to.</td>
</tr>
<tr>
<td><option>remote_id_attribute</option> = <replaceable>None</replaceable></td>
<td>(StrOpt) Value to be used to obtain the entity ID of the Identity Provider from the environment (e.g. if using the mod_shib plugin this value is `Shib-Identity-Provider`).</td>
</tr>
<tr>
<td><option>sso_callback_template</option> = <replaceable>/etc/keystone/sso_callback_template.html</replaceable></td>
<td>(StrOpt) Location of Single Sign-On callback handler, will return a token to a trusted dashboard host.</td>
</tr>
<tr>
<td><option>trusted_dashboard</option> = <replaceable>[]</replaceable></td>
<td>(MultiStrOpt) A list of trusted dashboard hosts. Before accepting a Single Sign-On request to return a token, the origin host must be a member of the trusted_dashboard list. This configuration option may be repeated for multiple values. For example: trusted_dashboard=http://acme.com/auth/websso trusted_dashboard=http://beta.com/auth/websso</td>
</tr>
</tbody>
</table>
</para>
View Git Blame Copy Permalink