diff --git a/manifests/keystone/auth.pp b/manifests/keystone/auth.pp
index 57d67b96..fc7d251e 100644
--- a/manifests/keystone/auth.pp
+++ b/manifests/keystone/auth.pp
@@ -6,9 +6,15 @@ class swift::keystone::auth(
   $tenant    = 'services',
   $email     = 'swift@localhost',
   $region    = 'RegionOne',
-  $public_protocol = 'http'
+  $public_protocol = 'http',
+  $public_port = undef
 ) {
 
+  if ! $public_port {
+	$real_public_port = $port
+  } else {
+	$real_public_port = $public_port
+  }
   keystone_user { $auth_name:
     ensure   => present,
     password => $password,
@@ -28,7 +34,7 @@ class swift::keystone::auth(
   }
   keystone_endpoint { "${region}/${auth_name}":
     ensure       => present,
-    public_url   => "${public_protocol}://${address}:${port}/v1/AUTH_%(tenant_id)s",
+    public_url   => "${public_protocol}://${address}:${real_public_port}/v1/AUTH_%(tenant_id)s",
     admin_url    => "http://${address}:${port}/",
     internal_url => "http://${address}:${port}/v1/AUTH_%(tenant_id)s",
   }
@@ -40,7 +46,7 @@ class swift::keystone::auth(
   }
   keystone_endpoint { "${region}/${auth_name}_s3":
     ensure       => present,
-    public_url   => "${public_protocol}://${address}:${port}",
+    public_url   => "${public_protocol}://${address}:${real_public_port}",
     admin_url    => "http://${address}:${port}",
     internal_url => "http://${address}:${port}",
   }
diff --git a/spec/classes/swift_keystone_auth_spec.rb b/spec/classes/swift_keystone_auth_spec.rb
index 6a1baf98..ee39c089 100644
--- a/spec/classes/swift_keystone_auth_spec.rb
+++ b/spec/classes/swift_keystone_auth_spec.rb
@@ -42,6 +42,32 @@ describe 'swift::keystone::auth' do
     ) }
   end
 
+  describe 'when overriding public_port' do
+
+    let :params do
+      {
+        :public_port => '80'
+      }
+    end
+
+    it { should contain_keystone_endpoint('RegionOne/swift').with(
+      :ensure       => 'present',
+      :public_url   => "http://127.0.0.1:80/v1/AUTH_%(tenant_id)s",
+      :admin_url    => "http://127.0.0.1:8080/",
+      :internal_url => "http://127.0.0.1:8080/v1/AUTH_%(tenant_id)s"
+    ) }
+
+    it { should contain_keystone_endpoint('RegionOne/swift_s3').with(
+      :ensure       => 'present',
+      :public_url   => 'http://127.0.0.1:80',
+      :admin_url    => 'http://127.0.0.1:8080',
+      :internal_url => 'http://127.0.0.1:8080'
+    ) }
+
+
+  end
+
+
   describe 'when overriding password' do
 
     let :params do