Ask Your Question

WebSSO with Keystone IdP

asked 2015-06-26 04:36:23 -0500

vn14 gravatar image

updated 2015-06-26 04:37:33 -0500


I am trying to setup federation in keystone. After following (this) excellent article about K2k federation and keystone federation now working, I'm trying to make that Keystone IdP to be used to log in to Horizon.

Having followed (this), my setup is still unoperational, with the SP shibd.log complaining:

2015-06-26 11:05:00 WARN Shibboleth.SessionInitiator.SAML2 [11]: unable to locate compatible SSO service for provider (https://keystone.idp:5000/v3/OS-FEDERATION/saml2/idp)
2015-06-26 11:05:00 INFO Shibboleth.SessionInitiator.Shib1 [11]: unable to locate Shibboleth-aware identity provider role for provider (https://keystone.idp:5000/v3/OS-FEDERATION/saml2/idp)

I'm starting to doubt if the Keystone IdP can be used for federated WebSSO. Am I on the right path?

PS: (Here) is one more good article about the subject, except is being used as the IdP.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2020-02-19 20:08:10 -0500

Hello, I also encounter the issue and don't know how to solve this. Do you know how to solve this issue? If you know, please tell me. Thank you very much.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2015-06-26 04:36:23 -0500

Seen: 588 times

Last updated: Feb 19