Horizon should support an additional configurable Keystone URL for WebSSO authentication
Summary
=======
Horizon needs to support an additional Keystone URL configuration for WebSSO authentication for cases when the configured OPENSTACK_
Motivation
==========
Currently a user can set the Keystone url that Horizon will use for authenticating the user. Production deployments might have that URL set to internal Keystone endpoint for security reasons. In that case the WebSSO authentication will not work because the IDP could sit in another network and the communication with the internal keystone endpoint is impossible. Adding an additional WebSSO Keystone URL configuration will enable users to set a public Keystone URL that can be used for WebSSO authentication.
Description
=========
First we need to add an additional configuration setting OPENSTACK_
This value will be used by django_
UX
===
The end user experience should be unaffected other than optionally setting an additional configuration in local/local_
Wireframes, Mocks, Videos and UI Markup
-------
N/A
Testing
======
In order to test this change, local/local_
WEBSSO_ENABLED set to True.
Outside Dependencies
=======
django_
Requirements Update Required
=======
Requirement to release and update version of django_
Doc Impact
=========
The doc impact of this change will be documenting the new configuration setting OPENSTACK_
Blueprint information
- Status:
- Complete
- Approver:
- David Lyle
- Priority:
- Undefined
- Drafter:
- Roxana Gherle
- Direction:
- Needs approval
- Assignee:
- Roxana Gherle
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
- Cindy Lu
Related branches
Related bugs
Sprints
Whiteboard
***** 10.28.2016 [clu_] Filed as bug. Closing out.
I'm going to file this as a bug. django-