puppet-keystone

Configuration used to manage multiple openidc provider

Registered by Valantin

In our infrastructure, we support multiple providers from various federations to which we are connected.

Currently, we implement this configuration using local modifications. This requires a modified local version of puppet-keystone with an openidc.conf.erb modification and a custom module with a concat::fragment to provide the necessary configuration.

The goal is to import our code into the main repository to stay up-to-date with module development without having to backport our changes every time.

For multiple OpenID providers, Apache mod_openidc requires different configurations for metadata.

The code provides the file structure and configuration needed to implement multiple providers in the Keystone federation.

There are two ways to achieve this: one is to implement a separate class to manage multiple OpenID configurations, and the other is to implement the switch from single or multiple providers using only parameter types and conditions.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Valantin
Direction:
Needs approval
Assignee:
Valantin
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.