commit 64bce6b18a2a6e6b60bbbf1eee4600b6c87e2055
author Filip Pytloun <fpytloun@mirantis.com> Tue Mar 07 15:07:56 2017 +0000
committer Gerrit Code Review <gerrit2@8d47cb36f245> Tue Mar 07 15:07:56 2017 +0000
tree 30ff502da4a112c85b1fdea90ba1148b9075534a
parent c1bfdaddfcdd7167358602b970993c6361f89b63
parent 45e4d60fd2c56a686d81e0fda3d717dd36d64fb2

Merge "Add ability to specify ShibURLScheme"

README.rst

diff --git a/README.rst b/README.rst
index 3fde09f..bf5ceeb 100644
--- a/README.rst
+++ b/README.rst
@@ -321,6 +321,7 @@
           federation_driver: keystone.contrib.federation.backends.sql.Federation
           trusted_dashboard:
             - http://${_param:proxy_vip_address_public}/horizon/auth/websso/
+          shib_url_scheme: https
     apache:
       server:
         pkgs:

keystone/files/mitaka/wsgi-keystone.conf

diff --git a/keystone/files/mitaka/wsgi-keystone.conf b/keystone/files/mitaka/wsgi-keystone.conf
index 74a1c30..763672d 100644
--- a/keystone/files/mitaka/wsgi-keystone.conf
+++ b/keystone/files/mitaka/wsgi-keystone.conf
@@ -30,6 +30,9 @@
     </Directory>
 
     {% if server.websso is defined %}
+    {% if server.websso.shib_url_scheme is defined %}
+    ShibURLScheme {{ server.websso.shib_url_scheme }}
+    {%- endif %}
     WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /usr/bin/keystone-wsgi-public/$1
     <Location /Shibboleth.sso>
       SetHandler shib
@@ -83,6 +86,9 @@
     </Directory>
 
     {% if server.websso is defined %}
+    {% if server.websso.shib_url_scheme is defined %}
+    ShibURLScheme {{ server.websso.shib_url_scheme }}
+    {%- endif %}
     WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /usr/bin/keystone-wsgi-admin/$1
     <Location /Shibboleth.sso>
       SetHandler shib