WebSSO support
* WebSSO support
* Run keystone under apache2
* Remove trailing whitespaces
Change-Id: I7ccd9dbf57571a03471bb06c961079f4bd099ff8
diff --git a/README.rst b/README.rst
index 54e3480..ff64b7b 100644
--- a/README.rst
+++ b/README.rst
@@ -21,7 +21,7 @@
Sample pillars
==============
-.. caution::
+.. caution::
When you use localhost as your database host (keystone:server:
atabase:host), sqlalchemy will try to connect to /var/run/mysql/
@@ -270,6 +270,47 @@
notification: true
notification_format: cadf
+Run keystone under Apache
+
+.. code-block:: yaml
+
+ keystone:
+ server:
+ service_name: apache2
+ apache:
+ server:
+ enabled: true
+ default_mpm: event
+ site:
+ keystone:
+ enabled: true
+ type: keystone
+ name: wsgi
+ host:
+ name: ${linux:network:fqdn}
+ modules:
+ - wsgi
+
+Enable Federated keystone
+
+.. code-block:: yaml
+
+ keystone:
+ server:
+ websso:
+ protocol: saml2
+ remote_id_attribute: Shib-Identity-Provider
+ federation_driver: keystone.contrib.federation.backends.sql.Federation
+ trusted_dashboard:
+ - http://${_param:proxy_vip_address_public}/horizon/auth/websso/
+ apache:
+ server:
+ pkgs:
+ - apache2
+ - libapache2-mod-shib2
+ modules:
+ - wsgi
+ - shib2
Keystone client
---------------