Hi Marek,
Thanks for your replies.
Juts one remark: the IdP(Shibboleth) and the SP(Keystone) are installed
on the same machine (all-in-one) .
Here is the error I get when trying to access the Session or something else
* _*https://10.192.228.82/Shibboleth.sso/Login*_
opensaml::saml2md::MetadataException
The system encountered an error at Fri Apr 17 11:12:58 2015
To report this problem, please contact the site administrator
atroot@localhost
<https://mail.google.com/mail/?view=cm&fs=1&tf=1&to=root@localhost>.
Please include the following message in any email:
opensaml::saml2md::MetadataException at
(https://myshost/Shibboleth.sso/Login)
Unable to locate metadata for identity provider
(https://myshost/idp/shibboleth)
But I successfully can fetch the metadata file using the following
URL: https://myshost/Shibboleth.sso/Metadata
_*
*_
* _*https://myshost/Shibboleth.sso/Session*_
A valid session was not found.
* _*https://myshost/Shibboleth.sso/scure*_
shibsp::ConfigurationException
The system encountered an error at Fri Apr 17 11:16:32 2015
To report this problem, please contact the site administrator
atroot@localhost
<https://mail.google.com/mail/?view=cm&fs=1&tf=1&to=root@localhost>.
Please include the following message in any email:
shibsp::ConfigurationException at (https://myshost/Shibboleth.sso/secure)
Shibboleth handler invoked at an unconfigured location.
Anyway I will retry the Shibboleth setup using steps from testshib.org
webpage.
Thanks and regards
Alexis
Le 17/04/2015 03:50, Marek Denis a écrit :
On 16.04.2015 11:26, Alexis KOALLA wrote:
HI Marek,
Thanks for your reply.
Here are the two uses cases I want to test
OS: Ubuntu 14.04 LTS/ Openstack Juno
Use Case # 1: . I aim to test an OS-FEDERATION where a Keystone is
acting as a Service Provider(Ks-SP) and a Shibboleth installation
that is acting as an Identity Provider(IdP) .
When a user authentication is issued on the
Ks-SP then the Ks-SP asks the IdP(Shibboleth) to identifty this user.
Once the user is correctly identified then a
token is generated by the Ks-SP. I tried to configure the shibboleth
by following the tutos from openstack website but I still have issue
with the metadata on the Service Provider.
Any advice or idea is welcome. I am sure
there is something I 'm doing bad but where:-(
I still don't know what exactly is wrong with your Metadata (apart
from the fact that *something* is wrong).
I suspect you are having some problems with proper configuration of
your Apache + mod_shib.
You can always see whether your Service Provider works by trying
simple (and relatively well documented) setup: http://testshib.org
Use Case # 2: The second step will be testing a Keystone2Keystone
authentication. One Keystone acting as an Identity Provider(Ks-IdP)
and the another one acting as a Service Provider(Ks-SP). But for this
purpose
as I understood using Keystone as an IdP is not possible before the
Kilo version. But this use case is not urgent for the moment.
--
logo Orange <http://www.orange.com/>
*Alexis KOALLA*
Orange/IMT/OLPS/ASE/DAPI/CSE
Spécialiste en Technologies/Cloud Storage Services & Plateformes
Specialist in Technologies/Cloud Storage Services & Platforms
Tel :+33(0) 299 124 939 / +33 670 698 929
alexis.koa...@orange.com <mailto:alexis.koa...@orange.com>
_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
