yahoo-eng-team team mailing list archive

[OpenStack Infra <1724645@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.opendev.org/637305
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=bf67b3c88409d2f0b2086d363ed91394953d85ba
Submitter: Zuul
Branch:    master

commit bf67b3c88409d2f0b2086d363ed91394953d85ba
Author: erus <erudyn@xxxxxxxxxxxxxx>
Date:   Tue Feb 19 17:32:07 2019 -0300

    Add new attribute to the federation protocol API
    
    Modify the FederationProtocolModel class and add the
    remote_id_atributte to the federation_protocol table.
    Add the respective migration and tests files. And
    also modify the schema to expect a remote_id_attribute
    property.
    
    Closes-bug: #1724645
    
    Co-authored-by: Colleen Murphy<colleen@xxxxxxxxxxx>
    
    Change-Id: I9802c8a5c187bae16de89893ca8639b01cd7cb1b


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1724645

Title:
  remote_id_attribute config options prevents multiple protocol
  variations for Federation

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  In order to activate a protocol for Federation, you need SOME value
  for remote_id_attribute.  However , this is set once per protocol in
  the config file, not in the federated data.  Thus, if two different
  SAML  implementations both wanted to use different values for
  remote_id_attribute (DN vs CN for example) they could not.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1724645/+subscriptions