Bug 1311462 - URL is required but missing out for KeystonePasswordIdentityProvider from doc, need to add "optional" for "keyFile"
URL is required but missing out for KeystonePasswordIdentityProvider from doc...
Status: NEW
Product: OpenShift Origin
Classification: Red Hat
Component: Documentation (Show other bugs)
3.x
Unspecified Unspecified
unspecified Severity medium
: ---
: ---
Assigned To: Vikram Goyal
Bilhar
Vikram Goyal
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-24 05:09 EST by XiaochuanWang
Modified: 2016-02-24 05:09 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description XiaochuanWang 2016-02-24 05:09:24 EST
Document URL: 
https://docs.openshift.org/latest/install_config/configuring_authentication.html#KeystonePasswordIdentityProvider

Section Number and Name: 
#KeystonePasswordIdentityProvider

Describe the issue: 
A url is required but missing out under "provider", please refer to as below.
Need to add "optional" for "keyFile: keystonekey.pem"

    provider:
      url: https://keystone.example.com:5000/v3 # Keystone auth endpoint URL

Suggestions for improvement: 

  identityProviders:
  - challenge: true     # When true, unauthenticated token requests from non-web clients (like the CLI) are sent a WWW-Authenticate challenge header for this provider.
    login: true         # When true, unauthenticated token requests from web clients (like the web console) are redirected to a login page backed by this provider.
    name: keystone_auth # This provider name is prefixed to the returned user ID to form an identity name.
    provider:
      apiVersion: v1
      url: https://keystone.example.com:5000/v3 # Keystone auth endpoint URL
      domainName: default      # Keystone domain name. In Keystone, usernames are domain-specific. Currently this IdP only supports a single domain at a time.
      kind: KeystonePasswordIdentityProvider
      ca: ca.pem               # Optional: Certificate bundle to use to validate server certificates for the configured URL.
      certFile: keystone.pem   # Optional: Client certificate to present when making requests to the configured URL.
      keyFile: keystonekey.pem # Key for the client certificate. Required if certFile is specified.

Note You need to log in before you can comment on or make changes to this bug.