See earlier comment ** Changed in: python-keystoneclient Status: Triaged => Fix Released
** Changed in: keystone Status: Triaged => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1380779 Title: SAML protocol must always be called 'saml2' Status in OpenStack Identity (keystone): Fix Released Status in python-keystoneclient: Fix Released Bug description: In the v3unscopedsaml plugin in python-keystoneclient, the token url is built with "saml2" as the default protocol value. However, this value is a class property and isn't meant to be set at plugin instantiation : https://github.com/openstack/python- keystoneclient/blob/master/keystoneclient/contrib/auth/v3/saml2.py#L28 Therefore every auth token url should be of the form http://X.Y.Z.A:5000/v3/OS- FEDERATION/identity_providers/.*?/protocols/saml2/auth in order for the plugin to be usable out of the box. Short term fix: modify keystone's doc on federation so that administrators always create protocols called 'saml2'. This makes sense anyway, since SAML2 is used to authenticate and authorize the users. Long term fix: allow the protocol name to be an argument when instantiating the plugin. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1380779/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp