From e120ac341af96aba4bd3a8bd6d4ba9c9d56ee2d3 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Mon, 28 Nov 2016 16:03:51 -0800 Subject: [PATCH] SAML federation docs refer to old WSGIScriptAlias Some time ago, the default WSGIScriptAlias was changed from /var/www/keystone/main to /usr/local/bin/keystone-wsgi-public and /usr/local/bin/keystone-wsgi-admin. The federation docs still referred to /var/www/keystone/main which won't work in default configuration of keystone within apache. Change-Id: Ib9c059d30c12e982a6b0b5b7fcbca6da650650ba --- doc/source/federation/mellon.rst | 4 ++-- doc/source/federation/shibboleth.rst | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/source/federation/mellon.rst b/doc/source/federation/mellon.rst index 3762461763..458c0c6569 100644 --- a/doc/source/federation/mellon.rst +++ b/doc/source/federation/mellon.rst @@ -31,9 +31,9 @@ You'll also need to install the Apache module `mod_auth_mellon Configure your Keystone virtual host and adjust the config to properly handle SAML2 workflow: -Add *WSGIScriptAlias* directive to your vhost configuration:: +Add this *WSGIScriptAlias* directive to your public vhost configuration:: - WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /var/www/keystone/main/$1 + WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /usr/local/bin/keystone-wsgi-public/$1 Make sure the *wsgi-keystone.conf* contains a ** directive for the Mellon module and a ** directive for each identity provider diff --git a/doc/source/federation/shibboleth.rst b/doc/source/federation/shibboleth.rst index 045e12ecd0..21311c2d44 100644 --- a/doc/source/federation/shibboleth.rst +++ b/doc/source/federation/shibboleth.rst @@ -31,9 +31,9 @@ example: Configure your Keystone virtual host and adjust the config to properly handle SAML2 workflow: -Add *WSGIScriptAlias* directive to your vhost configuration:: +Add this *WSGIScriptAlias* directive to your public vhost configuration:: - WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /var/www/keystone/main/$1 + WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /usr/local/bin/keystone-wsgi-public/$1 Make sure the *keystone.conf* vhost file contains a ** directive for the Shibboleth module and a ** directive for each identity provider::