AbfabInstall
Setup Abfab
Configure Apache HTTPD for mod_moonshot
This section presents the steps that are necessary in order to get authenticated using ABFAB federation protocol on Openstack.
1. Follow the steps outlined at: Running Keystone in HTTPD.
2. Click on the links below for instructions on how to install it. mod_moonshot (aka mod_auth_gssapi) is compatible with Apache HTTPD server v2.22, which can be installed on the following Linux flavours.
- Ubuntu 12.04
- Ubuntu 14.04
- RedHat Enterprise Linux 6 / CentOS 6 / SE Linux 6
3. Configure mod_moonshot to connect to an ABFAB compatible server.
4. mod_moonshot also needs Shibboleth service configuration files located in /etc/shibboleth.
On RHEL, CentOS or SE Linux distributions, shibd is installed with moonshot libraries, so the files just need to be configured.
On Ubuntu 12.04 or 14.04, you need to install mod_shib installed, and disable it.
apt-get install mod_shib a2dismod shib2
5. In the keystone Apache site file, locate the virtual host entry and add the following entries for OpenID Connect:
<VirtualHost *:5000> ... <LocationMatch /v3/OS-FEDERATION/identity_providers/*?/protocols/abfab/auth> AuthType Negotiate Require valid-user </LocationMatch> </VirtualHost>
6. Restart apache.
# service apache2 restart