<VirtualHost *:{{ keystone_public_port }}> ServerName https://{{ kolla_ex

1. <VirtualHost *:{{ keystone_public_port }}>
2.  
3. ServerName https://{{ kolla_external_fqdn }}
4. WSGIScriptAliasMatch ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /usr/bin/keystone-wsgi-public/$1
5. <Location /v3>
6. MellonEnable "info"
7. MellonMergeEnvVars On ";"
8. MellonSPPrivateKeyFile /etc/httpd/saml2/mellon.key
9. MellonSPCertFile /etc/httpd/saml2/mellon.cert
10. MellonSPMetadataFile /etc/httpd/saml2/sp-metadata.xml
11. MellonIdPMetadataFile /etc/httpd/saml2/idp-metadata.xml
12. MellonEndpointPath /v3/OS-FEDERATION/identity_providers/{{ federation_identity_provider }}/protocols/saml2/auth/mellon
13. MellonIdP "IDP"
14. </Location>
15.  
16. <Location /v3/OS-FEDERATION/identity_providers/{{ federation_identity_provider }}/protocols/saml2/auth>
17. Require valid-user
18. AuthType Mellon
19. MellonEnable auth
20. </Location>
21.  
22. <Location /v3/auth/OS-FEDERATION/websso/saml2>
23. Require valid-user
24. AuthType Mellon
25. MellonEnable auth
26. </Location>
27.  
28. <Location /v3/auth/OS-FEDERATION/identity_providers/{{ federation_identity_provider }}/protocols/saml2/websso>
29. Require valid-user
30. AuthType Mellon
31. MellonEnable auth
32. </Location>
33.  
34. WSGIDaemonProcess keystone-public processes={{ openstack_service_workers }} threads=1 user=keystone group=keystone display-name=%{GROUP} python-path={{ python_path }}
35. WSGIProcessGroup keystone-public
36. WSGIScriptAlias / {{ binary_path }}/keystone-wsgi-public
37. WSGIApplicationGroup %{GLOBAL}
38. WSGIPassAuthorization On
39. <IfVersion >= 2.4>
40. ErrorLogFormat "%{cu}t %M"
41. </IfVersion>
42. ErrorLog "{{ keystone_log_dir }}/keystone-apache-public-error.log"
43. LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b %D \"%{Referer}i\" \"%{User-Agent}i\"" logformat
44. CustomLog "{{ keystone_log_dir }}/keystone-apache-public-access.log" logformat
45. </VirtualHost>