openstack/openstack-ansible-os_keystone
Code Issues Proposed changes

Merge "Fix for fails to reload httpd due to unsupported OIDCXForwardedHeaders"

Browse Source
This commit is contained in:
Zuul
2025-09-26 14:19:27 +00:00
committed by Gerrit Code Review
parent a4b29ebf65 9852f644f7
commit 29efb7c6a2
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
vars/redhat.yml
View File

@@ -39,7 +39,9 @@ keystone_idp_distro_packages:
- xmlsec1
# From 2.4.11, mod_auth_openidc ignores X-Forwarded headers unless explicitly configured
_keystone_sp_apache_mod_auth_openidc_gte_2_4_11: true
# In Rocky Linux 9, max. version is mod_auth_openidc-2.4.10-*, in Rocky Linux 10 is mod_auth_openidc-2.4.15-*
_keystone_sp_apache_mod_auth_openidc_gte_2_4_11: >-
{{ (ansible_facts['distribution'] == 'Rocky' and ansible_facts['distribution_major_version'] == '9') | ternary(false, true) }}
keystone_sp_apache_mod_packages:
- name: shibboleth