I recently had to build a solution to use OpenAM to deliver SSO tokens to Openstack REST clients. The constraints were to deliver a single OpenAM token in Json format to the REST clients, and enable them to access Openstack resources.
Since OpenAM has no authentication module to use a Keystone server as the authentication source, we decided to setup an OpenIG gateway between the REST clients, OpenAM and the Keystone server.
The following diagram illustrates the authentication process:
Next time, I’ll show you subsequent requests as well as the corresponding OpenIG configuration.