Feature request: Local Credential Mapping for Keystone-VOMS
Created by: A1ve5
The idea is to implement a feature like LCMAPS [1] on Keystone-voms.
Some OpenStack sites, that rely on a central user management system, are not willing to integrate on the fly VO users into their internal Directory. A local pool account system could be used, as in Grid [2], to do the mapping between user's DN and pre-allocated local accounts. i.e.: "/DC=org/DC=terena/DC=tcs/C=FI/O=CSC/CN=Luis Alves lalves @ csc.fi" fedcloud001
A LCMAPS enabled Keystone-voms could solve this issue.
Please let me know if any further information or clarification is needed.
TIA, Luís Alves
[1] - https://wiki.nikhef.nl/grid/LCMAPS [2] - http://www.gridsite.org/gridmapdir/