Hello, The next Octopus release should be there in 3-4 weeks. In Octopus, shadow users aren't created ((for federated oidc users). But we later realised that shadow users are needed to maintain user stats, hence the code for the same is under the process of being added as of now and should be available in Pacific release. We have also done away with the token introspection url in the latest code and have switched over to offline token validation using the IDP's certs since using token introspection url wouldn't scale well for multiple clients. There is a related Ceph Tech Talk here, that you can watch: https://www.youtube.com/watch?v=Lc32meILfNI&t=410s Thanks, Pritha On Mon, Oct 19, 2020 at 8:30 PM <technical@xxxxxxxxxxxxxxxxx> wrote: > Dear Pritha, thanks a lot for your feedback and apologies for missing your > comment about the backporting. Would you have a rough estimate on the next > Octopus release by any chance? > > On another note on the same subject, would you be able to give us some > feedback on how the users will be created in Ceph? (for example when we > used ldap, an ldap user used to be created in Ceph for "mapping", will it > be the same in this case) > > If we have multiple tenants (unique usernames "emails" in KeyCloak) how > will the introspect url's be defined for different tenants? > > Thanks in advance > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx > > _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |