Red Hat Single Sign-On (RH SSO) authentication for RHEV Manager presented with error "OpenID Connect Provider error: Remove user could not be set: contact the website administrator."
Environment
- Red Hat Virtualization Manager 4.5
- Red Hat Single Sign-On 7.5.2.GA
Issue
-
Followed the instruction that are documented in the Administration Guide to configure RH SSO for authentication to the Red Hat Virtualization Manager
-
After getting re-directed to Red Hat Single Sign-On, the following error is presented when username and password are entered.
OpenID Connect Provider error: Remove user could not be set: contact the website administrator.
Resolution
- The /etc/httpd/conf.d/ovirt-openidc.conf contained a IDM username and password.
OIDCRemoteUserClaim SOME_IDM_USER
OIDCCryptoPassphrase SOME_IDM_USER_PASSWORD
- The OIDCRemoteUserClaim and OIDCCryptoPassphrase in the file /etc/httpd/conf.d/ovirt-openidc.conf needs to be the following
OIDCRemoteUserClaim preferred_username
OIDCCryptoPassphrase random1234
- Restart httpd and ovirt-engine services after the change.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments