堆栈内存溢出
  简体   繁体   English

Fiware:使用IDM和PEP代理设置AuthZForce

[英]Fiware: Setting up AuthZForce with idm and pep proxy

 原文  2015-11-12 16:27:14       proxy/ fiware

问题描述

I have configured PEP proxy GE and IDM GE, and now Basic authentication works great. 我已经配置了PEP代理GE和IDM GE,现在基本身份验证效果很好。 Now i want to set up Level 2:Basic authorization system with http verb and resource path checking, and for that i need AuthZForce GE. 现在,我想设置带有HTTP动词和资源路径检查的Level 2:基本授权系统,为此,我需要AuthZForce GE。 I installed AuthZForce on same server as IDM, created default domain on authZforce with id 562285a1-8950-11e5-980f-6bf3c4dac98a and configured pep proxy config.js file 我在与IDM相同的服务器上安装了AuthZForce,在authZforce上创建了ID为562285a1-8950-11e5-980f-6bf3c4dac98a的默认域,并配置了pep代理config.js文件 

config.pep_port = 80;
config.account_host = 'https://192.168.4.180';

config.keystone_host = '192.168.4.180';
config.keystone_port = 5000;

config.app_host = 'localhost';
config.app_port = '8000';

config.azf = {
enabled: true,
host: '192.168.4.180',
port: 8080,
path: '/authzforce/domains/562285a1-8950-11e5-980f-6bf3c4dac98a/pdp'
};

And now when i try to access to some page via curl: 现在,当我尝试通过curl访问某些页面时: 

sudo curl -H "X-Auth-Token: vPTru5ikuyLcxf6ujV23V3l4GFNpF5" http://localhost/home/login/

I get this error in the client: 我在客户端收到此错误: 

Error in AZF communication

And this error on pep proxy: 和pep代理上的此错误: 

2015-11-12 17:09:13.040  - INFO: IDM-Client - Checking token with IDM...
2015-11-12 17:09:13.086  - INFO: AZF-Client - Checking auth with AZF...
2015-11-12 17:09:13.087  - INFO: AZF-Client - Checking authorization to roles [ '4806909eb4b646c7a1f11ad9f9ed53ed',
  '09dc1bdba42c48de9e15e88816284cbc',
  '5786623590bc4f3ab01c61733a13ee6d',
  'e3fe52a0c6c34fe395bb087f42d1cc72',
  '44151592f3814929a59d1c1e7022a0bb' ] to do  GET  on  home/login/
 and app  aea8f4a70b87422cb48068db9f0c6aea
2015-11-12 17:09:13.117  - ERROR: Root - Error in AZF communication  
Error: 139773139036032:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:
unknown protocol:s23_clnt.c:795:

PEP Proxy is running on port 80 and IDM is running on 443 port. PEP代理在端口80上运行,而IDM在443端口上运行。

What could be a problem? 可能是什么问题? Should all these services be delivered via https or is that irrelevant? 所有这些服务都应该通过https交付还是无关紧要?

1 个解决方案

解决方案1
 0  2016-11-14 11:29:27

If you use the latest version of the PEP proxy, v5.4 as of now, you can work around this issue by disabling https for the connection to AuthzForce in the config.js file: you set the config.azf.protocol to http instead of https : 如果您使用最新版本的PEP代理v5.4(截至目前),则可以通过在config.js文件中禁用https来连接AuthzForce的方法来解决此问题:您可以将config.azf.protocol设置为httphttps 

config.azf = {
    enabled: true,
    protocol: 'http',
    host: '192.168.4.180',
    port: 8080,
    custom_policy: undefined 
};

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用IdM Keyrock和Wilma PEP代理正确配置IoT传感器以获得身份验证和授权 - How to properly configure IoT sensors in order to gain authentication and authorization using IdM Keyrock and Wilma PEP Proxy 设置代理服务器 - Setting up a proxy server 使用身份验证设置Apache代理 - Setting up an Apache Proxy with Authentication 为XMLHttpRequests设置ColdFusion代理 - setting up a ColdFusion proxy for XMLHttpRequests 使用Python使用ftp设置代理 - Setting up proxy with ftp with Python 为HTTP客户端设置代理 - Setting up proxy for HTTP client 通过代理设置cookie - Setting up a cookie via proxy 在 iPhone 上设置代理服务器 - Setting up proxy server on iPhone 使用Python3设置代理 - Setting up Proxy with Python3 使用Selenium / Python设置代理 - Setting up proxy with selenium / python
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM