[英]AuthZForce Security Level 2: Basic Authorization error “AZF domain not created for application”
We are trying to deploy our security layer (KeyRock, Wilma, AuthZForce) to protect our Orion instance. 我们正在尝试部署我们的安全层(KeyRock,Wilma,AuthZForce)来保护我们的Orion实例。
We are able to have security level 1 (authentication) with Keyrock and Wilma working, but when we try to insert AuthZForce to check the verb+resource authorization we get the error message: 我们能够在Keyrock和Wilma工作时获得安全级别1(身份验证),但是当我们尝试插入AuthZForce来检查动词+资源授权时,我们会收到错误消息:
AZF domain not created for application
未为应用程序创建AZF域
In the PEP Proxy User Guide , under "Level 2: Basic Authorization" section, it is stated that we have to configure the roles and permissions for the user in the application. 在“ PEP代理用户指南 ”的“级别2:基本授权”部分中,声明我们必须在应用程序中配置用户的角色和权限。 I have created my user and registered my application following the steps on the Fiware IdM User and Programmers Guide .
我按照Fiware IdM用户和程序员指南中的步骤创建了我的用户并注册了我的应用程序。 I also created an additional rule to match exactly the resource that I'm trying to GET to guarantee that there is no path mistake.
我还创建了一个额外的规则来完全匹配我正在尝试获取的资源,以保证没有路径错误。
I am also able to create domains as stated in the AuthZForce - Installation and Administration Guide but I don't know how to bind the Domain ID with user roles when creating them. 我也可以按照AuthZForce - 安装和管理指南中的说明创建域,但我不知道在创建域ID时如何将域ID与用户角色绑定。 I've searched in the IdM GUI and in the documentation but I couldn't find how to do it.
我在IdM GUI和文档中搜索过但我找不到怎么做。
So, how can I insert users/organizations/applications under a specific domain, and then have the security level 2? 那么,我如何在特定域下插入用户/组织/应用程序,然后具有安全级别2?
Update: 更新:
My Wima's config.js file has this section: 我的Wima的config.js文件包含以下部分:
...
config.azf = {
enabled: true,
host: 'authzforce',
port: 8080,
path: '/authzforce/domains/',
custom_policy: undefined
};
...
And my docker-compose.yml file is: 我的docker-compose.yml文件是:
pepwilma:
image: ging/fiware-pep-proxy
container_name: test_pepwilma
hostname: pepwilma
volumes:
- ./wilma/config.js:/opt/fiware-pep-proxy/config.js
links:
- idm
- authzforce
ports:
- "88:80"
idm:
image: fiware/idm
container_name: test_idm
links:
- authzforce
ports:
- "5000:5000"
- "8000:8000"
authzforce:
image: fiware/authzforce-ce-server
container_name: test_authzforce
hostname: authzforce
ports:
- "8080:8080"
是否由KeyRock或Wilma报告错误AZF域 ?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.