[英]Using Global Instance of Keystone
Is it possible to use the Global Instance of Keystone to retrieve registered user profile info? 是否可以使用Keystone的全局实例来检索注册的用户配置文件信息?
According to these references: https://github.com/telefonicaid/fiware-pep-steelskin#keystone and Keystone create user and permissions by api , it seems possible if I wish to install an instance by my own. 根据这些引用: https : //github.com/telefonicaid/fiware-pep-steelskin#keystone和Keystone通过api创建用户和权限 ,如果我希望自己安装一个实例,似乎是可能的。 However, what if I wish to use the Global Instance, instead. 但是,如果我希望使用全局实例,那该怎么办呢? Is it possible? 可能吗?
For example, I have tested te retrieve some data as indicated below without success: 例如,我测试了如下所示检索一些数据但没有成功:
curl -s -H "X-Auth-Token:cXylpiNyh74V6J9YOlqN2GTzYSmGQa" http://cloud.lab.fiware.org:4730/v2.0/tokens | python -mjson.tool
curl -s -H "X-Auth-Token:cXylpiNyh74V6J9YOlqN2GTzYSmGQa" http://cloud.lab.fiware.org:4730/v3/users/ | python -mjson.tool
curl http://cloud.lab.fiware.org:4730/v3/auth/tokens -H "Content-Type: application/json" -d ' { "auth": { "identity": { "methods": [ "password" ], "password": { "user": { "domain": { "name": "matest" }, "name": "pep_proxy_99c59...", "password": "e3025a286dab..." } } } } }'
Note: I have tried both port: 5000
and 4730
. 注意:我尝试过两个端口: 5000
和4730
。
Any hint will be appreciated. 任何提示将不胜感激。
Users doesn't have permissions to see other users information or to create new users using the API. 用户无权查看其他用户信息或使用API创建新用户。
However, you can issue tokens from the global keystone using both v2.0 and v3 protocols: 但是,您可以使用v2.0和v3协议从全局keystone发出令牌:
curl -X POST http://130.206.84.8:4730/v2.0/tokens \
-H 'Content-Type: application/json' \
-d "{\"auth\": {\"tenantName\": \"${OS_TENANT_NAME}\",
\"passwordCredentials\": {
\"username\": \"$OS_USERNAME\",
\"password\": \"$OS_PASSWORD\"}}}" | \
jq -r '.access.token.id'
Or issue a token in v3: 或者在v3中发出令牌:
curl -v -H "Content-Type: application/json" -d "
{ \"auth\": {
\"identity\": {
\"methods\": [\"password\"],
\"password\": {
\"user\": {
\"name\": \"$OS_USERNAME\",
\"domain\": { \"id\": \"default\" },
\"password\": \"$OS_PASSWORD\"
}
}
}
}
}" http://cloud.lab.fiware.org:4730/v3/auth/tokens 2>&1 \
| grep -i "X-Subject-Token"
There are few things you can do with Keystone itself using these tokens if you are not the admin user (Non admin users obviously have few permissions). 如果您不是管理员用户,那么使用这些令牌可以使用Keystone本身做的事情很少(非管理员用户显然拥有很少的权限)。 However, you coud, for instance query the endpoints: 但是,您可以查询端点:
curl -s -H "X-Auth-Token: $TOKEN_ID" http://130.206.84.8:4730/v3/endpoints
The domains: 域名:
curl -s -H "X-Auth-Token: $TOKEN_ID" http://130.206.84.8:4730/v3/domains
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.