如何使用 OAuth2SAMLBearerAssertion 将 Neo SCP 中的目的地设置为 Cloud Foundry 服务?
[英]How to setup destination in Neo SCP to Cloud Foundry service using OAuth2SAMLBearerAssertion?
问题描述
I want to consume a CF service in my Neo SCP, using a destination with OAuthSAMLBearerAssertion.
我想在我的 Neo SCP 中使用 CF 服务,使用带有 OAuthSAMLBearerAssertion 的目的地。
But every time I check for the service in WebIDE, I get error 500.但是每次我在 WebIDE 中检查服务时,都会收到错误 500。
Here is my destination:这是我的目的地:
#clientKey= Client-ID of your OAuth client
--> you will get the clientid from environment variables in CF:
--> xsuaa --> credentials --> clientid
#tokenServicePassword= Client secret of your OAuth client
--> you will get the clientsecret from environment variables in CF:
--> xsuaa --> credentials --> clientsecret
#Tue May 21 07:02:37 UTC 2019
Description=CF HANA OData Service
Type=HTTP
TrustAll=true
audience=xyz.aws-live-eu10 (=EntityID out of the SAML metadata)
Authentication=OAuth2SAMLBearerAssertion
WebIDEUsage=odata_gen
Name=cf_xyz_odata_auth
WebIDEEnabled=true
tokenServiceURL=https\://xyz.authentication.eu10.hana.ondemand.com/oauth/token/alias/xyz.aws-live-eu10 (= Token URL out of the SAML metadata)
URL=https\://backend.cfapps.eu10.hana.ondemand.com
ProxyType=Internet
tokenServiceURLType=Dedicated
tokenServiceUser= same as client key
WebIDESystem=CF
Any ideas?有任何想法吗?
1 个解决方案
解决方案1
5 2019-06-03 07:37:49
Fixed it:修复:
Problem was that I did had to give the Neo-Account as "allowed provider" in the oauth2-configuration in the xs-security.json and delete/re-start the xsuaa service instance.问题是我确实不得不在 xs-security.json 的 oauth2-configuration 中将 Neo-Account 作为“允许的提供者”并删除/重新启动 xsuaa 服务实例。
"oauth2-configuration": { “oauth2 配置”:{
"token-validity": 900,
"refresh-token-validity": 1800,
"autoapprove": "true",
"allowedproviders": ["..."],
"grant-types": ["refresh_token", "urn:ietf:params:oauth:grant-type:saml2-bearer", "password", "authorization_code"]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.