stackoom
  简体   繁体   中英

AuthZForce Security Level 2: Basic Authorization error “AZF domain not created for application”

 原文  2016-04-13 18:37:13       fiware/ fiware-wilma/ authzforce

Question

We are trying to deploy our security layer (KeyRock, Wilma, AuthZForce) to protect our Orion instance.

We are able to have security level 1 (authentication) with Keyrock and Wilma working, but when we try to insert AuthZForce to check the verb+resource authorization we get the error message:

AZF domain not created for application

In the PEP Proxy User Guide , under "Level 2: Basic Authorization" section, it is stated that we have to configure the roles and permissions for the user in the application. I have created my user and registered my application following the steps on the Fiware IdM User and Programmers Guide . I also created an additional rule to match exactly the resource that I'm trying to GET to guarantee that there is no path mistake.

I am also able to create domains as stated in the AuthZForce - Installation and Administration Guide but I don't know how to bind the Domain ID with user roles when creating them. I've searched in the IdM GUI and in the documentation but I couldn't find how to do it.

So, how can I insert users/organizations/applications under a specific domain, and then have the security level 2?

Update:

My Wima's config.js file has this section: 

...
config.azf = {
    enabled: true,
    host: 'authzforce',
    port: 8080,
    path: '/authzforce/domains/',
    custom_policy: undefined
};
...

And my docker-compose.yml file is: 

pepwilma:
    image: ging/fiware-pep-proxy
    container_name: test_pepwilma
    hostname: pepwilma
    volumes:
        - ./wilma/config.js:/opt/fiware-pep-proxy/config.js
    links:
        - idm
        - authzforce
    ports:
        - "88:80"
idm:
    image: fiware/idm
    container_name: test_idm
    links:
        - authzforce
    ports:
        - "5000:5000"
        - "8000:8000"
authzforce:
    image: fiware/authzforce-ce-server
    container_name: test_authzforce
    hostname: authzforce
    ports:
      - "8080:8080"

1 answers

solution1
 0  2016-04-18 08:44:10

是否由KeyRock或Wilma报告错误AZF域

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Fiware AuthZForce error: “AZF domain not created for application” “AZF domain not created for application” AuthZforce Problems creating a domain in Fiware AuthZforce Authorization Server Can I change the 'app_azf_domain' in access token provided by Horizon? FIWARE AuthZForce 5.4.1 is not installing Authzforce does not store policies? AuthZForce FIWARE in Cosmos AuthzForce failed update policies AuthZforce use without fiware enablers What does the magic key do in Wilma and AZF?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM