Created question in FIWARE Q/A platform on 10-11-2017 at 12:11
Please, ANSWER this question AT https://stackoverflow.com/questions/47221594/securing-short-term-history-sth-aka-comet-with-fiware-pep-steelskin

Question:
Securing Short-term-history (STH, aka. comet) with FIWARE-PEP-STEELSKIN

Description:
I'm struggling around FIWARE Short Time Historic (STH, aka. Comet) securization by using Steelskin, the additional GEi of PEP Proxy GE (https://github.com/telefonicaid/fiware-pep-steelskin).

We finally came up with a configuration that perfectly works with orion and perseo but it does not propertly handle STH calls. It returns:

{
"name": "ACCESS_DENIED",
"message": "The user does not have the appropriate permissions to access the selected action"
}

But it perfectly handle orion calls with given token. Has anyone a working configuration on docker-compose schema?

Our PEP frontend looks like:

pep-sth-fe:
#image: telefonicaiot/fiware-pep-steelskin:latest
build: ./fiware-pep-steelskin
links:

• sth
• keystone
• keypass
  ports:
• "8666:8666"
• "11213:11211"
  environment:
• COMPONENT_PLUGIN=rest
• TARGET_HOST=sth
• TARGET_PORT=8666
• PROXY_USERNAME=pep
• PROXY_PASSWORD=XXXXXXXX
• ACCESS_HOST=keypass
• ACCESS_PORT=7070
• AUTHENTICATION_HOST=keystone
• AUTHENTICATION_PORT=5001

According to: https://github.com/telefonicaid/fiware-pep-steelskin/blob/master/errorcodes.md

It might be a keypass configuration issue. Creating and assigning an authorised role to allow queries on pep proxied sth?

Thanks in advance for your help.

Bests!