Details
-
Type: extRequest
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
HD-Enabler:AuthZForce
Description
Hi,
We have been recently trying your community edition product and we have
come to a point where we have been having difficulties getting a policy to
upload and to validate successfully using the Fiware Authzforce CE. Could
you please answer some questions which will guide us.
The use case we have is as follows:
GIVEN a customer
WHEN performing read
AND the resource-id (request attribute) ends with sub-resource-id (request
attribute)
THEN permit
In summary to this we would like to validate that a resource-id request
attribute (e.g. /campaigns?resourceId=abc123) ends with abc123 which also
comes from the request. We would like to do this in a way in which we can
compare two values from the request in our policy.
We have attempted to achieve this use case using a <Condition> which
compares two AttributeDesignators via the <Apply> function however this
does not work.
We receive an error:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><error xmlns:ns2="
http://authzforce.github.io/core/xmlns/pdp/6.0
<https://www.google.com/url?q=http://authzforce.github.io/core/xmlns/pdp/6.0&sa=D&source=hangouts&ust=1559404012504000&usg=AFQjCNGts_Pt79vKn2GYtMV7FmnbE_3YaQ>"><message>Failed
to find a root PolicySet with id = 'f8194af5-807-486a-9581-c1f05d05483c',
Version=4,EarliestVersion=,LatestVersion=: Matched PolicySet
'f8194af5-807-486a-9581-c1f05d05483c' (version 1) is invalid or its content
is unavailable</message></error>
When removing the condition block the policy uploads successfully.
Attached to this email is the policy which we have attempted to upload and
use.
We await your response
Many thanks,
–
Jason Marden
Software Engineer
[image: Smartology]
T: +44 (0) 203 021 2026
www.smartology.net | jason.marden@smartology.net | linkedin
<http://www.linkedin.com/company/2842285>
Metal Box Factory | 30 Great Guildford Street | London | SE1 0HS
Registered in England and Wales. Company registration No. 04597890
Confidentiality
This e-mail message and any attachments may contain confidential and /or
legally privileged information. It is intended for the addressee only and
if you are not the intended recipient you should not copy or use the
contents nor disclose them to anybody else. In such a case please notify
the sender by return e-mail immediately and delete this message and its
attachments together with all copies in whatever form.
Business Use
Copyright protection may exist in the text (and in any attachments) of this
email. These are reserved in their entirety by Smartology Ltd. Any views or
opinions expressed in this message (and any attachments) that do not relate
to the official business of Smartology Ltd are neither given nor endorsed
by it.
Viruses
This e-mail and any attachments has been checked for viruses but Smartology
Ltd accepts no responsibility for any viruses not revealed by such check
and in accordance with good computing practice recipients should ensure
that they are actually virus free.
__________________________________________________________________________________________
You can get more information about our cookies and privacy policies on the following links:
Fiware-tech-help mailing list
Fiware-tech-help@lists.fiware.org
To unsubscribe from Fiware-tech-help mailing list, go to the information page of the list at:
https://lists.fiware.org/listinfo/fiware-tech-help
[Created via e-mail received from: Jason Marden <jason.marden@smartology.net>]
Hi, a couple of questions :
1) Which version of AuthzForce Server do you have?
2) Could you check the server logs for more error info (e.g. stacktrace) that you could copy-paste here? Should be in /var/log/tomcat8/authzforce-ce/error.log.