Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-16772

[fiware-askbot] Access control & Orion context broker



      Created question in FIWARE Q/A platform on 26-05-2020 at 08:05
      Please, ANSWER this question AT https://ask.fiware.org/question/1157/access-control-orion-context-broker/

      Access control & Orion context broker

      I deployed a platform with the following modules:

      Context Broker (Orion)
      Fiware IDM (Keyrock)
      PEP Proxy (Wilma)

      So any authenticated user can access the context broker, it's level 1.


      Now I need that a user (or user group) must be authorized to access some entities.

      Considering this example entity:
      Service: Test
      Service-Path: /Test/Demo
      Entity-Id: test-entity
      Type: Device

      This entity should be accessible only by users Bob and Alice (belonging to the testers group).
      If I understood correctly, this is level 2.


      The problem is that I have been browsing the web for many hours without finding anything about it (I may not have used the right keywords).
      The module to use for this is probably AuthZForce, but that I don't understand how to use it with the context broker, I can't find any concrete example.

      Could you confirm for me whether I should use AuthZForce to accomplish this, and give me some examples on how to configure these rules for accessing the context broker?

      Thank you


        backlogmanager Backlog Manager created issue -
        backlogmanager Backlog Manager added a comment -

        2020-06-08 10:12|CREATED monitor | # answers= 0, accepted answer= False

        backlogmanager Backlog Manager added a comment - 2020-06-08 10:12|CREATED monitor | # answers= 0, accepted answer= False
        fla Fernando Lopez made changes -
        Field Original Value New Value
        Assignee Fernando Lopez [ fla ]
        fla Fernando Lopez made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        fla Fernando Lopez made changes -
        Status In Progress [ 3 ] Impeded [ 10004 ]
        fla Fernando Lopez made changes -
        Status Impeded [ 10004 ] In Progress [ 3 ]
        fla Fernando Lopez made changes -
        Status In Progress [ 3 ] Answered [ 10104 ]
        fla Fernando Lopez made changes -
        Resolution Done [ 10000 ]
        Status Answered [ 10104 ] Closed [ 6 ]
        fla Fernando Lopez made changes -
        Fix Version/s 2021 [ 12600 ]
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open In Progress In Progress
        6d 23h 1 Fernando Lopez 15/Jun/20 9:12 AM
        In Progress In Progress Impeded Impeded
        1s 1 Fernando Lopez 15/Jun/20 9:13 AM
        Impeded Impeded In Progress In Progress
        2s 1 Fernando Lopez 15/Jun/20 9:13 AM
        In Progress In Progress Answered Answered
        1s 1 Fernando Lopez 15/Jun/20 9:13 AM
        Answered Answered Closed Closed
        36d 7h 15m 1 Fernando Lopez 21/Jul/20 4:28 PM


          • Assignee:
            fla Fernando Lopez
            backlogmanager Backlog Manager
          • Votes:
            0 Vote for this issue
            1 Start watching this issue


            • Created: