Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-2124

FIWARE.Request.Tech.Security.AuthorizationPDP.KeyRockIdMAttributeFinder2

        Details

        • HD-Chapter:
          Security
        • HD-Enabler:
          AuthZForce

          Description

          Hello Tran,
          I am currently checking that the attribute finder module works with the latest version of KeyRock running at:
          https://account.lab.fiware.org/home

          I'll send an example of configuration to you by Friday EOB.

          Be aware that this attribute finder works with the last R3 release of the GEi (v3.3.3 released 2014-03-31 to be accurate) deployed currently on the global instance (az.testbed.fi-ware.eu). But we do not plan to make it compatible with the new release 4.1 and later anymore. I am saying that in case you want to migrate to the new version. Indeed, starting with release 4.1, the preferred alternative is to rely on the PEP to get the user attributes from the Identity Manager (e.g. KeyRock), based on the token, and provide these attributes to the Authorization PDP (in XACML request) instead of the raw OAuth token. This is why the PEP Proxy reference implementation (Wilma, by UPM) will provide this feature in next release 4.2:
          http://catalogue.fi-ware.org/enablers/pep-proxy-wilma
          Maybe you are already using such proxy for authentication.

          Regards,
          Cyril

          > ----Message d'origine----
          > De : DANGERVILLE Cyril
          > Envoyé : jeudi 5 février 2015 18:36
          > À : Tran Quang Thanh
          > Objet : RE: Authorize PDP GE
          >
          > Dear Tran,
          > The FIWARE coordination team now requires that all requests for
          > technical support on GEs be submitted to the fiware-tech-help mailing
          > list. Can you re-submit your request to this address?
          > fiware-tech-help@lists.fi-ware.org
          >
          > Thank you,
          > Cyril
          >
          > –
          > Cyril DANGERVILLE, Thales Services
          > FIWARE Phase II / WP1.7 Security (WPA), T1.7.2 Identity & Access
          > Management (Contributor), Authorization PDP (ex-Access Control) GE
          > Owner
          >
          > > ----Message d'origine----
          > > De : Tran Quang Thanh thanh.quang.tran@fokus.fraunhofer.de
          > > Envoyé : mercredi 4 février 2015 14:02 À : DANGERVILLE Cyril Objet :
          > > Authorize PDP GE
          > >
          > > Dear Cyril Dangerville,
          > > My name is Tran Quang Thanh from TU-Berlin, Germany. I am now working
          > > in FI-PPP FI-STAR project.
          > > As far as I know, your attribute finder module can integrate with
          > > other IdM GE such as GCP.
          > > At this point in time, is it possible to use the open source KeyRock
          > > IdM GE ? and if yes could you please send us your current
          > > configuration with KeyRock.
          > > Thank you very much,
          > >
          > > Bests,
          > > Tran
          _______________________________________________
          Fiware-tech-help mailing list
          Fiware-tech-help@lists.fi-ware.org
          https://lists.fi-ware.org/listinfo/fiware-tech-help

            Issue Links

            is duplicated by

            extRequest - Request from external stakeholder received in the help desk HELP-2095 FIWARE.Request.Tech.Security.AuthorizationPDP.KeyRockIdMAttributeFinder

            • Major - Major loss of function.
            • Closed

              Activity

              Ascending order - Click to sort in descending order
              cdangerville Cyril Dangerville created issue -
              mev Manuel Escriche made changes -
              Field Original Value New Value
              Assignee Cyril Dangerville [ cyril.dangerville ]
              cdangerville Cyril Dangerville made changes -
              Link This issue is duplicated by HELP-2095 [ HELP-2095 ]
              cdangerville Cyril Dangerville made changes -
              Attachment attributeFinders.xml [ 13807 ]
              cdangerville Cyril Dangerville made changes -
              Status Open [ 1 ] In Progress [ 3 ]
              cdangerville Cyril Dangerville made changes -
              Status In Progress [ 3 ] Answered [ 10104 ]
              cdangerville Cyril Dangerville made changes -
              Fix Version/s Sprint 4.2.3 [ 10742 ]
              cdangerville Cyril Dangerville made changes -
              Link This issue is blocked by SEC-284 [ SEC-284 ]
              cdangerville Cyril Dangerville made changes -
              Resolution Done [ 10000 ]
              Status Answered [ 10104 ] Closed [ 6 ]
              mev Manuel Escriche made changes -
              Component/s FIWARE-TECH-HELP [ 10278 ]
              cdangerville Cyril Dangerville made changes -
              Summary Re: [Fiware-tech-help] Authorize PDP GE FIWARE.Request.Lab.Security.AuthorizationPDP.KeyRockIdMAttributeFinder2
              mev Manuel Escriche made changes -
              Summary FIWARE.Request.Lab.Security.AuthorizationPDP.KeyRockIdMAttributeFinder2 FIWARE.Request.Tech.Security.AuthorizationPDP.KeyRockIdMAttributeFinder2
              mev Manuel Escriche made changes -
              HD-Enabler AuthZForce [ 10887 ]
              HD-Chapter Security [ 10841 ]
              fla Fernando Lopez made changes -
              Fix Version/s 2021 [ 12600 ]

                People

                • Assignee:
                  cdangerville Cyril Dangerville
                  Reporter:
                  cdangerville Cyril Dangerville
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: