Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-2865

FIWARE.Request.Tech.Security.AuthorizationPDP.IdmManagedResourcesLinkToAuthzforceTargetResources

    Details

    • Type: extRequest
    • Status: Closed
    • Resolution: Done
    • Fix Version/s: 2021
    • Component/s: FIWARE-TECH-HELP
    • Labels:
      None

      Description

      Hi,

      My name is Ra�l and I am working at the University of Vigo as a researcher.

      I want to implement a system of authentication proxy PEP, IdM and
      Authzforce based on the following diagram:

      [image: Im�genes integradas 1]

      Besides, I need to implement REST calls to allow me access to resources
      through two different services. How do I associate my service resources to
      understandable AUTHZFORCE resources? Where I can find the REST API which
      contains in the parameters of these REST calls?

      ?Best regards,

      Ra�l Blanco.

      _______________________________________________
      Fiware-tech-help mailing list
      Fiware-tech-help@lists.fi-ware.org
      https://lists.fi-ware.org/listinfo/fiware-tech-help

      [Created via e-mail received from: =?UTF-8?B?UmHDumwgQmxhbmNv?= <rulgudi@gmail.com>]

      1. screenshot-1.png
        140 kB
      2. screenshot-2.png
        51 kB
      3. screenshot-3.png
        50 kB
      4. screenshot-4.png
        139 kB

        Activity

        Hide
        cdangerville Cyril Dangerville added a comment - - edited

        Hello Manuel,
        I am missing the attached diagram of the original mail. Any chance to get it?

        [image: Im�genes integradas 1] ?

        Show
        cdangerville Cyril Dangerville added a comment - - edited Hello Manuel, I am missing the attached diagram of the original mail. Any chance to get it? [image: Im�genes integradas 1] ?
        Hide
        mev Manuel Escriche added a comment -

        Hello Cyril,
        Screenshots recovered!

        Show
        mev Manuel Escriche added a comment - Hello Cyril, Screenshots recovered!
        Hide
        cdangerville Cyril Dangerville added a comment -

        Thanks. Answer sent to rulgudi (AT) gmail (DOT) com:

        I suggest you have a look at the development guide to get started securing your REST services:
        http://www.fiware.org/devguides/handling-authorization-and-access-control-to-apis/

        This will help you implement the authentication for your apps first, before you deal with authorization. After following the guide, your applications should be registered and identified in the IDM for this to work. And you can define the access control policy with the GUI in the IdM. The policy is then pushed to the Authorization PDP. Then, the PEP proxy for your service should be configured with the IdM URL to validate tokens and retrieve user/resource info from there as well. Then the PEP will send an authorization request to the Authorization PDP (Authzforce) using the API described here:
        http://catalogue.fiware.org/enablers/authorization-pdp-authzforce/documentation (User and Programmers Guide)

        I put the IdM/PEP proxy owner (Alvaro) in CC if you need more info on these.

        Regards,
        Cyril

        Show
        cdangerville Cyril Dangerville added a comment - Thanks. Answer sent to rulgudi (AT) gmail (DOT) com: I suggest you have a look at the development guide to get started securing your REST services: http://www.fiware.org/devguides/handling-authorization-and-access-control-to-apis/ This will help you implement the authentication for your apps first, before you deal with authorization. After following the guide, your applications should be registered and identified in the IDM for this to work. And you can define the access control policy with the GUI in the IdM. The policy is then pushed to the Authorization PDP. Then, the PEP proxy for your service should be configured with the IdM URL to validate tokens and retrieve user/resource info from there as well. Then the PEP will send an authorization request to the Authorization PDP (Authzforce) using the API described here: http://catalogue.fiware.org/enablers/authorization-pdp-authzforce/documentation (User and Programmers Guide) I put the IdM/PEP proxy owner (Alvaro) in CC if you need more info on these. Regards, Cyril

          People

          • Assignee:
            cdangerville Cyril Dangerville
            Reporter:
            fw.ext.user FW External User
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: