Details
-
Type:
extRequest
-
Status: Closed
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
HD-Chapter:Security
-
HD-Enabler:AuthZForce
Description
Hi,
My name is Ra�l and I am working at the University of Vigo as a researcher.
I want to implement a system of authentication proxy PEP, IdM and
Authzforce based on the following diagram:
[image: Im�genes integradas 1]
Besides, I need to implement REST calls to allow me access to resources
through two different services. How do I associate my service resources to
understandable AUTHZFORCE resources? Where I can find the REST API which
contains in the parameters of these REST calls?
?Best regards,
Ra�l Blanco.
_______________________________________________
Fiware-tech-help mailing list
Fiware-tech-help@lists.fi-ware.org
https://lists.fi-ware.org/listinfo/fiware-tech-help
[Created via e-mail received from: =?UTF-8?B?UmHDumwgQmxhbmNv?= <rulgudi@gmail.com>]
Activity
| Field | Original Value | New Value |
|---|---|---|
| Reporter | FW External User [ fwexternaluser ] | FW External User [ fw.external.urser ] |
| Component/s | FIWARE-TECH-HELP [ 10278 ] |
| Assignee | Alvaro Alonso [ aalonsog ] |
| Assignee | Alvaro Alonso [ aalonsog ] | Cyril Dangerville [ cyril.dangerville ] |
| Attachment | screenshot-1.png [ 15930 ] |
| Attachment | screenshot-2.png [ 15931 ] |
| Attachment | screenshot-3.png [ 15932 ] |
| Attachment | screenshot-4.png [ 15933 ] |
Hello Cyril,
Screenshots recovered!
| Status | Open [ 1 ] | In Progress [ 3 ] |
Thanks. Answer sent to rulgudi (AT) gmail (DOT) com:
I suggest you have a look at the development guide to get started securing your REST services:
http://www.fiware.org/devguides/handling-authorization-and-access-control-to-apis/
This will help you implement the authentication for your apps first, before you deal with authorization. After following the guide, your applications should be registered and identified in the IDM for this to work. And you can define the access control policy with the GUI in the IdM. The policy is then pushed to the Authorization PDP. Then, the PEP proxy for your service should be configured with the IdM URL to validate tokens and retrieve user/resource info from there as well. Then the PEP will send an authorization request to the Authorization PDP (Authzforce) using the API described here:
http://catalogue.fiware.org/enablers/authorization-pdp-authzforce/documentation (User and Programmers Guide)
I put the IdM/PEP proxy owner (Alvaro) in CC if you need more info on these.
Regards,
Cyril
| Status | In Progress [ 3 ] | Answered [ 10104 ] |
| Resolution | Done [ 10000 ] | |
| Status | Answered [ 10104 ] | Closed [ 6 ] |
| Summary | [Fiware-tech-help] Services and resources security in AuthzForce REST API model | FIWARE.Request.Lab.Security.AuthorizationPDP.IdmManagedResourcesLinkToAuthzforceTargetResources |
| Summary | FIWARE.Request.Lab.Security.AuthorizationPDP.IdmManagedResourcesLinkToAuthzforceTargetResources | FIWARE.Request.Tech.Security.AuthorizationPDP.IdmManagedResourcesLinkToAuthzforceTargetResources |
| Sender Email | rulgudi@gmail.com |
| HD-Enabler | AuthZForce [ 10887 ] | |
| HD-Chapter | Security [ 10841 ] |
| Fix Version/s | 2021 [ 12600 ] |
| Transition | Time In Source Status | Execution Times | Last Executer | Last Execution Date | |||||
|---|---|---|---|---|---|---|---|---|---|
|
63d 8h 35m | 1 | Cyril Dangerville | 28/May/15 12:43 PM | |||||
|
1m 16s | 1 | Cyril Dangerville | 28/May/15 12:44 PM | |||||
|
7d 22h 29m | 1 | Cyril Dangerville | 05/Jun/15 11:14 AM |
Hello Manuel,
I am missing the attached diagram of the original mail. Any chance to get it?
[image: Im�genes integradas 1] ?