Details
-
Type: extRequest
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Hello from Greece,
I am a developer and i have a setup in fiware lab with 2 VMs. One VM for
IDM, PEP Proxy and Authorization PDP and one for the Context Broker.
Everything works fine except Authorization PDP (AuthZForce). In fact i
cannot find a way to synchronize the roles and permissions of the IDM
(KeyRock) with the AuthZForce (now AuthZForce is allowing every request).
I found something about Docker, but I realy want to setup my own custom
system.
I would appreciate your help since i did not found anything in
StackOverflow (except the Docker solution). Thank you in advance.
George
Since January 1st, old domains won't be supported and messages sent to any domain different to @lists.fiware.org will be lost.
Please, send your messages using the new domain (Fiware-lab-help@lists.fiware.org) instead of the old one.
_______________________________________________
Fiware-lab-help mailing list
Fiware-lab-help@lists.fiware.org
https://lists.fiware.org/listinfo/fiware-lab-help
[Created via e-mail received from: =?UTF-8?B?zpPOuc+Oz4HOs86/z4IgzqfOsc+BzrnPhM6szrrOt8+C?= <chgiorgos13@gmail.com>]
Activity
Transition | Time In Source Status | Execution Times | Last Executer | Last Execution Date | |||||
---|---|---|---|---|---|---|---|---|---|
|
7h 22m | 1 | Cyril Dangerville | 12/Nov/15 6:33 PM | |||||
|
16h 6m | 1 | Cyril Dangerville | 13/Nov/15 10:39 AM | |||||
|
52s | 1 | Cyril Dangerville | 13/Nov/15 10:40 AM |
Fix Version/s | 2021 [ 12600 ] |
HD-Enabler | KeyRock [ 10889 ] | |
HD-Chapter | Security [ 10841 ] |
Sender Email | chgiorgos13@gmail.com |
Summary | FIWARE.Request.Lab.Security.IDM-KeyRock.FIWARE Lab Assistance | FIWARE.Request.Tech.Security.IDM-KeyRock.FIWARE.Tech.Assistance |
Summary | [Fiware-lab-help] FIWARE Lab Assistance | FIWARE.Request.Lab.Security.IDM-KeyRock.FIWARE Lab Assistance |
Resolution | Done [ 10000 ] | |
Status | Answered [ 10104 ] | Closed [ 6 ] |
Assignee | Cyril Dangerville [ cyril.dangerville ] | Alvaro Alonso [ aalonsog ] |
Comment |
[ Answer from KeyRock IdM owner: Hi, as Cyril has comment, Keyrock (Horizon specifically) sets the permissions in the AuthZForce when a user configures them in the GUI. To configure the host where AuthZForce is running you have to use this Horizon setting: https://github.com/ging/horizon/blob/master/openstack_dashboard/local/local_settings.py.example#L624 BR -- Álvaro ] |
Status | In Progress [ 3 ] | Answered [ 10104 ] |
Status | Open [ 1 ] | In Progress [ 3 ] |
Component/s | FIWARE-TECH-HELP [ 10278 ] | |
Component/s | FIWARE-LAB-HELP [ 10279 ] |
Assignee | Cyril Dangerville [ cyril.dangerville ] |
Field | Original Value | New Value |
---|---|---|
Component/s | FIWARE-LAB-HELP [ 10279 ] |
He replied by email indeed to the external user. I just copy-pasted his reply here. Sorry for the misunderstanding.