Details
-
Type:
Monitor
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:
-
HD-Chapter:Security
-
HD-Enabler:AuthZForce
Description
Created question in FIWARE Q/A platform on 13-04-2016 at 20:04
Please, ANSWER this question AT http://stackoverflow.com/questions/36606813/authzforce-security-level-2-basic-authorization-error-azf-domain-not-created-f
Question:
AuthZForce Security Level 2: Basic Authorization error "AZF domain not created for application"
Description:
We are trying to deploy our security layer (KeyRock, Wilma, AuthZForce) to protect our Orion instance.
We are able to have security level 1 (authentication) with Keyrock and Wilma working, but when we try to insert AuthZForce to check the verb+resource authorization we get the error message:
AZF domain not created for application
In the PEP Proxy User Guide, under "Level 2: Basic Authorization" section, it is stated that we have to configure the roles and permissions for the user in the application. I have created my user and registered my application following the steps on the Fiware IdM User and Programmers Guide. I also created an additional rule to match exactly the resource that I'm trying to GET to guarantee that there is no path mistake.
I am also able to create domains as stated in the AuthZForce - Installation and Administration Guide but I don't know how to bind the Domain ID with user roles when creating them. I've searched in the IdM GUI and in the documentation but I couldn't find how to do it.
So, how can I insert users/organizations/applications under a specific domain, and then have the security level 2?
Activity
| Field | Original Value | New Value |
|---|---|---|
| Component/s | FIWARE-TECH-HELP [ 10278 ] |
| HD-Enabler | Unknown [ 10910 ] | |
| HD-Chapter | Unknown [ 10845 ] | |
| HD-Node | Unknown [ 10852 ] |
| HD-Enabler | Unknown [ 10910 ] | AuthZForce [ 10887 ] |
| HD-Chapter | Unknown [ 10845 ] | Security [ 10841 ] |
| Assignee | Cyril Dangerville [ cyril.dangerville ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
Asked for more info on stackoverflow
| Status | In Progress [ 3 ] | Answered [ 10104 ] |
2016-04-18 12:05|UPDATED status: transition Answered| # answers= 1, accepted answer= False
| Assignee | Cyril Dangerville [ cyril.dangerville ] | Alvaro Alonso [ aalonsog ] |
| Resolution | Done [ 10000 ] | |
| Status | Answered [ 10104 ] | Closed [ 6 ] |
Answered by PEP owner, Alvaro Alonso.
| Summary | [fiware-stackoverflow] AuthZForce Security Level 2: Basic Authorization error "AZF domain not created for application" | FIWARE.Question.Tech.Security.AuthorizationPDP.AuthZForce Security Level 2: Basic Authorization error "AZF domain not created for application" |
| HD-Node | Unknown [ 10852 ] |
| Fix Version/s | 2021 [ 12600 ] |
| Transition | Time In Source Status | Execution Times | Last Executer | Last Execution Date | |||||
|---|---|---|---|---|---|---|---|---|---|
|
2d 22h 43m | 1 | Cyril Dangerville | 18/Apr/16 10:46 AM | |||||
|
1h 16m | 1 | Backlog Manager | 18/Apr/16 12:02 PM | |||||
|
22h 8m | 1 | Cyril Dangerville | 19/Apr/16 10:10 AM |
2016-04-15 12:05|CREATED monitor | # answers= 0, accepted answer= False