Details
-
Type: Monitor
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Created question in FIWARE Q/A platform on 21-09-2016 at 14:09
Please, ANSWER this question AT http://stackoverflow.com/questions/39617005/keystone-create-user-and-permissions-by-api
Question:
Keystone create user and permissions by api
Description:
I have an instance of Keyrock in fiware lab.
in my app, im trying to create user with api as Fiware keystone api create user and access with horizon.
now i check user:
curl -s -H "X-Auth-Token:17007fe11124bd71eb60" http://localhost:5000/v3/users/admin | python -mjson.tool
response:
> {
> "user": {
> "default_project_id": "d0f384973b9f4a57b975fcd9bef10c6e",
> "description": "admin",
> "domain_id": "default",
> "email": "admin@gmail.com",
> "enabled": true,
> "id": "admin",
> "links":
,
> "name": "admin@gmail.com",
> "username": "admin"
> } }
now name field is correct, but i cant log with this user in my Horizon. If i check the keystone.log, i can see this:
2016-09-21 12:28:50.353 1483 WARNING keystone.common.wsgi [-] Authorization failed. The request you have made requires authentication. from 127.0.0.1
2016-09-21 12:28:50.445 1482 WARNING keystone.auth.controllers [-] User admin doesn't have access to default project d0f384973b9f4a57b975fcd9bef10c6e. The token will be unscoped rather than scoped to the project.
2016-09-21 12:28:50.767 1481 WARNING keystone.common.wsgi [-] You are not authorized to perform the requested action: identity:revoke_token
2016-09-21 12:29:42.900 1483 WARNING keystone.common.controller [-] RBAC: Bypassing authorization
and in Horizon:
Of course, the log explains problem: "User admin doesn't have access to default project d0f384973b9f4a57b975fcd9bef10c6e" But, how can i set permissions to this user in project?
Activity
Field | Original Value | New Value |
---|---|---|
Component/s | FIWARE-TECH-HELP [ 10278 ] |
HD-Enabler | Unknown [ 10910 ] | |
HD-Chapter | Unknown [ 10845 ] | |
HD-Node | Unknown [ 10852 ] |
HD-Enabler | Unknown [ 10910 ] | KeyRock [ 10889 ] |
HD-Chapter | Unknown [ 10845 ] | Security [ 10841 ] |
Assignee | Alvaro Alonso [ aalonsog ] |
Status | Open [ 1 ] | In Progress [ 3 ] |
Status | In Progress [ 3 ] | Answered [ 10104 ] |
Resolution | Done [ 10000 ] | |
Status | Answered [ 10104 ] | Closed [ 6 ] |
Summary | [fiware-stackoverflow] Keystone create user and permissions by api | FIWARE.Question.Tech.Security.IDM-KeyRock.Keystone create user and permissions by api |
HD-Node | Unknown [ 10852 ] |
Fix Version/s | 2021 [ 12600 ] |