Details
-
Type: extRequest
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
External Participants:
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Dear FIWare support employee,
We are facing currently the a operational problem with IDM.
Could you please advise us here how to fix or workaround this issue to accomplish the wanted situation?
High level
When our operational customer users are using IDM (account) they can see other organizations also.
We would like to hide the organizations from anyone visiting the front-end of IDM (Horizon)
Detailed level
We would like to hide the organizations from anyone visiting the front-end of IDM (Horizon).
We tried to hide it by using an .htaccess file, adding an additional PEP-Proxy and changing user roles. However, none of these potential fixes did the job.
The fact that users can see the organization which they are part of, or own, isn’t necessarily the issue. At the /idm/organizations endpoint, there’s a tab called ‘Other Organisations’ which we would like to hide.
This is wanted since we don’t want our customers to see which other costumers are using the application.
Note: We use Docker to build our own IDM and we could overwrite code by changing the Dockerfile, but we feel that this isn’t the right way to fix the issue.
Kind Regards,
Simon Vos
Arthur van Schendelstraat 650
3511 MJ Utrecht
■ mob +31(0) 6 21 49 93 82
■ tel receptie +31(0)30 699 70 20
■ mail s.vos@itude.com <s.vos@itude.com>
■ linkedIn linkedin.com/in/simonvos <https://linkedin.com/in/simonvos>
www.itude.com <http://www.itude.com/> ■ K.v.K. 30146090
_____________________________________________________________________________
**Op deze mail is een disclaimer van toepassing. De inhoud daarvan is te lezen op onze website**
[Created via e-mail received from: Simon Vos <s.vos@itude.com>]
Comment by fefernandez@dit.upm.es :
Dear Simon,
We're so happy to see that the guidelines worked for your use case. Please
don't hesitate to contact us in the future if we can be of further help.
Sincerely,
Federico Fernández
2016-10-14 9:56 GMT+02:00 Simon Vos <s.vos@itude.com>:
> Dear Federico,
>
> We have analyzed the implementing guidelines for hinding the organizations
> for other users.
> We implemented this and it works fine for us.
> Many thanks.
>
> Kind Regards,
>
> Simon Vos
>
>
>
> Arthur van Schendelstraat 650
> 3511 MJ Utrecht
> ■ *mob *+31(0) 6 21 49 93 82
> ■ tel receptie +31(0)30 699 70 20
> ■ mail s.vos@itude.com
> ■ *linkedIn *linkedin.com/in/simonvos
>
>
> www.itude.com ■ K.v.K. 30146090
>