Details
-
Type: extRequest
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
External Participants:
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Dear FIWare support employee,
We are facing currently the a operational problem with IDM.
Could you please advise us here how to fix or workaround this issue to accomplish the wanted situation?
High level
When our operational customer users are using IDM (account) they can see other organizations also.
We would like to hide the organizations from anyone visiting the front-end of IDM (Horizon)
Detailed level
We would like to hide the organizations from anyone visiting the front-end of IDM (Horizon).
We tried to hide it by using an .htaccess file, adding an additional PEP-Proxy and changing user roles. However, none of these potential fixes did the job.
The fact that users can see the organization which they are part of, or own, isn’t necessarily the issue. At the /idm/organizations endpoint, there’s a tab called ‘Other Organisations’ which we would like to hide.
This is wanted since we don’t want our customers to see which other costumers are using the application.
Note: We use Docker to build our own IDM and we could overwrite code by changing the Dockerfile, but we feel that this isn’t the right way to fix the issue.
Kind Regards,
Simon Vos
Arthur van Schendelstraat 650
3511 MJ Utrecht
■ mob +31(0) 6 21 49 93 82
■ tel receptie +31(0)30 699 70 20
■ mail s.vos@itude.com <s.vos@itude.com>
■ linkedIn linkedin.com/in/simonvos <https://linkedin.com/in/simonvos>
www.itude.com <http://www.itude.com/> ■ K.v.K. 30146090
_____________________________________________________________________________
**Op deze mail is een disclaimer van toepassing. De inhoud daarvan is te lezen op onze website**
[Created via e-mail received from: Simon Vos <s.vos@itude.com>]
Comment by s.vos@itude.com :
Hello,
We sent last week an issue on FIWARE.
Could you please assign a JIRA issue on this?
Is there any progress on this issue. We are eager to solve this issue?
Many thanks, kinds Regards, Simon Vos
**Op deze mail is een disclaimer van toepassing. De inhoud daarvan is te lezen op onze website**
> Op 30 sep. 2016, om 09:03 heeft Simon Vos <s.vos@itude.com> het volgende geschreven:
>
> Dear FIWare support employee,
>
> We are facing currently the a operational problem with IDM.
> Could you please advise us here how to fix or workaround this issue to accomplish the wanted situation?
>
>
> High level
> When our operational customer users are using IDM (account) they can see other organizations also.
> We would like to hide the organizations from anyone visiting the front-end of IDM (Horizon)
>
> Detailed level
> We would like to hide the organizations from anyone visiting the front-end of IDM (Horizon).
> We tried to hide it by using an .htaccess file, adding an additional PEP-Proxy and changing user roles. However, none of these potential fixes did the job.
> The fact that users can see the organization which they are part of, or own, isn’t necessarily the issue. At the /idm/organizations endpoint, there’s a tab called ‘Other Organisations’ which we would like to hide.
> This is wanted since we don’t want our customers to see which other costumers are using the application.
>
>
> Note: We use Docker to build our own IDM and we could overwrite code by changing the Dockerfile, but we feel that this isn’t the right way to fix the issue.
>
>
>
>
> Kind Regards,
>
> Simon Vos
>
>
> <PastedGraphic-2.png>
> Arthur van Schendelstraat 650
> 3511 MJ Utrecht
> ■ mob +31(0) 6 21 49 93 82
> ■ tel receptie +31(0)30 699 70 20
> ■ mail s.vos@itude.com <s.vos@itude.com>
> ■ linkedIn linkedin.com/in/simonvos <https://linkedin.com/in/simonvos>
>
>
> www.itude.com <http://www.itude.com/> ■ K.v.K. 30146090
>