Details
-
Type: Monitor
-
Status: Closed
-
Priority: Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
HD-Chapter:Security
-
HD-Enabler:AuthZForce
Description
Created question in FIWARE Q/A platform on 09-11-2016 at 18:11
Please, ANSWER this question AT http://stackoverflow.com/questions/40513118/azf-domain-not-created-for-application-authzforce
Question:
“AZF domain not created for application” AuthZforce
Description:
I have an application that uses the KeyRock, PEP, PDP(AuthZForce).
The security level 1 (authentication) with Keyrock and PEP are working, but when we try to use AuthZForce to check the authorization, I get the error message:
AZF domain not created for application
I have my user and my application that I created following the steps on the Fiware IdM User and Programmers Guide.
I am also able to create domains as stated in the AuthZForce - Installation and Administration Guide but I don't know how to bind the Domain ID with user roles when creating them.
So, how can I insert users/organizations/applications under a specific domain, and then have the security level 2?
My config.js file:
config.azf = {
enabled: true,
host: '192.168.99.100',
port: 8080,
path: '/authzforce/domains/',
custom_policy: undefined
};
And my docker-compose.yml file is:
authzforce:
image: fiware/authzforce-ce-server:release-5.4.1
hostname: authzforce
container_name: authzforce
ports:
- "8080:8080"
keyrock:
image: fiware/idm:v5.4.0
hostname: keyrock
container_name: keyrock
ports:
- "5000:5000"
- "8000:8000"
pepproxy:
build: Docker/fiware-pep-proxy
hostname: pepproxy
container_name: pepproxy
ports:
- 80:80
links: - authzforce
- keyrock
This question is the same that AuthZForce Security Level 2: Basic Authorization error "AZF domain not created for application", but I get the same error, and my keyrock version is v5.4.0.
Activity
Transition | Time In Source Status | Execution Times | Last Executer | Last Execution Date | |||||
---|---|---|---|---|---|---|---|---|---|
|
4d 21h 13m | 1 | Cyril Dangerville | 14/Nov/16 6:19 PM | |||||
|
27s | 1 | Cyril Dangerville | 14/Nov/16 6:20 PM | |||||
|
14d 18h 9m | 1 | Alvaro Alonso | 29/Nov/16 12:29 PM |
Fix Version/s | 2021 [ 12600 ] |
Summary | [fiware-stackoverflow] PEP Proxy error: “AZF domain not created for application” | FIWARE.Question.Tech.Security.AuthorizationPDP.PEP Proxy error: “AZF domain not created for application” |
HD-Node | Unknown [ 10852 ] |
Resolution | Done [ 10000 ] | |
Status | Answered [ 10104 ] | Closed [ 6 ] |
Assignee | Cyril Dangerville [ cyril.dangerville ] | Alvaro Alonso [ aalonsog ] |
Summary | [fiware-stackoverflow] PEP Proxy error“AZF domain not created for application” AuthZforce | [fiware-stackoverflow] PEP Proxy error: “AZF domain not created for application” |
Summary | [fiware-stackoverflow] “AZF domain not created for application” AuthZforce | [fiware-stackoverflow] PEP Proxy error“AZF domain not created for application” AuthZforce |
Status | In Progress [ 3 ] | Answered [ 10104 ] |
Status | Open [ 1 ] | In Progress [ 3 ] |
Assignee | Cyril Dangerville [ cyril.dangerville ] |
HD-Chapter | Unknown [ 10845 ] | Security [ 10841 ] |
HD-Enabler | Unknown [ 10910 ] | AuthZForce [ 10887 ] |
HD-Enabler | Unknown [ 10910 ] | |
HD-Chapter | Unknown [ 10845 ] | |
HD-Node | Unknown [ 10852 ] |
Field | Original Value | New Value |
---|---|---|
Component/s | FIWARE-TECH-HELP [ 10278 ] |
The original poster replied to Alvaro Alonso's comment, asking for clarification.
I am re-assigning to the PEP Proxy owner since the error occurs in the PEP Proxy and the discussion involves mostly the PEP Proxy owner.