Details
-
Type:
Monitor
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:
-
HD-Chapter:Security
-
HD-Enabler:AuthZForce
Description
Created question in FIWARE Q/A platform on 10-03-2017 at 09:03
Please, ANSWER this question AT http://stackoverflow.com/questions/42714175/fiware-authzforce-error-azf-domain-not-created-for-application
Question:
Fiware AuthZForce error: "AZF domain not created for application"
Description:
I'm trying to protect Orion Context Broker using KeyRock idm, Wilma PEP-Proxy and AuthZForce PDP over Docker. For now, level 1 security works well and I can deny access to non logged users, but I get this error on Wilma when trying to add level 2.
AZF domain not created for application <applicationID>
Here it is my azf configuration in Wilma's config.js file:
config.azf =
{ enabled: true, protocol: 'http', host: 'azfcontainer', port: 8080, custom_policy: undefined };
And this is how I set the access control configuration on KeyRock:
- ACCESS CONTROL GE
ACCESS_CONTROL_URL = 'http://azfcontainer:8080'
ACCESS_CONTROL_MAGIC_KEY = None
I have created the custom policies on Keyrock, but AuthZForce logs don't show any request from KeyRock or Wilma, so no domain is created on the PDP. I have checked that all containers can see and reach each other and that all ports are up. I may be missing some configuration.
This question is the same that “AZF domain not created for application” AuthZforce, but my problem persists even with the shown AuthZForce GE Configuration.
Activity
Which versions of KeyRock, Wilma and AuthzForce are you using?
2017-03-15 00:05|UPDATED status: transition Answered| # answers= 1, accepted answer= False
Looking at the answer proposed on stackoverflow, this is an issue in KeyRock, not AuthzForce. Re-assigning to KeyRock owner.
2017-03-15 18:05|UPDATED status: transition Finish| # answers= 1, accepted answer= True
2017-03-10 12:05|CREATED monitor | # answers= 0, accepted answer= False