[ https://jira.fiware.org/browse/HELP-8457?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alvaro Alonso updated HELP-8457:
--------------------------------
Status: In Progress (was: Open)
> [fiware-stackoverflow] How does roles work in Keyrock?
> ------------------------------------------------------
>
> Key: HELP-8457
> URL: https://jira.fiware.org/browse/HELP-8457
> Project: Help-Desk
> Issue Type: Monitor
> Components: FIWARE-TECH-HELP
> Reporter: Backlog Manager
> Assignee: Alvaro Alonso
> Labels: authorization, fiware, keystone, role-base-authorization, roles
>
> Created question in FIWARE Q/A platform on 29-03-2017 at 22:03
> {color: red}Please, ANSWER this question AT{color} http://stackoverflow.com/questions/43103151/how-does-roles-work-in-keyrock
> +Question:+
> How does roles work in Keyrock?
> +Description:+
> I want to know how the role based authorization works in FIWARE Keyrock. I have tested a scenario where a user A registers an application appA in Keyrock. The user B that is not on the authorized list for application appA can request a token for another application (appB, for example) and successfully access the appA with the token obtained from appB.
> Another test performed was to include user A in the authorized list for appA, but with a role that has no permissions. Again, the user A gets access to appA with credentials from another application.
> Can anyone explain me how this work, if it really work?
--
This message was sent by Atlassian JIRA
(v6.4.1#64016)
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy