[ https://jira.fiware.org/browse/HELP-9517?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Fernando Lopez deleted HELP-9517:
---------------------------------
> [fiware-stackoverflow] Can anyone explain the usage of Context Broker via PeP proxy?
> ------------------------------------------------------------------------------------
>
> Key: HELP-9517
> URL: https://jira.fiware.org/browse/HELP-9517
> Project: Help-Desk
> Issue Type: Monitor
> Reporter: Backlog Manager
> Labels: fiware, fiware-orion, fiware-wilma
>
> Created question in FIWARE Q/A platform on 27-08-2015 at 13:08
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/32248526/can-anyone-explain-the-usage-of-context-broker-via-pep-proxy
> +Question:+
> Can anyone explain the usage of Context Broker via PeP proxy?
> +Description:+
> I have installed orion Context Broker and pep proxy on my machine. I am targeting the global instance of keyRock and the AuthZforce to authenticate the context broker.
> Here is my config.js:
> var config = {};
> config.pep_port = 1307;
> // Set this var to undefined if you don't want the server to listen on HTTPS
> config.https = {
> enabled: false,
> cert_file: 'cert/cert.crt',
> key_file: 'cert/key.key',
> port: 443
> };
> config.account_host = 'https://account.lab.fiware.org';
> config.keystone_host = 'cloud.lab.fiware.org';
> config.keystone_port = 4731;
> config.app_host = 'localhost';
> config.app_port = '1026';
> config.username = '<my fiware lab username>';
> config.password = '<my fiware lab pass>';
> // in seconds
> config.chache_time = 300;
> // if enabled PEP checks permissions with AuthZForce GE.
> // only compatible with oauth2 tokens engine
> config.azf = {
> enabled: false,
> host: 'auth.lab.fiware.org',
> port: 6019,
> path: '/authzforce/domains/d698df7f-ffd4-11e4-a09d-ed06f24e1e78/pdp'
> };
> // list of paths that will not check authentication/authorization
> // example: ['/public/*', '/static/css/']
> config.public_paths = [];
> // options: oauth2/keystone
> config.tokens_engine = 'oauth2';
> config.magic_key = undefined;
> module.exports = config;
> when I do node server.js
> I successfully get:
> Starting PEP proxy in port 1307. Keystone authentication ...
> Success authenticating PEP proxy. Proxy Auth-token: e2189bdc1a8b4aae9280b0fd5a6ae8a0
> following this installation and administration guide I did the following command:
> curl --header "X-Auth-Token:e2189bdc1a8b4aae9280b0fd5a6ae8a0" http://localhost:1307
> From there I get this message:
> [TOKEN] Checking token with IDM...
> User access-token not authorized
> I am seriously at a loss here and don't know how access context broker via these three intermediaries?
> Whose host am I supposed to ask a token from?
> I dont know if I am even asking the right questions. The point of all this is to secure an access to context broker.
> Edit 1
> After setting up the auth-token.sh, I got the following error:
> <orionError>
> <code>400</code>
> <reasonPhrase>Bad Request</reasonPhrase>
> <details>service not found</details>
> </orionError>
> The node server.js reported this:
> Starting PEP proxy in port 1307. Keystone authentication ...
> Success authenticating PEP proxy. Proxy Auth-token: b90604bc94134c1a81414e97a23196f3
> [TOKEN] Checking token with IDM...
> [ROOT] Access-token OK. Redirecting to app...
> previusly the command: sh auth-token.sh <username> <pass> gave me:
> X-Auth-Token for '<my email on fiware lab>': OxFTGtMM6ckBa7FQCUmwvvhj6GQYFc
> and then I just curl --header "X-Auth-Token:OxFTGtMM6ckBa7FQCUmwvvhj6GQYFc" http://localhost:1307 which gave me the before mentioned error.
--
This message was sent by Atlassian JIRA
(v6.4.1#64016)
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy