[Backlogmanager] [FIWARE-JIRA] (HELP-13353) [fiware-stackoverflow] How to achieve security level 3 in FIWARE?

Fernando Lopez (JIRA) jira-help-desk at jira.fiware.org
Tue Jan 16 16:19:00 CET 2018


     [ https://jira.fiware.org/browse/HELP-13353?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Fernando Lopez reassigned HELP-13353:
-------------------------------------

    Assignee: Backlog Manager

> [fiware-stackoverflow] How to achieve security level 3 in FIWARE?
> -----------------------------------------------------------------
>
>                 Key: HELP-13353
>                 URL: https://jira.fiware.org/browse/HELP-13353
>             Project: Help-Desk
>          Issue Type: Monitor
>          Components: FIWARE-TECH-HELP
>            Reporter: Backlog Manager
>            Assignee: Backlog Manager
>              Labels: access-control, authorization, fiware, security, xacml
>
> Created question in FIWARE Q/A platform on 05-07-2017 at 05:07
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/44916746/how-to-achieve-security-level-3-in-fiware
> +Question:+
> How to achieve security level 3 in FIWARE?
> +Description:+
> I am deploying FIWARE security GEs (i.e., Wilma, AuthzForce, Keyrock) in my computer. Security level 2 (Basic Authorization) is working well, but now I need security level 3 (Advanced Authorization) using XACML. 
> Long story short, I want a tutorial of implementation security level 3. However, as far as I know, any tutorial or document about security level 3 does not exist.
> For now, I create my policy with PAP's API, and change 'custom_policy' option in config.js from 'undefined' to 'policy.js'. And then I create 'policy.js' file into 'PEP/policies', but don't change anything compared with its template file because I don't know what this code does exactly. I think I should make XACML Request form using 'xml' variable. But in my case, PEP gives me the error when I make the XACML Request using 'xml' variable, and return this variable. Here is my error of PEP:
> Error: Root - Error in AZF communication <?xml version="1.0" encoding="UTF-8" standalone="yes"?><error xmlns="http://authzforce.github.io/rest-api-model/xmlns/authz/S" xmlns:ns2="http://www.w3.org/2005/Atom" xmlns:ns3="http://authzforce.github.io/core/xmlns/pdp/5.0" xmlns:ns4="http://authzforce.github.io/pap-dao-flat-file/xmlns/properties/3.6"><message>Invalid parameters: cvc-elt.1: Cannot find the declaration of element 'Request'.</message></error>
> And here is my 'getPolicy' code (XACML Request) in policy.js. I just made very simple request whether response is permit or not because I'm not sure what I'm doing at that time.:
> exports.getPolicy = function (roles, req, app_id) {
>     var xml = xmlBuilder.create('Request', {
>             'xmlns': 'urn:oasis:names:tc:xacml:3.0:core:schema:wd-17',
>             'CombinedDecision': 'false',
>             'ReturnPolicyIdList': 'false'})
>     .ele('Attributes', {
>             'Category': 'urn:oasis:names:tc:xacml:1.0:subject-category:access-subject'});
> So, anyone can give me any information about implementation of security level 3?



--
This message was sent by Atlassian JIRA
(v6.4.1#64016)


More information about the Backlogmanager mailing list

You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy   Cookies policy