Hi,
A user is having problems with Object Storage authorization. Here it is his
report:
"I already successfully used Object Storage earlier but after the recent
changes (new IdM deployment, having my account upgraded to a community
account) it no longer works.
Referring to the 3 step authentication as described in the documentation(*)
the 1. and 2. step work okay but the 3. step fails.
(*
https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Object_Storage_-_User_and_Programmers_Guide#Authentication
)
In other words I am able to get the "initial token" using my e-mail and
password (step 1) and am able to get the detailed tenant list with the
initial token (step 2) but can't authorize any of the tenants to use the
Object Storage (step 3).
Below is a log of the requests and responses with my password, the initial
token and the numerical tenants hidden:
1. Authentication to get initial token (no tenant yet)
URL: http://cloud.lab.fi-ware.org:4730/v2.0/tokens
RequestProperties: {Content-type=application/json, Accept-Charset=UTF-8}
Sending JSON object: {"auth":{"passwordCredentials":{"username":"
markus.kauppinen at outlook.com","password":"<my_password>"}}}
Waiting for response...
Response code: 200
Response message: OK
Response body:
{
"access": {
"token": {
"issued_at": "2015-05-15T12:04:30.310587",
"expires": "2015-05-16T12:04:30Z",
"id": "<initial_token>",
"audit_ids": [
"SY_MmKFfTLeVF4MLsLXAtg"
]
},
"serviceCatalog": [],
"user": {
"username": "markus.kauppinen at outlook.com",
"roles_links": [],
"id": "markus-kauppinen",
"roles": [],
"name": "markus.kauppinen at outlook.com"
},
"metadata": {
"is_admin": 0,
"roles": []
}
}
}
2. Use initial token to get tenant
URL: http://cloud.lab.fi-ware.org:4730/v2.0/tenants
RequestProperties: {Accept-Charset=UTF-8, X-Auth-Token=<initial_token>}
Waiting for response...
Response code: 200
Response message: OK
Response body:
{
"tenants_links": [],
"tenants": [
{
"website": "",
"img_small":
"OrganizationAvatar/small/<new_organization_tenant>",
"name": "blindsquare-landmarkers",
"img_original":
"OrganizationAvatar/original/<new_organization_tenant>",
"description": "This organization is intended to be used in the
cloud environment. As long as you are a trial or community user this
organization will be authorized as purchaser in the Cloud Application.",
"enabled": true,
"id": "<new_organization_tenant>",
"img_medium":
"OrganizationAvatar/medium/<new_organization_tenant>"
},
{
"website": "",
"city": "",
"name": "OLD__testOrganization",
"enabled": true,
"email": "",
"id": "<old_organization_tenant>",
"description": "Blah"
},
{
"description": "",
"enabled": true,
"id": "0000000000000000markus-kauppinen",
"is_default": true,
"name": "markus.kauppinen at outlook.com"
}
]
}
Using organization: blindsquare-landmarkers and tenant:
<new_organization_tenant>
3. Authenticate tenant to get token for Object Storage
URL: http://cloud.lab.fi-ware.org:4730/v2.0/tokens
RequestProperties: {Content-type=application/json, Accept-Charset=UTF-8}
Sending JSON object: {"auth":{"passwordCredentials":{"username":"
markus.kauppinen at outlook.com
","password":"<my_password>"},"tenantName":"<new_organization_tenant>"}}
Waiting for response...
Response code: 401
Response message: Unauthorized
Response body: {"error": {"message": "The request you have made requires
authentication.", "code": 401, "title": "Unauthorized"}}
Earlier I used Object Storage with a manually created organization which is
currently named "OLD__testOrganization". It still shows up in the tenant
list.
Has the authentication process changed somehow or is there a problem with
the current state of my user account?"
Thanks in advance.
Xavier Carol.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-creatifi-coaching/attachments/20150518/b565915e/attachment.html>
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy