[Fiware-lab-help] R: Fiware IdM

Cipriani Marco marco2.cipriani at telecomitalia.it
Wed Jul 8 11:18:32 CEST 2015

Previous message: [Fiware-lab-help] Fiware IdM
Next message: [Fiware-lab-help] ObjectStorage on a different node
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Pedro,
I have just forwarded your requests to the second level support in order to solve your issues.

Best regards
Marco


Da: fiware-lab-help-bounces at lists.fi-ware.org [mailto:fiware-lab-help-bounces at lists.fi-ware.org] Per conto di Pedro Gonçalves
Inviato: mercoledì 8 luglio 2015 10:33
A: fiware-lab-help at lists.fi-ware.org
Cc: Gregory Stern; Hugo Silva
Oggetto: [Fiware-lab-help] Fiware IdM

Hi,

I'm trying to use the IdM.KeyRock - AuthZForce - PEP.Proxy trinity.

My application is registered in the IdM.KeyRock and already has the authorization constricts for the users, using organizations and (HTTP VERB + RESOURCE) roles.

My (mobile) application is already developed and already successfully implements the Oauth2 protocol. Meaning I am able to authenticate a user and get his information from the IdM.KeyRock using the access token alone.

My main problem is the PEP.Proxy configuration (This PEP.Proxy is on top of the Orion Context Broker). Supposedly, the endpoints of the IdM.KeyRock and AuthZForce should be configured, but I can't find any reference to what the endpoint of IdM's integrated AuthZForce is. This is my config.js file so far, the red is where my problem lies:

var config = {};

config.resource = {
    original: {
        host: 'localhost',
        port: 1026
    },
    proxy: {
        port: 10026
    }
};

config.access = {
   protocol: 'http',
    host: 'localhost',
    port: 7000,
    path: '/validate'
}

config.authentication = {
    protocol: 'https',
    host: 'account.lab.fiware.org<http://account.lab.fiware.org>',
    port: 443,
    path: '/user'
}

config.ssl = {
    active: false,
    certFile: ''
}

config.logLevel = 'FATAL';

config.middlewares = {
    require: 'lib/services/orionPlugin',
    functions: [
        'extractCBAction'
    ]
};

config.componentName = 'contextbroker';

module.exports = config;

My second problem has to do with the actual information retrieved from the IdM:

https://account.lab.fiware.org:443/user?access_token=xxXXxxXXxxXX

Let's suppose I asked for the information above and I got the following response:

{
organizations:
[
0]
displayName: "JohnDoe"
roles:
[
0]
app_id: "33da9471ceXXXXXX5d8b0849f5a64ba"
email: "johndoe at domain.com<mailto:johndoe at domain.com>"
id: "johndoe"
}


it says the user has no organizations, however, I actually added this specific person to an organization (see attachment - printscreen of Account Lab while Log'ed In with the example user  johndoe at domain.com<mailto:johndoe at domain.com>).

What am I doing wrong? Is this something to do with domains and services? I just want to use what I configured in the Account Portal (applications, organizations and users).

Best Regards,
--

[Inline image 1]
Pedro Gonçalves
Research Software Engineer

PLUX - Wireless Biosignals, S.A.

Headquarters
Zona Industrial das Corredouras, Lt. 14 - 1º
2630-369 Arruda dos Vinhos
Portugal
T: +351 263 978 572

Lisbon Office
Av. 5 de Outubro, 70 - 8º
1050-059 Lisboa
Portugal
T: +351 211 956 542
T: +351 211 956 546
F: +351 211 956 531

W: www.plux.info<http://www.plux.info/>
Questo messaggio e i suoi allegati sono indirizzati esclusivamente alle persone indicate. La diffusione, copia o qualsiasi altra azione derivante dalla conoscenza di queste informazioni sono rigorosamente vietate. Qualora abbiate ricevuto questo documento per errore siete cortesemente pregati di darne immediata comunicazione al mittente e di provvedere alla sua distruzione, Grazie.

This e-mail and any attachments is confidential and may contain privileged information intended for the addressee(s) only. Dissemination, copying, printing or use by anybody else is unauthorised. If you are not the intended recipient, please delete this message and any attachments and advise the sender by return e-mail, Thanks.

[rispetta l'ambiente]Rispetta l'ambiente. Non stampare questa mail se non è necessario.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-help/attachments/20150708/77a6985d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5208 bytes
Desc: image001.png
URL: <https://lists.fiware.org/private/fiware-lab-help/attachments/20150708/77a6985d/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: logo Ambiente_foglia2.jpg
Type: image/jpeg
Size: 677 bytes
Desc: logo Ambiente_foglia2.jpg
URL: <https://lists.fiware.org/private/fiware-lab-help/attachments/20150708/77a6985d/attachment.jpg>

Previous message: [Fiware-lab-help] Fiware IdM
Next message: [Fiware-lab-help] ObjectStorage on a different node
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Fiware-lab-help mailing list

You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy