Comments (3)
I have tried to create a new user and assigned him a new role with a permission inside the test app. Assignment went well since I am able to see it in keystone table role_user_fiware.
After that I have obtained an oauth access token for this new user and tried to access a resource behind PEP with PDP activated. For this new user, I get following error in PEP console:
2016-02-10 18:53:29.871 - INFO: IDM-Client - Checking token with IDM...
2016-02-10 18:53:29.906 - INFO: AZF-Client - Checking auth with AZF...
2016-02-10 18:53:29.906 - INFO: AZF-Client - Checking authorization to roles [] to do GET on and app cdcbdf2e94524524852aea1f6b16d1c4
2016-02-10 18:53:29.934 - ERROR: Root - Error in AZF communication <ns2:error xmlns:ns2="http://authzforce.github.io/rest-api-model/xmlns/authz/4" xmlns:ns3="http://www.w3.org/2005/Atom" xmlns:ns4="http://authzforce.github.io/core/xmlns/pdp/3.6" xmlns:ns5="http://authzforce.github.io/pap-dao-file/xmlns/properties/3.6">Invalid parameters: cvc-complex-type.2.4.b: The content of element 'Attribute' is not complete. One of '{"urn:oasis:names:tc:xacml:3.0:core:schema:wd-17":AttributeValue}' is expected./ns2:error
express deprecated res.send(status, body): Use res.status(status).send(body) instead controllers/root.js:53:33
And this is the output of PDP hosted in tomcat:
2016-02-10 18:33:09,237|WARN |http-bio-8080-exec-5|org.apache.cxf.jaxrs.provider.AbstractJAXBProvider:689|javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 347; cvc-complex-type.2.4.b: The content of element 'Attribute' is not complete. One of '{"urn:oasis:names:tc:xacml:3.0:core:schema:wd-17":AttributeValue}' is expected.]
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.handleStreamException(UnmarshallerImpl.java:420)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:357)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:327)
at org.apache.cxf.jaxrs.provider.JAXBElementProvider.unmarshalFromInputStream(JAXBElementProvider.java:291)
at org.apache.cxf.jaxrs.provider.JAXBElementProvider.doUnmarshal(JAXBElementProvider.java:242)
at org.apache.cxf.jaxrs.provider.JAXBElementProvider.readFrom(JAXBElementProvider.java:191)
at org.apache.cxf.jaxrs.utils.JAXRSUtils.readFromMessageBodyReader(JAXRSUtils.java:1337)
at org.apache.cxf.jaxrs.utils.JAXRSUtils.readFromMessageBody(JAXRSUtils.java:1288)
at org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameter(JAXRSUtils.java:824)
at org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameters(JAXRSUtils.java:787)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:268)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:271)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:293)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:212)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:268)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.ow2.authzforce.webapp.ExceptionFilter.doFilter(ExceptionFilter.java:81)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1041)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.xml.sax.SAXParseException; lineNumber: 1; columnNumber: 347; cvc-complex-type.2.4.b: The content of element 'Attribute' is not complete. One of '{"urn:oasis:names:tc:xacml:3.0:core:schema:wd-17":AttributeValue}' is expected.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:198)
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandlerWrapper.java:134)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:396)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:284)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReporter.reportError(XMLSchemaValidator.java:452)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaError(XMLSchemaValidator.java:3230)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.elementLocallyValidComplexType(XMLSchemaValidator.java:3206)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.elementLocallyValidType(XMLSchemaValidator.java:3153)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.processElementContent(XMLSchemaValidator.java:3055)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleEndElement(XMLSchemaValidator.java:2134)
at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.endElement(XMLSchemaValidator.java:853)
at com.sun.org.apache.xerces.internal.jaxp.validation.ValidatorHandlerImpl.endElement(ValidatorHandlerImpl.java:584)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.ValidatingUnmarshaller.endElement(ValidatingUnmarshaller.java:91)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StAXStreamConnector.handleEndElement(StAXStreamConnector.java:206)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.StAXStreamConnector.bridge(StAXStreamConnector.java:170)
at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:355)
... 43 more
|
I appreciate any help on this since the documentation for integrating PEP and PDP is very scarce.
from fiware-pep-proxy.
Same PEP error here, but using Fiware instance of IdM and AZF.
from fiware-pep-proxy.
It seems you are using a version of AZF that is not currently supported by PEP. Current PEP Proxy version is compatible with AZF v3.x and as you are using path "authzforce-ce/domains" I suppose yiou are using version 4.x or 5.x. We will add compatibility to AZF v5.x during this week. If fact Keyrock is already compatible. In the meantime you can use version 3 of AZF to solve this issue
from fiware-pep-proxy.
Related Issues (20)
- protect orion HOT 1
- doubt about pep proxy HOT 1
- HTTPS port not working in v7.9 HOT 1
- Access token expired
- harmonize Environment variable
- Docker Tag 8.2.0 missing on dockerhub (for idm as well) HOT 2
- Authorization Headers and Cache
- Docker versions of 8.1.0 and 8.3.0 return wrong mime type text/html since last image version HOT 3
- Docker healthcheck fails in 8.3.0 HOT 1
- Integration problem between Keyrock, fiware-pep-proxy and orion-ld HOT 2
- InvalidAuthenticationToken while trying to access Orion-LD HOT 1
- Metrics of usage
- WILMA delete NGSILD-Results-Count in response header HOT 1
- Why there is `trusted_apps` setting in pep-proxy HOT 1
- Moving from Docker Hub image tag 7.0.2 to 7.4.0 or later with Docker Compose causes "TypeError: Cannot read property 'secret' of undefined" HOT 2
- Use toBoolean with PEP_PROXY_ORG_ENABLED HOT 1
- PEP crashes when authenticating with IoT sensor HOT 1
- Cannot read property 'split' of undefined when trying to run application HOT 1
- Missing Fiware-Service Header in Allowed Auth Header on CORS Preflight request HOT 1
- Running docker container as non-root user HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fiware-pep-proxy.