Comments (4)
aalonsog
commented on June 30, 2024
Hi,
it depends on where you have the user [email protected] created... If it is in the default domain, it should work.
BR
from fiware-pep-proxy.
albertinisg
commented on June 30, 2024
Yes, if I'm not wrong by default multi-domain is disabled, but also I've tested it and the user is located in the default domain (I've get the information using the Default Scope request):
bitergia@af706c47bb48:~/fi-ware-pep-proxy$ curl -i \
> -H "Content-Type: application/json" \
> -d '
> { "auth": {
> "identity": {
> "methods": ["password"],
> "password": {
> "user": {
> "name": "[email protected]",
> "domain": { "id": "default" },
> "password": "test"
> }
> }
> }
> }
> }' \
> http://172.17.0.159:5000/v3/auth/tokens ;
HTTP/1.1 201 Created
X-Subject-Token: 3461d8f05b0...a64ef16f1
...
And there
bitergia@af706c47bb48:~/fi-ware-pep-proxy$ curl -s -H "X-Auth-Token: 3461d8f05b0...a64ef16f1" http://172.17.0.159:5000/v3/domains | python -mjson.tool
{
"domains": [
{
"description": "Owns users and tenants (i.e. projects) available on Identity API v2.",
"enabled": true,
"id": "default",
"links": {
"self": "http://172.17.0.159:5000/v3/domains/default"
},
"name": "Default"
}
],
"links": {
"next": null,
"previous": null,
"self": "http://172.17.0.159:5000/v3/domains"
}
}
But, as I said below, the Domain Scoped one returns this one:
bitergia@af706c47bb48:~/fi-ware-pep-proxy$ curl -i \
> -H "Content-Type: application/json" \
> -d '
> { "auth": {
> "identity": {
> "methods": ["password"],
> "password": {
> "user": {
> "name": "[email protected]",
> "domain": { "id": "default" },
> "password": "test"
> }
> }
> },
> "scope": {
> "domain": {
> "id": "default"
> }
> }
> }
> }' \
> http://172.17.0.159:5000/v3/auth/tokens ; echo
HTTP/1.1 401 Unauthorized
Www-Authenticate: Keystone uri="http://172.17.0.159:5000"
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 114
Date: Thu, 11 Jun 2015 16:54:13 GMT
{"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}
Regards!
from fiware-pep-proxy.
aalonsog
commented on June 30, 2024
It seems that your user has not any role in the default domain.
"Get a domain-scoped token (Note that you’re going to need a role-assignment on the domain first!)"
from fiware-pep-proxy.
albertinisg
commented on June 30, 2024
Hi Álvaro!
You are completely right. I was misunderstanding the concept role-assignment, and adding roles to the user0 into the application and not domain. When checked I've found that the user didn't have any domain-roles assigned:
{"links": {"self": "http://172.17.0.159:5000/v3/domains/default/users/user0/roles", "previous": null, "next": null}, "roles": []}
So I've added it as a 'member', re-launched the PEP proxy and the authentication was successful :)
You can close the issue.
Thanks for the support!
from fiware-pep-proxy.
Related Issues (20)
- protect orion HOT 1
- doubt about pep proxy HOT 1
- HTTPS port not working in v7.9 HOT 1
- Access token expired
- harmonize Environment variable
- Docker Tag 8.2.0 missing on dockerhub (for idm as well) HOT 2
- Authorization Headers and Cache
- Docker versions of 8.1.0 and 8.3.0 return wrong mime type text/html since last image version HOT 3
- Docker healthcheck fails in 8.3.0 HOT 1
- Integration problem between Keyrock, fiware-pep-proxy and orion-ld HOT 2
- InvalidAuthenticationToken while trying to access Orion-LD
- Metrics of usage
- WILMA delete NGSILD-Results-Count in response header HOT 1
- Why there is `trusted_apps` setting in pep-proxy HOT 1
- Moving from Docker Hub image tag 7.0.2 to 7.4.0 or later with Docker Compose causes "TypeError: Cannot read property 'secret' of undefined" HOT 2
- Use toBoolean with PEP_PROXY_ORG_ENABLED HOT 1
- PEP crashes when authenticating with IoT sensor HOT 1
- Cannot read property 'split' of undefined when trying to run application HOT 1
- Missing Fiware-Service Header in Allowed Auth Header on CORS Preflight request HOT 1
- Running docker container as non-root user HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fiware-pep-proxy.