Comments (4)
Hi,
it depends on where you have the user [email protected] created... If it is in the default domain, it should work.
BR
from fiware-pep-proxy.
Yes, if I'm not wrong by default multi-domain is disabled, but also I've tested it and the user is located in the default domain (I've get the information using the Default Scope request):
bitergia@af706c47bb48:~/fi-ware-pep-proxy$ curl -i \ > -H "Content-Type: application/json" \ > -d ' > { "auth": { > "identity": { > "methods": ["password"], > "password": { > "user": { > "name": "[email protected]", > "domain": { "id": "default" }, > "password": "test" > } > } > } > } > }' \ > http://172.17.0.159:5000/v3/auth/tokens ; HTTP/1.1 201 Created X-Subject-Token: 3461d8f05b0...a64ef16f1 ...
And there
bitergia@af706c47bb48:~/fi-ware-pep-proxy$ curl -s -H "X-Auth-Token: 3461d8f05b0...a64ef16f1" http://172.17.0.159:5000/v3/domains | python -mjson.tool { "domains": [ { "description": "Owns users and tenants (i.e. projects) available on Identity API v2.", "enabled": true, "id": "default", "links": { "self": "http://172.17.0.159:5000/v3/domains/default" }, "name": "Default" } ], "links": { "next": null, "previous": null, "self": "http://172.17.0.159:5000/v3/domains" } }
But, as I said below, the Domain Scoped one returns this one:
bitergia@af706c47bb48:~/fi-ware-pep-proxy$ curl -i \ > -H "Content-Type: application/json" \ > -d ' > { "auth": { > "identity": { > "methods": ["password"], > "password": { > "user": { > "name": "[email protected]", > "domain": { "id": "default" }, > "password": "test" > } > } > }, > "scope": { > "domain": { > "id": "default" > } > } > } > }' \ > http://172.17.0.159:5000/v3/auth/tokens ; echo HTTP/1.1 401 Unauthorized Www-Authenticate: Keystone uri="http://172.17.0.159:5000" Vary: X-Auth-Token Content-Type: application/json Content-Length: 114 Date: Thu, 11 Jun 2015 16:54:13 GMT {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}
Regards!
from fiware-pep-proxy.
It seems that your user has not any role in the default domain.
"Get a domain-scoped token (Note that you’re going to need a role-assignment on the domain first!)"
from fiware-pep-proxy.
Hi Álvaro!
You are completely right. I was misunderstanding the concept role-assignment, and adding roles to the user0 into the application and not domain. When checked I've found that the user didn't have any domain-roles assigned:
{"links": {"self": "http://172.17.0.159:5000/v3/domains/default/users/user0/roles", "previous": null, "next": null}, "roles": []}
So I've added it as a 'member', re-launched the PEP proxy and the authentication was successful :)
You can close the issue.
Thanks for the support!
from fiware-pep-proxy.
Related Issues (20)
- protect orion HOT 1
- doubt about pep proxy HOT 1
- HTTPS port not working in v7.9 HOT 1
- Access token expired
- harmonize Environment variable
- Docker Tag 8.2.0 missing on dockerhub (for idm as well) HOT 2
- Authorization Headers and Cache
- Docker versions of 8.1.0 and 8.3.0 return wrong mime type text/html since last image version HOT 3
- Docker healthcheck fails in 8.3.0 HOT 1
- Integration problem between Keyrock, fiware-pep-proxy and orion-ld HOT 2
- [SHOULD] run lint on CI
- [SHOULD] run tests on CI - test suite failing
- Testing Proxy as per readme.md gives an unexpected response
- Why there is `trusted_apps` setting in pep-proxy HOT 1
- Moving from Docker Hub image tag 7.0.2 to 7.4.0 or later with Docker Compose causes "TypeError: Cannot read property 'secret' of undefined" HOT 2
- Use toBoolean with PEP_PROXY_ORG_ENABLED HOT 1
- PEP crashes when authenticating with IoT sensor HOT 1
- Cannot read property 'split' of undefined when trying to run application HOT 1
- Missing Fiware-Service Header in Allowed Auth Header on CORS Preflight request HOT 1
- Running docker container as non-root user HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fiware-pep-proxy.