“AZF domain not created for application” AuthZforce

Question

I have an application that uses the KeyRock, PEP, PDP(AuthZForce).

The security level 1 (authentication) with Keyrock and PEP are working, but when we try to use Aut

Answer 1

After reviewing the horizon source code I found that function "policyset_update" in openstack_dashboard/fiware_api/access_control_ge.py returns inmediatly if ACCESS_CONTROL_MAGIC_KEY is None (the default configuration) or an empty string,so the communication with AuthZForce never takes place. Despite this parameter is optional when you don't have AuthZForce behind a PEP Proxy, you have to enter some text to avoid this error.

In your case, your string 'undefined' did the work. In fact, as result, a 'X-Auth-Token: undefined' is generated, but ignored when horizon communicates directly with AuthZForce.

Related topic: Fiware AuthZForce error: "AZF domain not created for application"