发表新帖
发表新帖

“AZF domain not created for application” AuthZforce

后端 未结
关注
2 844
北荒
北荒 2020-12-12 07:24

I have an application that uses the KeyRock, PEP, PDP(AuthZForce).

The security level 1 (authentication) with Keyrock and PEP are working, but when we try to use Aut

相关标签:
2条回答
  • 小蘑菇
    2020-12-12 07:30

    After reviewing the horizon source code I found that function "policyset_update" in openstack_dashboard/fiware_api/access_control_ge.py returns inmediatly if ACCESS_CONTROL_MAGIC_KEY is None (the default configuration) or an empty string,so the communication with AuthZForce never takes place. Despite this parameter is optional when you don't have AuthZForce behind a PEP Proxy, you have to enter some text to avoid this error.

    In your case, your string 'undefined' did the work. In fact, as result, a 'X-Auth-Token: undefined' is generated, but ignored when horizon communicates directly with AuthZForce.

    Related topic: Fiware AuthZForce error: "AZF domain not created for application"

    0 讨论(0)
  • 感动是毒
    2020-12-12 07:49

    I changed the AuthZForce GE Configuration: http://fiware-idm.readthedocs.io/en/latest/admin_guide.html#authzforce-ge-configuration

    0 讨论(0)
 看不清?
提交回复
热议问题