“未为应用程序创建AZF域" AuthZforce [英] “AZF domain not created for application” AuthZforce

问题描述

我有一个使用KeyRock，PEP，PDP(AuthZForce)的应用程序.

I have an application that uses the KeyRock, PEP, PDP(AuthZForce).

具有Keyrock和PEP的安全级别1(身份验证)正在运行，但是当我们尝试使用AuthZForce检查授权时，出现错误消息:

The security level 1 (authentication) with Keyrock and PEP are working, but when we try to use AuthZForce to check the authorization, I get the error message:

AZF domain not created for application

我有我的用户和我按照Fiware IdM用户和程序员指南中的步骤创建的应用程序.

I have my user and my application that I created following the steps on the Fiware IdM User and Programmers Guide.

我还能够按照AuthZForce-安装和管理指南中的说明创建域，但是我不知道如何在创建域ID时将其与用户角色绑定在一起.

I am also able to create domains as stated in the AuthZForce - Installation and Administration Guide but I don't know how to bind the Domain ID with user roles when creating them.

那么，如何在特定域下插入用户/组织/应用程序，然后设置安全级别2?

So, how can I insert users/organizations/applications under a specific domain, and then have the security level 2?

我的config.js文件:

My config.js file:

config.azf = {
    enabled: true,
    host: '192.168.99.100',
    port: 8080,
    path: '/authzforce/domains/',
    custom_policy: undefined  
};

我的docker-compose.yml文件是:

And my docker-compose.yml file is:

authzforce:
    image: fiware/authzforce-ce-server:release-5.4.1
    hostname: authzforce
    container_name: authzforce
    ports:
      - "8080:8080"

keyrock:
    image: fiware/idm:v5.4.0
    hostname: keyrock
    container_name: keyrock 
    ports:
        - "5000:5000"
        - "8000:8000" 

pepproxy:
    build: Docker/fiware-pep-proxy
    hostname: pepproxy
    container_name: pepproxy
    ports:
        - 80:80
    links:
        - authzforce
        - keyrock 

此问题与 AuthZForce安全级别2:基本授权错误未为应用程序创建AZF域" ，但是我遇到了相同的错误，并且我的keyrock版本是v5.4.0.

This question is the same that AuthZForce Security Level 2: Basic Authorization error "AZF domain not created for application", but I get the same error, and my keyrock version is v5.4.0.

推荐答案

我更改了AuthZForce GE配置: http://fiware-idm.readthedocs.io/zh_CN/latest/admin_guide.html#authzforce-ge-configuration

I changed the AuthZForce GE Configuration: http://fiware-idm.readthedocs.io/en/latest/admin_guide.html#authzforce-ge-configuration

这篇关于“未为应用程序创建AZF域" AuthZforce的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！