Stack Overflow
Stack Overflow

Questions tagged [authz]

authz is a shorthand for "authorization" in a variety of development contexts.

authz is an abbreviation of authorization, the concept of giving permission to do something on behalf of an authenticated user.

The term authz is frequently used in relation to Apache's authentication and authorization modules, where authentication is abbreviated "authn".

53 questions
0
votes
1 answer

Deny SVN Path Authentication, Harry Sally example not working

I'm trying to deny svn permission on a subfolder as per svnbook example [calc:/branches/calc/bug-142] harry = rw sally = r [calc:/branches/calc/bug-142/secret] harry = So harry don't get access to secret folder. In my case,…
Robin
  • 451
  • 3
  • 14
0
votes
1 answer

Global rules for API

I am Developing a backend of an web application, I want to create something like global rules for user authorization for example: user() has edit to org() if user.id == org.owner this means every user can edit every organization if they have the…
Azeroth
  • 11
  • 4
0
votes
1 answer

How do I add information to logs using AuthzReportSecurityEvent

I've got this CPP code that creates security logs using the AuthzReportSecurityEvent function,I need to add a specific information to said logs but I can't figure out how to create the "Data Name" field and the information online is severely…
Avihai Cohen
  • 1
0
votes
1 answer

Guidance about when to use UMA in Keycloak

I started using Keycloak and stumbled upon User-Managed Access (UMA) when trying to implement fine-grained access control. As far as I understand, UMA is an extension of OAuth2 that provides an authorization layer. However, I'm struggling to grasp…
nailer_boxer
  • 202
  • 3
  • 10
0
votes
0 answers

keycloak authz client - SocketException: Connection reset

15 minutes after login, when trying again to do authorization using keycloack-authz-client, I am receiving an exception: Caused by: java.net.SocketException: Connection reset. Maybe some settings need to update from keycloak admin console or maybe…
Gor Petrosyan
  • 1
0
votes
0 answers

Apache httpd ignores Location authentication configuration in VirtualHost

I have the following configuration in a config file for httpd: Listen 6666 ServerName server-name LogLevel trace6 LogFormat "%h %p %l %u %t %D \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"…
bigdaddyrooster2
  • 33
  • 7
0
votes
1 answer

how to create access_token to access ARM API for a user and not the service principal

I need to secure my ML endpoints in azure based on user credentials and user accesses. Right now, we are authorising based on service principal account but now we want to test for each user. I can see the documentation for REST API to get the…
Onki
  • 1,879
  • 6
  • 38
  • 58
0
votes
1 answer

How i can send certificate for EAP-authentication to authzforce?Or how i can configured authzforce for it?

I need to do authentication with EAP certificates for authzforce. I did not find any attribute for certificates. How can I configure authzforce policy for it?
Belator
  • 1
0
votes
1 answer

Where to resolve resource-owner when checking entitlements/authZ

At the company I work for; we're planning a custom entitlement service (using Open Policy Agent as the policy engine) for fine-grained authZ decisioning. The high-level architecture looks like the following: Basically entitlements-enabled…
Ryan.Bartsch
  • 3,698
  • 1
  • 26
  • 52
0
votes
1 answer

windos 2012 r2 security event log custom insert

Im trying to write logs in windows server 2012 r2 i can write Application log like this, Write-EventLog -LogName Application -Source "mysource" other parameters goes here its working rightly and write this log in windowslog/application after that…
Mehmet Başaran
  • 77
  • 2
  • 10
0
votes
1 answer

In which order are the queries from mod_jk redirected in apache2?

I want to allow queries from localhost to one url, and forward everything else to another service. Before I was doing this without the localhost requierement and it was working. But now it seems that although the localtion filter matches as shown…
nck
  • 1,673
  • 16
  • 40
0
votes
1 answer

How to deal with container restarts when pushing data to Open Policy Agent

At the company I work for, we're considering whether to use Open Policy Agent (OPA) for fine grained authZ. For loading data to OPA there are a number of approaches listed on the website under External Data. For the scenarios we're dealing with, I'd…
Ryan.Bartsch
  • 3,698
  • 1
  • 26
  • 52
0
votes
0 answers

Why is authorization.Request.User string empty?

I am working on an authorization plugin in Go and I am stuck with it. When I send commands to the Docker Engine on localhost, I get the RequestURI and RequestBody well but not the User who sent the request. It's an empty string. func (e…
kergeodeta
  • 106
  • 4
0
votes
2 answers

SVN: Only show specific parts of svn tree to a user

I have a single svn repository for all my projects. In svn I also have a directory which contains the compiled libraries (like .dll, .swc) which are directly referenced by the projects. I want another developer to do a project for me and I don't…
David Rettenbacher
  • 5,088
  • 2
  • 36
  • 45
0
votes
2 answers

“AZF domain not created for application” AuthZforce

I have an application that uses the KeyRock, PEP, PDP(AuthZForce). The security level 1 (authentication) with Keyrock and PEP are working, but when we try to use AuthZForce to check the authorization, I get the error message: AZF domain not created…
Gabriela Cavalcante
  • 85
  • 2
  • 11
1 2
3
4