Highest Voted 'authzforce' Questions

5

votes

1 answer

How to configure access control in Orion NGSI API for tenant isolation using Wilma PEP Proxy and IdM Keyrock?

I want to provide access control at the Orion Context Broker NGSI API level to ensure real data isolation. I want to make sure that a tenant can only query/update their contexts and NOT those of another tenant. To do so, I started putting an…

asked Jun 29 '17 at 20:39

Emiliano Viotti

1,619
2
16
30

3

votes

1 answer

How to do logical AND for Rule combining for XACML

My scenario is I have a Policy with several rules and all the rules need to be true for the policy to be true. For example: Policy A - Rule 1 - Rule 2 - Rule 3 For Policy A to be applicable, i need all three Rules to return…

access-control policy xacml abac authzforce

asked Mar 30 '20 at 05:40

Samuel

325
4
10

2

votes

1 answer

Authzforce - XACML AttributeSelector

I am using Authzforce 10.1.1 and i have already created some basic policies, now im trying to use the element to compare some values of a resource that I plan to send on the request. I have been following the documentation of…

xacml authzforce

asked Mar 09 '22 at 10:09

Joao Parente

443
4
8

2

votes

1 answer

Authzforce - Existing GUI for policy administration (PAP)

I just started experiment with Authzforce Fiware following the docs. I made some RBAC scenarios following the examples given, using the RESTful interface provided. What I would like to know, is whether any User Interface to manage the Policy…

fiware xacml abac authzforce fiware-keyrock

asked Mar 27 '20 at 21:33

NickAth

1,089
1
14
35

2

votes

1 answer

XACML Authzforce PDP configuration in multiple policy files

I'm running XACML using the Authzforce PDP engine and a configuration pdp.xml file, that looks like:

authorization xacml abac pdp authzforce

asked Dec 24 '19 at 19:06

Jack Verhoosel

21
3

2

votes

1 answer

How can Fiware services and service paths be used in XACML rules?

We are looking into Keyrock + Wilma + AuthZForce to secure our FIWARE system running Orion and Quantum Leap. The entities in our system are under services and service paths. These are accessed with appropriate headers, namely Fiware-Service and…

fiware authzforce

asked Feb 13 '19 at 14:19

minimalisti

37
8

2

votes

1 answer

Monitoring Orion Context Broker to create new XACML rules

I would like to know if is possible achieve this work environment: I'm building a secure Orion Context Broker through PEP, PDP, PAP, etc. I would like that, in case of Orion stores an abnormal value for an attribute, an alert was sent (an email,…

fiware fiware-orion xacml abac authzforce

asked Jan 24 '19 at 15:15

Cristina V

117
7

2

votes

2 answers

Where to double-check attributes of the XACML-request against Attribute-Providers at the PDP?

I'm evaluation PDP engines and at the moment I give AuthzForce Core a try. Evaluating a Request by the PDP runs pretty solid so far: //My request and pdp configuration files File confLocation = new…

authorization xacml abac pdp authzforce

asked May 17 '18 at 10:16

OneWorld

17,512
21
86
136

2

votes

2 answers

AuthzForce XACML Response is Indeterminate

I am exploring Authzforce XACML3.0 and I have been running into issues. I keep getting my responses as indeterminate. Below is my setup and the Exception trace which it throws. Any help is appreciated. Request File:

java security authorization xacml authzforce

asked Jan 25 '18 at 12:22

Nishant

222
6
21

2

votes

1 answer

AuthZForce PDP not behaving as expected

I've extended a policy set to include a new policy, which means I've added targets to the policies to ensure that a request targets the right policy. here is the policy set xacml:

fiware xacml abac pdp authzforce

asked Jul 22 '17 at 17:01

Paul Pogonoski

35
3

2

votes

1 answer

XACML for Spring Cloud

I'm going to secure my Spring Cloud Application with OAuth2 and XACML (using AuthZForce, Balana, AT&T XACML or something similar). I want to use the microservices from Spring-Cloud(-Netflix). To make XACML available I think that I need this: PEP…

authentication spring-cloud spring-cloud-netflix xacml authzforce

asked Jun 22 '17 at 11:12

benkuly

1,144
10
28

1

vote

0 answers

Unable to use JWT token generated from Fiware Keyrock

For the Fiware security layer Keyrock version 8.0.0, Wilma version 8.0.0 and Authzforce version release-10.0.0 are configured. Keyrock generates a Bearer token that works properly for Orion authorization. But, the problem comes if I use a JWT…

fiware authzforce fiware-wilma fiware-keyrock

asked Sep 09 '22 at 16:30

dacak

60
5

1

vote

1 answer

How to import different policies inside OPA rego policy?

I am working on writing new rego policies. I have few rules defined in single policy file which I want to break into sub policy and import it. Something like this: A.rego package com.example import com.example.B.evaluate default allow:= false allow…

opa open-policy-agent rego authzforce

asked Sep 08 '22 at 09:44

Ajay Kedare

120
1
7

1

vote

1 answer

Using conversion-functions in XACML

Could you explain me please how I can use the conversion-functions from provided list of XACML for creating the Condition in Rule of Policy. For example that function. urn:oasis:names:tc:xacml:3.0:function:integer-from-string I'm using AuthzForce,…

authorization xacml abac alfa authzforce

asked Feb 02 '22 at 19:08

Horbatenko V.

11
2

1

vote

0 answers

How can I use subject-conflicts in a Authzforce request?

How can I use urn:oasis:names:tc:xacml:1.0:subject:subject-conflicts in a Authzforce request? The code below gives a red underline at XACML_1_0_SUBJECT_CONFLICTS. Do I miss an import or I'm a just using it the wrong way? final AttributeFqn…

java authorization xacml abac authzforce

asked Nov 19 '21 at 08:32

Steffinho

27
6

1

2 3 4 5 Next

Questions tagged [authzforce]