We use proprietary and third party´s cookies to improve your experience and our services, identifying your Internet Browsing preferences on our website; develop analytic activities and display advertising based on your preferences. If you keep browsing, you accept its use. You can get more information on our Cookie Policy
Cookies Policy
Ask Your Question

Problems creating a domain in Fiware AuthZforce Authorization Server

asked 2016-01-26 05:12:06 +0100

michele gucciardo gravatar image

updated 2016-01-26 10:41:24 +0100


I'm developing an authentication/authorization scheme, based on Oauth 2.0, using the Fiware Enablers: Keyrock IdM, Wilma Proxy and AuthZForce authorization server.

I installed and configured Keyrock and Wilma and they work fine together. I'm actually having problems with AuthZForce. I followed the installation guide but I can't actually create a domain with curl:

curl --verbose --trace-ascii - --request POST \
--header "Content-Type: application/xml;charset=UTF-8" \
--data '<?xml version="1.0" encoding="UTF-8"?><taz:domainProperties xmlns:taz="http://authzforce.github.io/rest-api-model/xmlns/authz/4"> <name>MyDomain</name><description>This is my domain.</description></taz:domainProperties>' \
--header "Accept: application/xml" http://${MYSERVERHOST}:${MYPORT}/authzforce-ce/domains

I got the following error:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><ns2:error xmlns:ns2="http://authzforce.github.io/rest-api-model/xmlns/authz/4" xmlns:ns3="http://www.w3.org/2005/Atom" xmlns:ns4="http://authzforce.github.io/core/xmlns/pdp/3.6" xmlns:ns5="http://authzforce.github.io/pap-dao-file/xmlns/properties/3.6"><message>Invalid parameters: cvc-complex-type.2.4.a: Invalid content starting with "name". Invalid content was found starting with element "name". An element "{description, rootPolicyRef}" is expected.</message></ns2:error>

It seems to be an xml validation error. I tried to access the AuthZforce API but the link in the the programmer's guide gives a 404 error.

Can anyone suggest how to fix this issue?

edit retag flag offensive close merge delete

1 answer

Sort by » oldest newest most voted

answered 2016-01-27 07:44:24 +0100

Hello, There was indeed an error in this part of the Installation guide (v4.4.1). Now fixed in v4.4.1a. Please try again using this version.

The link in the programmer guide is also fixed in v4.4.1a.

-- Cyril, Authzforce team

edit flag offensive delete link more


Hi Cyrill, thanks for reply. Now it works. I have another issue about the domain. After creation it doesn't contain the /pap and /pdp directories needed. I tried to create them manually but Keyrock isn't still able to "write" policies in AuthZForce. What is the correct procedure to achieve this?

michele gucciardo gravatar imagemichele gucciardo ( 2016-01-28 08:07:06 +0100 )edit

Hi, could you find out the HTTP request KeyRock is doing on AuthZForce API for "writing" policies, and the error in response? I think it is not using the new API. Also the output of a HTTP GET request on the /domains/{domainId} (replace {domainId} with your actual domain ID) ? Thanks.

cdangerville gravatar imagecdangerville ( 2016-02-04 05:09:53 +0100 )edit

Yes I thought that Keyrock was using an old API. I also modified Wilma Proxy to correctly parse responses from AuthZForce. I saw that a new version of Keyrock has been released, so I'm going to install the latest version and I will come back here to post new errors (if present). Thanks for reply.

michele gucciardo gravatar imagemichele gucciardo ( 2016-02-04 08:59:30 +0100 )edit
Login/Signup to Answer

Question Tools

1 follower


Asked: 2016-01-26 04:15:57 +0100

Seen: 3,127 times

Last updated: Jan 26 '16