Unable to connect to Orion Context Broker using Wirecloud - fiware

I am new to FIWARE. I managed to install Orion Context Broker on my local system following the steps mentioned in the FIWARE website. I am able to use CURL commands to create entities and also retrieve values.
I have also installed Wirecloud on my local system and able to access Wirecloud UI from my browser.
But I am unable to display the entities on the Wirecloud widgets. I have tried all widgets including "NGSI Type Browser", NGSI Browser and NGSI Source operator.
All returning the same error: "ConnectionError: Unexpected response from WireCloud's proxy"
Please help me on how to proceed. My NGSI-proxy is also running and listening on port 3000. Screenshots attached.
enter image description here

Can you try to replace localhost with IP address of your machine running Orion and Ngsiproxy?

Related

Not able to login from admin to fiware-idm after docker installation

I am integrating wirecloud and fiware-idm. Installed both through docker successfully. However, after installing fiware-idm, i am not able to login from admin. username - admin#test.com password - 1234.
Everytime it redirect it to "ip:3000/auth/login". Do I have to make any other configuration in wirecloud or fiware-idm?
Also, even after entering wrong credential, it redirects me to /auth/login and does not display any error message.
My wirecloud, fiware-idm and mysql database are in different containers. Is this can be the issue?
IdM should be deployed on production to be used by WireCloud. That is, you should configure the IDM service using public domains names, using https, and so on... Seems you are creating a local installation, so you should deploy some workarounds. Well, some of those requirements are not enforced by WireCloud, so it should be enough by ensure you use a domain name for accessing the IdM.
You can simulate having the idm server configured using public domains by adding the proper value to /etc/hosts (See this link if you are running windows), the correct value depends on how did you configured the IdM service. So, the idea is to ensure the domain used for accessing the idm resolves to the correct ip address both in the WireCloud container and from your local computer. We can provide you more detailed steps if you provide us more details about how are you launching the different containers.

Connection refused by NGSI-Proxy

Using the last version of ngsi-proxy to make Orion related wirecloud components work I get the following error when configuring my Orion Source component:
2fb0de97f49a.js:1737 GET http://localhost:3000/eventsource/12caae10-30eb-11e7-95ac-d72bca8f4488 net::ERR_CONNECTION_REFUSED
My configuration of the component is the following:
And I am running both Orion Context Broker (v1.7) and Wirecloud (v1.0) running locally. Version of the Orion Source operator is the latest I have found (3.0.7). No security is configured.
Could anyone help me to figure out what I am doing wrong?
The problem was that the ngsi-proxy didn't answer properly. I solved by using the public ngsi-proxy: https://ngsiproxy.lab.fiware.org (as it comes by default).

How to connect with mongoOrion database?

I want to connect to MongoDB by GUI manager e.g 3T MongoChef, MongoDB Compass,Robomongo,MongoBooster.
I use windows.
How to connect with mongoOrion database by GUI manager?
As far as I understand (althoug I don't know 3T MongoChef, so I may be wrong) MongoChef is expecting the URL of a MongoDB endpoint. However, you have provided the URL of the Orion Context Broker endpoint (i.e. the NGSI REST API).
You should use the URL endpoint correspondign to the MongoDB instance used by Orion. By default Orion uses the MongoDB instance running at localhost (i.e. the same host where Orion runs) on default mongo port (i.e. 27017). That default can be overriden using the -dbhost CLI parameter.

Connection to AWS Database fails with Mule app in Runtime Manager

I've recently created a Mule application (3.7.0 CE) on a laptop. I'm connected to an AWS RDS instance when running locally in AnyPoint Studio using Maven. I started with a local MySQL DB and migrated it to AWS because my application "proofofconcept" is just that a proof of concept and I would like to show the application online (public url) instead of my laptop for a presentation. I added the database.url=... property to the application properties when I deployed to Anypoint Runtime Manager in the cloud. I'm currently getting a:
communications link failure
I've tried several things and nothing has worked. I tried a basic database connection first in the database config. And, then I created a JDBC datasource in Spring-beans. Both methods worked locally and in-communication with AWS (remote). When I deploy to Runtime Manager, the application deploys. And, I get the console that's generated runtime by the RAML. When I call a url e.g. api/v1/orders it runs and runs and after timeout provides the communication error.
Does anyone 1) know if the communication is allowed? 2) know how to fix this? I would like to demo the POC online for my client.
Thanks in advance
My issue was with Amazon VPC and the default security group assigned to my RDS instance. By default all outbound activity is set to any protocol and any port for any ip (0.0.0.0/0). Inbound routing, however was specifying only port 3306 but also a custom using-ip that was my home network public ip. I changed the ip specification to be 0.0.0.0/0. This now mean's that any ip can send a request though port 3306 to my Amazon MySQL instance.

How to configure the Fiware PEP WILMA proxy to use a Keyrock and Orion instance on my own servers

I've spent most of the day trying to configure the Fiware PEP proxy Wilma to secure an Orion Context Broker i have running on a development server. The documentation here: http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/PEP_Proxy_-Wilma-_Installation_and_Administration_Guide is not clear.
Here is my setup:
A Fiware Keyrock instance running on server1, port 3000
A PEP Proxy running on server 1
An Orion Context Broker running on server2, port 1026
The manual states to edit the config.js script. Here is what i changed (Stackoverflow prevents me from entering url's so replace http.. with http:)
config.account_host = 'http..//localhost:3000';
config.keystone_host = 'http..//server1';
config.keystone_port = 3000;
config.app_host = 'server2';
config.app_port = '1026';
config.username = '***** username of the user in Keyrock *****';
config.password = '***** password of the user in Keyrock *****';
Here is the error
~/fi-ware-pep-proxy$ node server.js
express deprecated app.configure:
Check app.get('env') in an if statement server.js:30:5 Starting PEP proxy. Keystone authentication ... Error in keystone communication
Error: getaddrinfo ENOTFOUND
at errnoException (dns.js:37:11)
at Object.onanswer [as oncomplete] (dns.js:124:16)
My Orion and Keyrock instances are up and running. I can query them with curl or a browser.
I really have no idea what i should be filling in the config.js to get this set up.
I hope this helps. We are working on deploying some of the Generic Enablers, included IdM, Wilma PEP and Orion among others using docker and docker-compose.
This environment, called Fiware-devguide-APP is actually under construction, but you can test's the environment (already working) and also check our configuration here.
We are updating all the documentation!
For this, we have the images here.
Docker and docker-compose are required.
If you already have them, to start all the apps integrated in Devguide, you just have to clone the repository:
git clone https://github.com/Bitergia/fiware-devguide-app.git
And then run docker-compose using the .yml file in the fiware-devguide-app/docker/compose:
docker-compose -f docker-compose.yml up -d
So you will have up all the containers! Finally, add the ip of the devguide container (compose_devguide_1) to your /etc/hosts and you will be able to browse it :)
Explanation:
We've went through several configurations for this. I assume you are interested in IdM and Wilma PEP, so here it goes what we did:
We've installed a IdM GE from the scratch providing the users, roles, and permissions desired. Here you can find what we added at test_data method:
We've added test users
Couple organizations
Our app
Roles for the application
And permissions for the actions
Note that all those provision could have been done also using Keystone REST API
Also here you can find the Dockerfile i.e. how it has been installed.
We've installed an Authzforce for the role management as explained in the tour guide. You will need it as wilma-pep will send the PDP requests to validate requests against the resource protected.
Finally the PEP Wilma. Here you can find the configuration files.
How does it work?
Here goes the trick. Let's assume the env Authzforce (Access Control), IdM, PEP Wilma, Orion (the app to be protected) and the devguide. As we use docker-compose, all this steps are done almost at the same time! :)
In authzforce, we need to create a domain as stands in the documentation, and we do it here.
The script itself retrieves the domain ID and, it parses the config.js file of the PEP Wilma in this line using the right path.
The config.js is simple:
account_host and keystone_host are in the same container 'idm'. Docker-compose handle this by adding aliases to the /etc/hosts of each container, which makes the process much easier and we don't need to handle the IP's ourselves.
app_host and app_port are the IP and port of the app to protect, in our case is 'orion'!
config.username and config.password. We've created a user 'pepproxy' in the provision we explained before, exactly here. (Note that this user must have domain roles assigned in order to work, as done here).
And the azf configuration, which contains also the 'authzforce' host and where the path is parsed as explained before.
Adding the authzforce configuration to IdM and PEP (i.e. domain)
Get an Oauth2 token as it explains here.
Finally, with this token and everything running, you can open the compose_devguide_1. It has different resources that can be reached depending on the roles you have assigned at IdM. For example, 'user0#test.com' can access to all the resources, meanwhile the other one can access just to the restaurants.
Hope I was clear enough.
Best!
right now requests from PEPs are not directly sent to the IdM. They uses an Openstack compliant server (Keystone Proxy). So if you want to use it you have to install also this component. Any way in two weeks we are going to change this behaviour.
Hope this helps
We are installing a Fiware enviroment in a local machine; we pretend to have an orion context broker with a Keyrock idm instance. We understand that we need to use a Pep Proxy in order to check the tokens of the requests to the orion context broker. We use Keyrock idm, so we are wondering whether we can do this or not. Is there any way to use them now without installing anything else or we are supposed to install de keystone proxy too?
This is the keystone proxy that we have found:
https://github.com/ging/fi-ware-keystone-proxy
If this is the case; How do we have to configure the pep proxy? Where do we have to put the data to connect to the Keyrock idm and where are we supposed to indicate the keystone information?
new versions are ready. Now you only need Keyrock and PEP Proxy. As explained here validations go directly to IdM. Hope this helps.