I've correctly installed a Wirecloud instance in my own server. I've added a Marketplace available at this address http://130.206.81.113/FiwareMarketplace/v1.
I can retrieve the data from Marketplace correctly, and I can see all available widgets but I can't install anyone of them.
The only button present on each widget is Details, but I need Install to use them in my workspace.
Can I solve this issue in any way?
Thanks in advance.
Currently, WireCloud only allows you to install components from a marketplace/store if you are using the same IdM server in all the services: the marketplace, the store and WireCloud. As you want to use the global instance of the Marketplace, you should use the FIWARE Lab's KeyRock instance (https://account.lab.fiware.org) for authenticating users in your WireCloud instance to be able to install components from the FIWARE Lab's Marketplace.
NOTE: The Marketplace GE and the Store GE are currently in support mode. The Business API Ecosystem GE is going to replace it, but it won't be released until summer 2016.
Related
We are new to VSTS and will be using the online service and integrating with our production Azure AD tenant. Since we do development that involves Office 365, this meant that we have both production and development Office 365/Azure AD environments. We understand that our authentication can only be tied to one of these (which is fine) but can we use VSTS to perform tasks against both environments (e.g. staging, deploy, etc.)? Are there certain things that do/don't work we should consider or are there other suggestions on how we would leverage VSTS across these environments as we take code tested against development to production? Thanks!
One option to do this would be using powershell and service principal authentication. No point in copy\pasting documentation so I'll leave a link.
https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authenticate-service-principal
You can also just authenticate to the API, get oAuth token and do pretty much anything with that. Not super straight forward, but can be done ;)
You can add multiple azure service endpoints, then deploy app through release, simple steps:
Refer to this blog: Automating Azure Resource Group deployment using a Service Principal in Visual Studio Online to manual configure Azure service endpoint (Manual Configuration section)
Create a Release Definition in vsts
Add environments (e.g. Staging, Deploy)
Add Azure App Service Deployment task for each environment
Specify corresponding Azure Subscription for these tasks
Our app (Meteor/NodeJS) is deployed in a docker container in Bluemix, and I'd like to add the Monitoring and Analytics service to the app. The documentation lists how to integrate it with a NodeJS app deployed directly to Bluemix, and also mentions how to integrate with a Ruby-based app. Seems like there should just be an npm package to install, but I see nothing in the docs on how to do this.
The Monitoring and Analytics Service is only for Cloud Foundry based Application in IBM Bluemix based on Java Liberty, Node.js SDK or Ruby. The buildpacks have additional configuration and components inside to enable integration with the M&A Service.
https://console.ng.bluemix.net/docs/services/monana/index.html#monana_oview
For IBM Bluemix Container Service with Docker you need to use the built-in Monitoring and Logging for Containers
https://www.ibm.com/blogs/bluemix/2015/11/built-in-monitoring-and-logging-for-bluemix-containers/
We want to use the FIWARE IdM, both Keystone and Horizon. Specifically during sign-up we want to
create a user
add that user to an organisation
authorise the user for an application
We have installed Keystone and Horizon using the latest KeyRock docker image on the docker hub.
When a new user signs up:
a 'cloud organisation' is created.
By default, the 'provider' and 'purchaser' roles are present
and the 'Store' application is assigned to the user (although i cannot verify this).
We can add the user to an organisation by hand, and authorise the user for an application by hand in the KeyRock UI.
However this does not make any sense for our local installation.
How can we prevent Horizon from creating the cloud organisation upon user sign-up?
How can we assign a default application authorization upon user sign-up?
-- Edit --
It’s becoming increasingly clear to me that the way KeyRock is implemented is primarily useful for setting up your own Fiware labs environment, as opposed to setting up a generic Identity management service. If we use KeyRock, we will be stuck with cloud organisations, stores etc. Far from being a Generic Enabler (GE), KeyRock seems to be a “Fiware Labs” specific enabler.
All the GE documentation references KeyRock as the reference Identity Management GE. Therefore we (and i assume others too) have followed the documented architecture and configuration to link to KeyRock from:
Wilma PEP Proxy GE
Wirecloud Application Mashup GE
Because of the inbuilt Fiware Labs functions of KeyRock, we are having a really hard time applying Wilma PEP Proxy and Wirecloud Application Mashup to our use cases.
If we decide to use Keystone instead, we will lose
OAuth2 support
Permissions
sign-up, admin and login screens.
Is anyone else having this problem?
How have they tackled it?
-- SCIM API --
Attempt at using the SCIM API is described here: Fiware KeyRock SCIM API bug: _check_allowed_to_get_and_assign() got an unexpected keyword argument 'userName'
We're developing a smart cities service and want to use KeyRock for our users authentication. We don't want to use existing FIWARE Lab instance though, but create our own. The FIWARE catalogue states:
It can be integrated with any development, specially with any Cloud service.
I would expect that KeyRock would be a generic component, that would allow us to add Single Sign-On authentication to our services. After KeyRock installation, however, I can see it's highly tied to FIWARE Lab:
there is a FIWARE Lab menu at the top,
I can see FIWARE-related content on logging in page,
as an admin I can set users' FIWARE Lab account type (trial, community).
Is my assumption, that KeyRock can be used outside of FIWARE Lab context correct? Is there a way to brand it to my own purposes and turn off the FIWARE Lab-related functionalities? Or should it only be used as a part of FIWARE Lab instance?
yes, the front end component (Horizon) is fixed to FIWARE look and field and FIWARE Lab user account policies. If you want to use it with your own GUI design you have to modify it yourself.
On the other hand the backend component (Keystone) can be used without changes as an "universal" idm.
BR
I want to use Identity Management - KeyRock GE in the FI-LAB portal (https://github.com/ging/fi-ware-idm/wiki/Using-the-FI-LAB-instance). It's said that this GE is already deployed on FI-LAB.
Can I use this GE just to control an access to my application or is there any other usage of this GE?
Also, how will it work (step-by-step) when a registered user wants to login into my application?
You have two options here. You can use the current instance of the IdM in order to offer you the authentitation and authorization or you can install your own instance of Keyrock. I recommend the first one in which you just need to create an account in the FIWARE Lab and use the keyrock to offer you security access to your applications. I think that you can go to this presentation Adding Identity Management and Access Control to your applications. in order to have deep details about the different steps that you have to follow to do the first scenario.