I am trying to setup S3QL with Object Storage GE and there seems to be only one piece of information missing.
I successfully installed S3QL thanks to this pretty good tutorial: https://dmsimard.com/2014/09/29/s3ql-a-filesystem-over-http-with-swift/
Now I am stuck when trying to mount an object-container 'test' that I created in region 'Lannion2'.
The URL-syntax requires a 'region' to be defined (swiftks://<hostname>[:<port>]/<region>:<container>) but I have no clue how this maps to the fiware-stack. When trying the following command, s3ql seems to succeed in connecting and authenticating with Keystone but cannot find the region.
mkfs.s3ql swiftks://cloud.lab.fiware.org:4730/Lannion2:test --backend-options no-ssl
Enter backend login:
Enter backend passphrase:
Results in:
No accessible object storage service found in region Lannion2 (available regions: )
Unfortunately no available regions are listed in the response. Authentication works correctly as mistyping login or passphrase results in an authentication-error.
Is there any documentation about the naming of regions in keystone/fiware cloud?
Authenticate to keystone via:
Post http://cloud.lab.fi-ware.org:4730/v2.0/tokens with Content-type application/json and Body: {"auth": {"passwordCredentials":
{"username": "", "password": ""}, "tenantId":"***"}}
In the response, you should receive a list of endpoints, including a swift endpoint. There should be an entry there that looks like:
{"adminURL": "", "region": "Lannion2", "internalURL": ":8080/v1/AUTH_", "id": "", "publicURL": "/v1/AUTH_"}
Related
We are working on providing access to BIM 360 projects programmatically. We allow project admin to select user and role combination to provide access to BIM 360 project.
Once user and role combinations are added, we call import users BIM 360 API and pass the required JSON body. API Reference: https://forge.autodesk.com/en/docs/bim360/v1/reference/http/projects-project_id-users-import-POST/
There is service access associated with each role. So we are passing the service access information accordingly.
We are able to give access to document_management and project_administration service objects.
But we need to also give access to Project Management, Insight and other available services. If we pass insight or project_management service name we get error as
Invalid services ["project_management"]
and similar error for insight service.
We are passing below sample JSON body:
[
{
"email": "userEmail",
"services": {
"document_management": {
"access_level": "admin"
},
"project_administration": {
"access_level": "admin"
},
"project_management": {
"access_level": "admin"
}
},
"company_id": "companyId",
"industry_roles": [
"roleid1",
"roleid2"
]
}
]
If we remove project_management object from above JSON, the access works fine.
How can we provide access to these and other available services? or are we missing something?
Thank you!
Unfortunately, it's a known limitation of Admin API :-( although it is a high demanded feature.
We have a wish logged against it:
ACSADMIN-530 (was HQ-3034): “API wish: adding users beyond Docs”
Sorry for the bad news.
I live in an enterprise environment where most of our production domains are currently non-routable (e.g. .local).
I tried extending the schema but since the non-routable cannot be verified and the default .onmicrosoft I don't think could either. My enterprise allows me to easily create subdomains so I attached it and verified for testing purposes and ran into the same verified domain error.
Per the documentation, I should be able to either us the ID of my domain name or just the scheme name and get 8 random-alpha-chars added. Neither approach works in this case.
POST: https://graph.microsoft.com/v1.0/schemaExtensions
{
"id": "idmdomain.sub.domain.net_Owners",
"description": "Owners of the group",
"targetTypes": [
"Group"
],
"properties": [{
"name": "PrimaryOwners",
"type": "String"
},
{
"name": "SecondaryOwners",
"type": "String"
}
]
}
Message Received:
{
"code": "BadRequest",
"message": "Your organization must own the namespace idmdomain.sub.domain.net as a part of one of the verified domains.",
"request-id": "1c7363f9-d54b-408a-8b29-2c0d2a94280a",
"date": "2018-03-22T21:47:22"
}
From the documentation:
If you already have a vanity .com,.net, .gov, .edu or a .org domain that you have verified with your tenant, you can use the domain name along with the schema name to define a unique name, in this format {domainName}_{schemaName}.
For example, if your vanity domain is contoso.com, you can define an id of, contoso_mySchema. This is the preferred option.
So in your example, idmdomain.sub.domain.net_Owners should simply be domain_Owners. It shouldn't include idmdomain, sub, net or any ..
Thank you Marc for pointing me in the correct direction. Even though my app had the correct delegated permissions (Directory.AccessAsUser.All) I now understand that I needed to execute this change in the user context instead of application as application is not supported.
For those that come behind me {domainName}_{schemaName} works if you validate your domain, if dont and you just leave schemename then the generated guid works as documented. I recommended reviewing the two links below as they were what finally unlocked the puzzle for me.
Helped me understand how this is working (authentication vs authorization)
https://developer.microsoft.com/en-us/graph/docs/concepts/rest
Helped me setup postman to quickly validate
https://blogs.msdn.microsoft.com/softwaresimian/2017/10/05/using-postman-to-call-the-graph-api-using-azure-active-directory-aad/
I should add for the postman route, a few changes...
Auth URL
https://login.microsoftonline.com/yourtennantid/oauth2/authorize?resource=https%3A%2F%2Fgraph.microsoft.com
Access Token URL
https://login.microsoftonline.com/yourtennantid/oauth2/token
Scope = Directory.AccessAsUser.All
I am beginner to go language. I have downloaded this project (https://github.com/goadesign/goa-cellar) and ran it in local environement. It works well when I make post,get,list calls using goa-cellar client.
Steps:-
go get github.com:goadesign/goa-cellar.git
goagen bootstrap -d
goa-cellar/design go build
Server:-
Start Server -> /.goa-cellar
Following are the sample requests which works well for me using goa-cellar client:
Client:-
Create a account -> ./cellar-cli create account /cellar/accounts --payload '{"name": "test"}'
List account -> ./cellar-cli list account
Show account -> ./cellar-cli show account /cellar/accounts/1
I want to make above request using curl or via Postman (chrome addon) or browser add on. How can I do it ?
I have tried the following:-
1. Create account
Method: POST
URL:- http://localhost:8082
Request body: {"name": "test"}
Request headers:- Content-Type: application/json
Response:-
{
"code": "not_found",
"status": 404,
"detail": "/"
}
Server log:-
INFO[06-23|19:08:25] started req_id=RQLpC8kzbF-2 POST=/ from=127.0.0.1 ctrl=<unknown> action=<unknown>
INFO[06-23|19:08:25] payload req_id=RQLpC8kzbF-2 raw=null
INFO[06-23|19:08:25] completed req_id=RQLpC8kzbF-2 status=404 error=not_found bytes=47 time=97.542µs
Just make sending data to the right HTTP API endpoint, in your case, instead this /, need use to cellar/accounts (http://localhost:8082/cellar/accounts)
By POST you make saving data and by GET + id - retreive data.
Look at README for detail info for using this project.
When using the Object Storage GE node.js connector implementation from https://github.com/arvidkahl/fiware-object-storage we encounter the problem "no tenants available". We tested with two different community accounts where we first set up an object container within the fiware cloud.
We are able to Receive an Auth Token and get a connection established message, but then we do not get the tenant ID i think. has anyone experienced something like that and can help or give us a better understanding of what is going wrong here?
we installed the fiware-object-storage with npm install fiware-object-storage.
this is our connection code:
var fiwareObjectStorageConfig = {
auth : conf.fiware.auth_url, // IP of the Auth Services, likely "cloud.lab.fi-ware.org"
url : conf.fiware.object_storage_url, // IP of the Object Storage GE -> "cloud.lab.fi-ware.org"
user : conf.fiware.user, // Your FIWARE account email
password : conf.fiware.password, // Your FIWARE account password.. i know.. no comment.
container : conf.fiware.container // Whatever container you want to connect to
};
var fiwareObjectStorage = require('fiware-object-storage');
fios = fiwareObjectStorage(fiwareObjectStorageConfig);
fios.connectToObjectStorage(function() {
console.log(fios.getFileList());
});
This library is a third party library and it is not an official FIWARE implementation.
As you said, there is a problem with this library. I have tested and it needs some fixes. I could not reproduce your error with my account but I have another one while getting file list.
The best option is waiting for their developers to improve that simple library like select Tenant in config file. By now it takes the first tenant on the list.
This is my config file to access Spain2 object store:
fiwareObjectStorageConfig = {
url : '172.32.0.144',
auth : 'cloud.lab.fi-ware.org',
container : 'myContainer',
user : "", // Your FIWARE account email
password : "" // Your FIWARE account password.
};
What I'm trying to do is to get JSON data (whatever it is just make sure I can get anything is ok) from Rallydev without login to make sure that Rallydev is on. I tried several ways, but each way requires a username and password. Would anyone provide a URI for this? Thank you, Guys. Anything you give would be appreciated.
String url = "link";
Client client = Client.create();
WebResource webResource = client.resource(url);
String s = webResource.get(String.class);
try {
// check if RallyDev service is up
if (s.contains("Hello it is now "))
_log.information("RallyDev is working... at " + new Date());
} catch (Exception e) {
_log.error(ErrorCodeEnum.INTERNAL_ERROR, "RallyDev service might be down!!! in " + new Date(), e);
}
Ok, so whether it's Jersey client or plain old HTTP GET against Rally, I'm coming back to my original comment that developing a Java app to do this is a bit overkill. You could accomplish the same thing with a one-line curl command in Linux:
curl -u 'rallyuser#company.com:rallypassword' https://rally1.rallydev.com/slm/webservice/1.33/hierarchicalrequirement.js?pagesize=1
A valid (Rally is up and responding) response to this might look like:
{"QueryResult": {"_rallyAPIMajor": "1", "_rallyAPIMinor": "33", "Errors": [], "Warnings": [], "TotalResultCount": 84, "StartIndex": 1, "PageSize": 1, "Results": [{"_rallyAPIMajor": "1", "_rallyAPIMinor": "33", "_ref": "https://rally1.rallydev.com/slm/webservice/1.33/hierarchicalrequirement/12345678910.js", "_refObjectName": "My Story Name", "_type": "HierarchicalRequirement"}]}}
Looks like you're using Jersey Client to setup a REST connection in Java. Are you really needing to do this without providing credentials? You'll need to pass credentials of some sort as any query-able endpoint in Rally is going to require HTTP Basic Authentication.
If you are looking for the appropriate REST syntax and endpoints to formulate a valid query, you may wish to look at our Webservices API documentation on REST queries:
https://rally1.rallydev.com/slm/doc/webservice/rest.jsp
As an example, a valid REST URL to do a query and get back JSON-formatted results is as follows. A GET against the following sample URL queries user stories owned by user: user#company.com:
https://rally1.rallydev.com/slm/webservice/1.33/hierarchicalrequirement.js?query=(Owner = "user#company.com")&pagesize=1
This would return the first matching User Story.
A simple example of accessing Rally REST services in Java is here:
http://www.rallydev.com/help/basic-rest-client-operations-java
And a full (alpha-release) Java REST API toolkit for Rally is here:
http://www.rallydev.com/developer/java-toolkit-rally-rest-api
All of the above seems like a bit overkill for just finding out if the Rally service is up. You can subscribe to Rally's status updates via RSS at http://status.rallydev.com as a good way to stay apprised of system status information.
I hope this helps - if the answer is off-target, please provide some further clarifying comments and we'll do our best to answer.