Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "BaSyx / Documentation / Components / Registry / Features / Authorization"
< BaSyx | Documentation | Components | Registry | Features
(Created page with "= Authorization = == User Story & Use Case == ''As AAS Components user'' ''I want to authorize access on AAS & Submodels descriptor data contained in the AAS Registry ''so t...") |
(No difference)
|
Revision as of 02:42, 29 November 2022
Authorization
User Story & Use Case
As AAS Components user
I want to authorize access on AAS & Submodels descriptor data contained in the AAS Registry
so that I can store sensitive data and prevent its unauthorized access.
This feature enables AAS components user to secure the AAS & Submodels descriptors stored on the AAS Registry component.
Feature Overview
An example for the authorization can be found in the scenario with Keycloak.
Feature Configuration
Authorization is disabled by default. Basic authorization can be configured in the aas.properties:
aas.authorization=Enabled aas.authorization=Disabled
The JWT connectivity can be configured in the context.properties, e.g. by
jwtBearerTokenAuthenticationIssuerUri=http://127.0.0.1:9006/auth/realms/basyx-demo jwtBearerTokenAuthenticationJwkSetUri=http://127.0.0.1:9006/auth/realms/basyx-demo/protocol/openid-connect/certs jwtBearerTokenAuthenticationRequiredAud=basyx-demo