This topic contains 2 replies, has 2 voices, and was last updated by  pinku 3 months, 2 weeks ago.

  • Author
    Posts
  • #22978
     pinku 
    Participant

    Hi,

    I have created a new managed object called ‘entity’ and created one record for it.

    I have created one new internal user(restReadAdmin) and one new internal role(readrole). restReadAdmin now has the only readrole role.

    have mofified the access.js as below
    {
    “pattern” : “managed/entity”,
    “roles” : “readrole”,
    “methods” : “read”,
    “actions” : “*”
    }

    Now when I try to get the managed object I get access denied as below

    curl \
    –insecure \
    –header “X-OpenIDM-Username: restReadAdmin” \
    –header “X-OpenIDM-password: Password@123” \
    –request GET \
    ‘https://localhost:8443/openidm/managed/entity/?_queryId=get-by-field-value&field=entityID&value=testentityID’

    {“code”:403,”reason”:”Forbidden”,”message”:”Access denied”}

    However, if I change the methods for read to * like below, it does return the record and works.
    {
    “pattern” : “managed/entity”,
    “roles” : “readrole”,
    “methods” : “*”,
    “actions” : “*”
    }

    Any idea why it fails, it fails even if I give all the methods there, works only for *.

    • This topic was modified 3 months, 2 weeks ago by  pinku.
    #22980
     patrick.hagen@kit.edu 
    Participant

    Does “all the methods” contain “query”?

    I suppose methods should be “read,query”.

    #22983
     pinku 
    Participant

    Thanks Patrick, awesome, that works.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2018 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?