PEP Proxy Wilma GE. FIWARE Academy Course
Lesson 1 - Introduction
Video at https://edu.fiware.org/course/view.php?id=131
Álvaro Alonso
UPM-DIT. Security Chapter
FIWARE Academy
https://edu.fiware.org
http://fiware.org
Strategies of Urban Morphologyfor Improving Outdoor Thermal Comfort and Susta...
Wilma - Lesson 1 - Introduction
1. PEP Proxy - Wilma GE
Lesson 1 - Introduction
Álvaro Alonso. UPM – DIT
Security Chapter. FIWARE
aalonsog@dit.upm.es, @larsonalonso
2. Contents
1. Why to use Wilma GE
2. Security levels
3. Related GEs
4. Course lessons
5. Documentation
3. Why to use Wilma GE
Public Backend Service
REST API
REST Client Other services
HTTP request
Web App
User 1 User 2
4. Why to use Wilma GE
Backend Service
REST API
REST Client Other services
HTTP request + TOKEN
Web App
Wilma
User 1 User 2
5. Security levels
• Level 1: Authentication
– Check if a user is a registered user
• Level 2: Basic Authorization
– Check if a user has permissions to access a resource
– HTTP verb + resource path
• Level 3: Advanced Authorization
– Check if a user has permissions to access a resource
– Custom XACML policies
6. Related GEs
• Identity Management – Keyrock
– To retrieve the tokens that represent a user
– To check authentication
• Needed knowledge
– How to register an application
– How to manage roles and permissions
– How to create an OAuth2 token
– How to manage organizations
• Course available
– https://edu.fiware.org/course/view.php?id=79
7. Related GEs
• Authorization PDP – AuthZForce
– Policy Decision Point
– Policy Administration Point
– To check authorization
• Needed knowledge
– XACML concepts
• Course available
– https://edu.fiware.org/course/view.php?id=57