search

Engineering-Research-and-Development / true-connector

TRUE (TRUsted Engineering) Connector for the IDS (International Data Space) ecosystem
GNU Affero General Public License v3.0
25 stars 13 forks source link

Question about DAPS integration #9

Closed spicoflorin closed 3 years ago

spicoflorin commented 3 years ago

Hello! As far as I know, Dynamic Attribute Provisioning Service acts as an authentication/authorization mechanism for IDS Connectors.

In order to achieve this functionality, (per my newbie understanding) we need: a) device certificates b) connector certificate

In https://github.com/Engineering-Research-and-Development/true-connector/blob/main/.env I found the following configuration:

DAPS_KEYSTORE_NAME=eng-keystore.jks
DAPS_KEYSTORE_PASSWORD=password
DAPS_KEYSTORE_ALIAS=1
#TRUSTORE (used also by IDSCP2)
TRUSTORE_NAME=server.truststore.p12
TRUSTORE_PASSWORD=changeit

Unfortunately, in https://github.com/Engineering-Research-and-Development/true-connector/tree/main/ecc_cert, I could not find the mentioned certificates.

It will be very helpful to add some documentation and support on how to cope with these aspects. Thank you.

gabrieledeluca commented 3 years ago

Hello Florin, the DAPS certificate should be provided by an Identity Provider. Currently, we support AISEC, AISECv2, and Orbiter Identity Providers.

Anyway, only for testing purposes, you can disable the DAPS interaction setting the property application.isEnabledDapsInteraction to false (in the application.properties file).

Best Regards, Gabriele