backeb
commented
3 years ago @maricaantonacci any movement on this issue? cc @gdonvito
Closed backeb closed 3 years ago
backeb
commented
3 years ago @maricaantonacci any movement on this issue? cc @gdonvito
sebastian-luna-valero
commented
3 years ago Hi All,
I am also a member of https://operations-portal.egi.eu/vo/view/voname/aquamonitor.c-scale.eu and when I log into http://cloud.recas.ba.infn.it I don't see the aquamonitor project in OpenStack, or at I don't have access to it either.
Best regards, Sebastian
maricaantonacci
commented
3 years ago Hello all, I've been investigating the problem and I think it was due to a wrong mapping in keystone. Indeed, based on my past experience, I used the eduperson_entitlement claim value "urn:mace:egi.eu:group:aquamonitor.c-scale.eu:role=member#aai.egi.eu" (built using the VO name) whereas I've found that the value passed by EGI-checkin is "urn:mace:egi.eu:group:group:aquamonitor:role=member#aai.egi.eu". I've tested the new configuration and it seems to work now. @backeb @sebastian-luna-valero Can you please try and let me know in case of problems?
sebastian-luna-valero
commented
3 years ago Thanks @maricaantonacci, it works for me now!
backeb
commented
3 years ago @maricaantonacci it works for me now as well.
Hi @maricaantonacci,
Regarding access to INFN-Cloud-BARI OpenStack (cloud.recas.ba.infn.it), when I follow the link and select
aai.egi.eu/oidc/, I get the following error after logging in via EGI Checkin:{"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}Please advise.
https://github.com/c-scale-community/use-case-aquamonitor/issues/4#issuecomment-851539390