The default dat file does not restrict the access to the secure resources. In fact, the Led resource is not even defined in the default dat file.
I have verified that there is no issue with the json2cbor tool as I converted the dat file back to json and compared its content to the original json file. Thank you very for your reply. I hope others could contribute to help me out on this issue. Thanks, -Rami ________________________________ From: Muhammad Mushfiqul Islam <[email protected]> Sent: Wednesday, June 14, 2017 8:56:26 PM To: rami alshafi Cc: iotivity-dev at lists.iotivity.org Subject: RE: Re: [dev] Help needed with resource secure restricted access Hello, Have you tried with the default dat file? For me, the default dat file works fine. Probably there is a problem in the conversion app(json2cbor) A patch have been submitted for json2cbor: https://gerrit.iotivity.org/gerrit/20539/ Can you please try with this patch? I will also try with this patch when I have time. - Thanks & Regards, Mushfiqul Islam Antu --------- Original Message --------- Sender : rami alshafi <rami_in_portland at hotmail.com> Date : 2017-06-15 05:04 (GMT+6) Title : Re: [dev] Help needed with resource secure restricted access To : null<iotivity-dev at lists.iotivity.org> I have not received any replies. i would appreciate any help in this regard. Thanks, -Rami ________________________________ From: iotivity-dev-bounces at lists.iotivity.org <iotivity-dev-bounces at lists.iotivity.org> on behalf of rami alshafi <[email protected]> Sent: Wednesday, June 7, 2017 2:55:22 PM To: iotivity-dev at lists.iotivity.org Subject: [dev] Help needed with resource secure restricted access Hi Developers, I need help restricting access to a secure resource. I am running the sampleserver_justworks secure server application with a secure led resource that can run without issues with anonymous subjects. However, when I restrict the access of the secure led to a specific subject uuid then I can no longer access the secure led resource even though the client application has its subject uuid matching the one allowed by the access control entry hosting the secure led resource. I keep getting "OS_STACK_UNAUTHORIZED_REQ" response. I have attached the json files that I used to after converting them to cbor along with the text copy of the code of both applications and the logs. I would appreciate the help. From what I can tell, the problem seems to be when the IsRequestFromDevOwner() function (in policyengine.c) returns false because the requestInfo.info.identity.id is not updated with the client's subject uuid which is what the Policy Engine uses to update its context and eventually used to compare it with the allowed subject uuid defined by the ACE hosting the secure led. Another theory is that the fact the communication channel is not secure because the CA_SECURE is not set, which I have no idea how to set. If anyone know how to set it to true, please let me know. Thanks _______________________________________________ iotivity-dev mailing list iotivity-dev at lists.iotivity.org https://lists.iotivity.org/mailman/listinfo/iotivity-dev [cid:cafe_image_0 at s-core.co.kr] -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20170615/e6664edd/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: ATT00001.gif Type: image/gif Size: 13402 bytes Desc: ATT00001.gif URL: <http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20170615/e6664edd/attachment.gif>
