Ok so here is what I've got:
Setup local fabric using docker compose.
Deployed business network with basic acl, created and enrolled participants, as well as assets using admin id and secret.
composer-rest-server using participants id and secret.
Can still see asset (despite DENY acl) in explorer.
I've posted the .bna and verification steps in github.
https://github.com/wajid-poernomo/sample-business-network
Be great to get some input here as there seem to be lot's of contributors who treat acl as a given. Many thanks in advance.
In summary, the problem was due to not having an attribute set on membership services as described here.
"composer network ping" won't show the participant after "composer identity issue"
Related
We have recently integrated MS teams API so that clients can directly schedule their meetings from our dashboard. The integration worked fine and everything worked when we tested internally. Now however when clients tried to use this integration, they are facing issues.
When they are taken to authorization screen and they approve the request, it says "Sorry, but we're having trouble with signing you in"
and the Troubleshooting details says:
Application with identifier was not found in the director. This can happen if the application has not been installed by the administrator of the tenant...
I've attached screenshot here. The permission/scope we are using are: OnlineMeetings.ReadWrite, offline_access
I already asked this question on MS forum but didn't get any answer there yet. Adding link here: https://learn.microsoft.com/en-us/answers/questions/339273/ms-teams-integration-tenant-administrator-permissi.html
To access the application for other organisation, you need to enable the multi tenant configuration in application registration.You need to enable the multi tenant in azure where you have registered your application. Please check this document for more info.
I've been following Microsoft's Teams C# tutorials found here, and have been successful for the most part. However, I cannot seem to get my app to work when I host the messaging endpoint myself rather than via their Azure service, which is not an option for me ultimately as the pricing is outrageous for what we need it to do.
I'm hosting the endpoint myself by publishing the sample project and ensuring it's externally available via HTTPS. I can access a custom tab within Teams, so I know that it's online, it's just the messaging endpoint that seems to fail with an "unable to reach app" error when I try and use the messaging extension via a chat window.
When debugging using dev tools, I get 502 error: Bot returned unsuccessful status code Forbidden, error code 1008. Every potential solution I've seen for similar issues hasn't worked for me thus far, though I still feel like it's something incredibly obvious. Are there special steps that need taking when hosting the endpoint yourself? The docs do a very lousy job of explaining the process, probably because Microsoft want you to pay to host the app on Azure.
This is usually caused by the app id / app key not being registered or used correctly in your app, so it's not authenticating to the bot framework service properly. Where/how you do that depends a bit on what sample code / project template you started with, but it's usually somewhere in a .config file (or previously in a .bot file).
The information that you need will be in:
App Id: The Bot Settings page in Azure
App Key: from the Bot settings page, where you got the AppId above, it links to the App registration itself - within there you'll find the section on keys, and you can create a new key (if you've lost the original one)
I know it's generally an error when AppID validation fails. The bot app requests Azure AD to verify the identity.Could your web server access to Azure AD? If you deny to access to outbound with firewall, you should allow Azure IP range.
Turns out it was purely a network issue, that as of yet we still haven't actually figured out. But we tried hosting the app elsewhere and it was fine. That's my recommendation if anyone else has the same problem!
I am trying to build a mobile application working against a blockchain network. The thing i am not understanding is how the user actually becomes a member( registered ) in the network. Suppose user open’s our applications than what credentials does he enter so that he becomes a participant in the network.
In Composer the first thing to do is to create a participant, then using the Admin Card, Issue an Identity to the participant. (Identity is a Hyperledger Fabric concept, and Composer is built on top of Fabric.) Once the Identity has been Issued (and a card created) you can use that Identity.
I would suggest trying out Participant and Identities using the Composer Playground (either online, or installed locally).
If you haven't seen them, then the Composer Tutorials are a good resource, then perhaps look at this tutorial that uses the Composer Rest Server in Multi-User mode.
Running into this error on forge and I'm not sure what to try next. Here's the situation and what I've tried thus far.
Cloning into '{site_name}'...
ERROR: Repository not found.
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists
This forge account is for the company I work for which has an associated organization on github of which I am have an owner role. Forge is not able to read from any of the repositories owned by this organization. The above error started occurring after the owner of the github account logged into forge was removed from the organization.
What I've tried
Unlinking/relinking github in forge under the Source Control tab.
Set organization, third-party application access policy to no restrictions
Tried having other team members in the organization sign into github on forge
Adding the ssh key forge supplies for any given site to the deploy key section for that site's associated repository. This always yields the same error, key already in use.
Double, triple, quadruple checked the spelling of the repository name/path
I've tried reaching out to the forge tech support, but none of their suggestions have worked so far.
Another note, I am able to have forge connect to any of my personal repositories but none of the ones I have created for under the organization.
Has anyone else had issues related to github organizations on forge?
I had the same issue. When we removed one of our ex-developers account from the organization, forge couldn't access any of our repo. The issue we was because of the ssh key. The forge ssh key of the repo was added to that ex-developer's account, removed it from his account and added to to an existing devs, who is on the organization account and it worked.
*You can get the ssh key from the meta tab on the forge servers page
Please explain the concept of wallet in playground.
I cannot find information for this in documentation.
"Wallet" is how we describe the contents of the ~/.hfc-key-store/ or ~/.composer-credentials/ directory.
This directory is used by the HLF Node SDK as the default store for user credentials (public and private certificates).
In addition to the certs, Composer maps the certificates to Composer participant identities (in the identity registry), so that when a transaction is submitted (authenticated using a Fabric certificate) the associated Composer participant can be retrieved by the runtime (see the getCurrentParticipant() API). This mapping from cert to participant is managed using the composer identity CLI commands, or can be created in Playground using the interface.
We are working on a new UI design to manage certificates, connection profiles and identity mapping which should roll out over the coming weeks.