Contents
About this Document
AAA
Features
For each top level feature, identify the name, url, description, etc. User facing features are used directly by end users.
- Feature Name: odl-aaa-shiro
- Feature URL: https://github.com/opendaylight/aaa/blob/master/features/shiro/src/main/features/features.xml
- Feature Description: Basic authentication and RBAC through Shiro.
- Top Level: Yes
- User Facing: Yes
- Experimental: Yes
- CSIT Test: https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-only-boron/
- Feature Name: odl-aaa-authz
- Feature URL: https://github.com/opendaylight/aaa/blob/master/features/authz/src/main/features/features.xml
- Feature Description: EXPERIMENTAL authz DOM broker facade
- Top Level: Yes
- User Facing: Yes
- Experimental: No
- CSIT Test: N/A
- Feature Name: odl-aaa-cli
- Feature URL: https://github.com/opendaylight/aaa/blob/master/features/aaa-cli/src/main/features/features.xml
- Feature Description: Certificate store karaf CLI administration.
- Top Level: Yes
- User Facing: Yes
- Experimental: Yes
- CSIT Test: N/A
- Feature Name: odl-aaa-cert
- Feature URL: https://github.com/opendaylight/aaa/blob/master/features/aaa-cert/src/main/features/features.xml
- Feature Description: MD-SAL based certificate store for southbound devices.
- Top Level: Yes
- User Facing: Yes
- Experimental: Yes
- CSIT Test: N/A
Non-Code Aspects (user docs, examples, tutorials, articles)
- How to disable AAA
- Connecting to IdmLight with psql
- Change account passwords
- Authorization Hello World Example
- WIP Apache Shiro Migration
- Source IP Based Authorization
- Getting Started
For documentation, please provide the asciidocs url for each document if applicable. You can also optionally provide the wiki page link, but official documentation must be integrated into asciidocs. Please provide links to:
- Release notes
- User Guide(s)
- Developer Guide(s)
Architectural Issues
N/A
Security Considerations
N/A
Quality Assurance (test coverage, etc)
- https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-only-boron/
- https://clm.opendaylight.org/assets/index.html#/reports/aaa/b9dad0e73ff94477b5d9d08e311ba981
End-of-life (API/Features EOLed in Release)
- odl-aaa-keystone -- it was non functional anyway, and just a placeholder for future development from a contributor who left.
Bugzilla (summary of bug situation)
- https://bugs.opendaylight.org/buglist.cgi?component=General&list_id=64026&product=aaa&resolution=---
- Mostly enhancement bugs, and a few well known issues that have easy workarounds.
Standards (summary of standard compliance)
- LDAP implementation is derived directly from JNDI.
- ActiveDirectory implementation is derived from JNDI.
Schedule (initial schedule and changes over the release cycle)
- Everything was delivered save a pluggable Radius realm. This federation can still be achieved through fronting Jetty with an Apache process, which has built in support for Radius federation.