Contents

Major Features

  • Token-based authentication (username/password)
  • Token-based authentication (SSSD federation)
  • HTTP Basic authentication
  • Lightweight Identity Management (IdmLight) for roles/users/domains CRUD
    • REST API only
  • Policy model for Authorization, Authorization capable MD-SAL Data Broker, and Authorization service API

Target Environment

  • Any OS with a recent Java 7 JRE (JDK for development) should work

Known Issues and Limitations

  • IdMLight Admin endpoint (/auth/v1) and Federation endpoint (/oauth2/federation) are not exposed by default (for security reasons). To expose them, please modify Karaf's etc/jetty.xml file as described in: https://git.opendaylight.org/gerrit/#/c/11425
  • Installing Restconf complaining about TokenAuthFilter not found.
    • Problem: The following error is returned when trying to install RESTCONF: The class org.opendaylight.aaa.sts.TokenAuthFilter could not be found.
    • Solution: The error occurred because AAA is not installed and authentication is not in place. To install authentication for use with RESTCONF (assumed installed already), run the following commands:
      • feature:install odl-aaa-authn
      • feature:uninstall odl-resfconf
      • feature:install odl-restconf

Timeline Features Completed in this Release

All delivered at the end of the release cycle, except:

  • MD-SAL AuthZ
  • Openstack Keystone federation

Bugs Fixed in this Release

None.

Migration from Previous Releases

N/A

Compatibility with Previous Releases

N/A

Deprecated, End of Lifed, and/or Retired Features/API

N/A

Bugs Fixed in Helium SR1

CORS Basic Auth Fix

  • No labels