Contents
Major Features
- Token-based authentication (username/password)
- Token-based authentication (SSSD federation)
- HTTP Basic authentication
- Lightweight Identity Management (IdmLight) for roles/users/domains CRUD
- REST API only
- Policy model for Authorization, Authorization capable MD-SAL Data Broker, and Authorization service API
Target Environment
- Any OS with a recent Java 7 JRE (JDK for development) should work
Known Issues and Limitations
- IdMLight Admin endpoint (/auth/v1) and Federation endpoint (/oauth2/federation) are not exposed by default (for security reasons). To expose them, please modify Karaf's etc/jetty.xml file as described in: https://git.opendaylight.org/gerrit/#/c/11425
- Installing Restconf complaining about TokenAuthFilter not found.
- Problem: The following error is returned when trying to install RESTCONF: The class org.opendaylight.aaa.sts.TokenAuthFilter could not be found.
- Solution: The error occurred because AAA is not installed and authentication is not in place. To install authentication for use with RESTCONF (assumed installed already), run the following commands:
- feature:install odl-aaa-authn
- feature:uninstall odl-resfconf
- feature:install odl-restconf
Timeline Features Completed in this Release
All delivered at the end of the release cycle, except:
- MD-SAL AuthZ
- Openstack Keystone federation
Bugs Fixed in this Release
None.
Migration from Previous Releases
N/A
Compatibility with Previous Releases
N/A
Deprecated, End of Lifed, and/or Retired Features/API
N/A