AAA

Overview

AAA (Authentication, Authorization, and Accounting) are services that help improve the security posture of an OpenDaylight deployment. By default, the majority of OpenDaylight’s northbound APIs (and all RESTCONF APIs) are protected by AAA after installing the +odl-restconf+ feature.

Behavior/Feature Changes

We have switched to Galois/Counter in AAA-267 to be default mode of operation algorithm for symmetric keys.

New Features

Deprecated and Removed Features

There are no deprecated or removed features.

Resolved Issues

The following table lists the issues resolved in this release.

Issues resolved in versions 0.20.0 through 0.20.1 (JIRA)

Type

Key

Summary

Resolution

Fix Version(s)

Bug

AAA-283

WhiteboardWebServer does not validate WebContext.name()

Done

0.18.7, 0.19.6, 0.20.1

Bug

AAA-281

PasswordHashService initialization is not reliable

Done

0.18.7, 0.19.6, 0.20.0

Bug

AAA-279

Using dot in the whiteboard.context.name can creates incorrect session value

Done

0.18.7, 0.19.7, 0.20.1

Improvement

AAA-267

Use GCM mode as default

Done

0.20.0

Task

AAA-280

Simplify policies logic

Done

0.20.0

Known Issues

The following table lists the known issues that exist in this release.