AAA

Overview

AAA (Authentication, Authorization, and Accounting) are services that help improve the security posture of an OpenDaylight deployment. By default, the majority of OpenDaylight’s northbound APIs (and all RESTCONF APIs) are protected by AAA after installing the +odl-restconf+ feature.

Behavior/Feature Changes

There are no changes to features.

New Features

No new features.

Deprecated and Removed Features

There are no deprecated or removed features.

Resolved Issues

The following table lists the issues resolved in this release.

Issues resolved in versions 0.17.0 through 0.17.7 (JIRA)

Type

Key

Summary

Resolution

Fix Version(s)

Bug

AAA-240

SQL injection in the aaa-idm-store-h2 (deleteDomain function)

Done

0.15.8, 0.16.5, 0.17.0

Bug

AAA-241

SQL injection in the aaa-idm-store-h2 (deleteUser function)

Done

0.15.8, 0.16.5, 0.17.0

Bug

AAA-239

SQL injection in the aaa-idm-store-h2 (deleteRole function)

Done

0.15.8, 0.16.5, 0.17.0

Bug

AAA-238

https configuration fails with blueprint errors

Done

0.15.6, 0.16.6, 0.17.0

Bug

AAA-258

aaa-encrypt-service fails to start on follower nodes

Done

0.17.7

Improvement

AAA-234

Make WebContext builder enforce proper pattern values

Duplicate

0.17.0

Improvement

AAA-233

Validate web-api constructs

Done

0.17.0

Improvement

AAA-228

Revisit aaa-cli-jar

Done

0.17.0

Improvement

AAA-244

Add IDM web context description

Done

0.17.2

Improvement

AAA-250

Instantiate AAAEncryptServiceImpl via OSGi DS

Done

0.17.4

New Feature

AAA-243

Add support for naming WebContexts

Done

0.17.2

Sub-task

AAA-251

Expose WebContextSecurer through OSGi DS

Done

0.17.5

Task

AAA-237

Select only specifically-marked Filters for CustomFilterAdapterConfiguration

Done

0.17.0

Task

AAA-242

Upgrade Shiro to 1.10.1

Done

0.15.8, 0.16.5, 0.17.0

Task

AAA-247

Upgrade Shiro to 1.11.0

Done

0.15.9, 0.16.8, 0.17.3

Task

AAA-255

Remove OAuth2 remnants

Done

0.17.7

Task

AAA-204

Eliminate blueprint from aaa-encrypt-service

Done

0.17.6

Task

AAA-249

Fix AAA documentation

Done

0.16.8, 0.17.6

Known Issues

The following table lists the known issues that exist in this release.