AAA

Overview

AAA (Authentication, Authorization, and Accounting) are services that help improve the security posture of an OpenDaylight deployment. By default, the majority of OpenDaylight’s northbound APIs (and all RESTCONF APIs) are protected by AAA after installing the +odl-restconf+ feature. When an API is not protected by AAA, it will be noted in the release notes.

Major Features

odl-aaa-shiro

  • Feature URL: ODL Shiro

  • Feature Description: ODL Shiro-based AAA implementation

  • Top Level: Yes

  • User Facing: Yes

  • Experimental: Yes

  • CSIT Test: CSIT

odl-aaa-cert

  • Feature URL: ODL Cert

  • Feature Description: MD-SAL based encrypted certificate management

  • Top Level: Yes

  • User Facing: Yes

  • Experimental: Yes

  • CSIT Test: CSIT

odl-aaa-cli

  • Feature URL: ODL CLI

  • Feature Description: Basic karaf CLI commands for interacting with AAA

  • Top Level: Yes

  • User Facing: Yes

  • Experimental: Yes

  • CSIT Test: CSIT

Security Considerations

  • Do you have any external interfaces other than RESTCONF?

    • No

  • Other security issues?

    • No

Quality Assurance

Migration

  • Is it possible to migrate from the previous release? If so, how?

    • Yes, no specific steps needed.

Compatibility

  • Is this release compatible with the previous release?

    • Yes

  • Any API changes?

    • No

  • Any configuration changes?

    • No

Behavior Changes

Bug ID

Description

AAA-173

Eliminate the Oauth2 Provider Implementation that was based on Apache Oltu.

Bug Fixes

Known Issues

End-of-life

  • List of features/APIs that were EOLed, deprecated, and/or removed from this release.

    • None

Standards

  • List of standards implemented and to what extent.

    • N/A

Release Mechanics

  • N/A