8 For each top-level feature, identify the name, url, description, etc. User-facing features are used directly by end users.
13 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob_plain;f=features/shiro/features-aaa-shiro/src/main/features/features.xml;hb=refs/heads/stable/carbon
14 * **Feature Description:** ODL Shiro-based AAA implementation
16 * **User Facing:** Yes
17 * **Experimental:** Yes
18 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
23 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob;f=features/authn/features-aaa/src/main/features/features.xml;hb=refs/heads/stable/carbon
24 * **Feature Description:** Existing AAA infrastructure, now wrapped by odl-aaa-shiro
26 * **User Facing:** Yes
27 * **Experimental:** Yes
28 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
33 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob;f=features/authn/features-aaa/src/main/features/features.xml;hb=refs/heads/stable/carbon
34 * **Feature Description:** MD-SAL based encrypted certificate management
36 * **User Facing:** Yes
37 * **Experimental:** Yes
38 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
43 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob;f=features/authn/features-aaa/src/main/features/features.xml;hb=refs/heads/stable/carbon
44 * **Feature Description:** Basic karaf CLI commands for interacting with AAA
46 * **User Facing:** Yes
47 * **Experimental:** Yes
48 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
54 Please provide the URL to each document at docs.opendaylight.org. If the document is under review, provide a link to the change in Gerrit.
58 * :ref:`aaa-user-guide`
60 * **Developer Guide(s):**
62 * :ref:`aaa-dev-guide`
64 Security Considerations
65 =======================
67 * Do you have any external interfaces other than RESTCONF?
71 * Other security issues?
78 * `Link to Sonar Report <https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-sonar/>`_ (56.39% code coverage)
79 * `Link to CSIT Jobs <https://jenkins.opendaylight.org/releng/view/aaa/>`_
84 * Bug 7793: shiro.ini is no longer exposed in ODL Nitrogen.
86 shiro.ini is no longer exposed in ODL Nitrogen. A more robust mechanism is
87 provided to configure AAA in ODL Nitrogen based on the clustered-app-config
88 framework. A migration utility is provided and may be run by invoking the
93 python bin/upgrade/convert-shiro-ini-to-rest-payload <filename>
95 An XML payload is output to stdout, which can be used as a PUT payload to the
96 aaa-app-config REST endpoint to maintain configuration from a previous version.
97 An alternative is to write the resulting payload to the initial application
102 python bin/upgrade/convert-shiro-ini-to-rest-payload <filename> > etc/opendaylight/datastore/initial/config/aaa-app-config.xml
108 python bin/upgrade/convert-shiro-ini-to-rest-payload etc/shiro.ini > etc/opendaylight/datastore/initial/config/aaa-app-config.xml
114 * Is this release compatible with the previous release?
122 * Any configuration changes?
124 Some CLI commands were modified for security and ease of use purposes. Nothing else.
129 * `8373 <https://bugs.opendaylight.org/show_bug.cgi?id=8373>`_ Unable to start blueprint container for bundle org.opendaylight.aaa.idmlight
130 * `8062 <https://bugs.opendaylight.org/show_bug.cgi?id=8062>`_ Bad padding in encrypted data
131 * `8214 <https://bugs.opendaylight.org/show_bug.cgi?id=8214>`_ NPE in org.opendaylight.aaa.shiro.realm.MDSALDynamicAuthorizationFilter
132 * `8313 <https://bugs.opendaylight.org/show_bug.cgi?id=8313>`_ AAA dependencies cause it not to come up
133 * `8157 <https://bugs.opendaylight.org/show_bug.cgi?id=8157>`_ Deleting a user and recreating it fails using the aaa-cli-jar
134 * `7527 <https://bugs.opendaylight.org/show_bug.cgi?id=7527>`_ Karaf 4 migration: provide Karaf 4 aaa features
139 * List key known issues with workarounds
143 * `Link to Open Bugs <https://bugs.opendaylight.org/buglist.cgi?component=General&list_id=78831&product=aaa&resolution=--->`_
153 * LDAP, ActiveDirectory (less tested)
158 * `Link to release plan <https://wiki.opendaylight.org/view/AAA:Carbon:Release_Plan>`_
159 * Describe any major shifts in release schedule from the release plan