docs/getting-started-guide/project-release-notes/aaa.rst

   1 ===
   2 AAA
   3 ===
   4
   5 Major Features
   6 ==============
   7
   8 For each top-level feature, identify the name, url, description, etc. User-facing features are used directly by end users.
   9
  10 odl-aaa-shiro
  11 -------------
  12
  13 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob_plain;f=features/shiro/features-aaa-shiro/src/main/features/features.xml;hb=refs/heads/stable/carbon
  14 * **Feature Description:**  ODL Shiro-based AAA implementation
  15 * **Top Level:** Yes
  16 * **User Facing:** Yes
  17 * **Experimental:** Yes
  18 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
  19
  20 odl-aaa-authn
  21 -------------
  22
  23 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob;f=features/authn/features-aaa/src/main/features/features.xml;hb=refs/heads/stable/carbon
  24 * **Feature Description:**  Existing AAA infrastructure, now wrapped by odl-aaa-shiro
  25 * **Top Level:** Yes
  26 * **User Facing:** Yes
  27 * **Experimental:** Yes
  28 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
  29
  30 odl-aaa-cert
  31 ------------
  32
  33 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob;f=features/authn/features-aaa/src/main/features/features.xml;hb=refs/heads/stable/carbon
  34 * **Feature Description:**  MD-SAL based encrypted certificate management
  35 * **Top Level:** Yes
  36 * **User Facing:** Yes
  37 * **Experimental:** Yes
  38 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
  39
  40 odl-aaa-cli
  41 ------------
  42
  43 * **Feature URL:** https://git.opendaylight.org/gerrit/gitweb?p=aaa.git;a=blob;f=features/authn/features-aaa/src/main/features/features.xml;hb=refs/heads/stable/carbon
  44 * **Feature Description:**  Basic karaf CLI commands for interacting with AAA
  45 * **Top Level:** Yes
  46 * **User Facing:** Yes
  47 * **Experimental:** Yes
  48 * **CSIT Test:** https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-csit-1node-authn-all-carbon/
  49
  50
  51 Documentation
  52 =============
  53
  54 Please provide the URL to each document at docs.opendaylight.org. If the document is under review, provide a link to the change in Gerrit.
  55
  56 * **User Guide(s):**
  57
  58   * :ref:`aaa-user-guide`
  59
  60 * **Developer Guide(s):**
  61
  62   * :ref:`aaa-dev-guide`
  63
  64 Security Considerations
  65 =======================
  66
  67 * Do you have any external interfaces other than RESTCONF?
  68
  69   No.
  70
  71 * Other security issues?
  72
  73   N/A.
  74
  75 Quality Assurance
  76 =================
  77
  78 * `Link to Sonar Report <https://jenkins.opendaylight.org/releng/view/aaa/job/aaa-sonar/>`_ (56.39% code coverage)
  79 * `Link to CSIT Jobs <https://jenkins.opendaylight.org/releng/view/aaa/>`_
  80
  81 Migration
  82 ---------
  83
  84 * Bug 7793:  shiro.ini is no longer exposed in ODL Nitrogen.
  85
  86 shiro.ini is no longer exposed in ODL Nitrogen.  A more robust mechanism is
  87 provided to configure AAA in ODL Nitrogen based on the clustered-app-config
  88 framework.  A migration utility is provided and may be run by invoking the
  89 following:
  90
  91 .. code-block:: bash
  92
  93     python bin/upgrade/convert-shiro-ini-to-rest-payload <filename>
  94
  95 An XML payload is output to stdout, which can be used as a PUT payload to the
  96 aaa-app-config REST endpoint to maintain configuration from a previous version.
  97 An alternative is to write the resulting payload to the initial application
  98 config:
  99
 100 .. code-block:: bash
 101
 102     python bin/upgrade/convert-shiro-ini-to-rest-payload <filename> > etc/opendaylight/datastore/initial/config/aaa-app-config.xml
 103
 104 For Example:
 105
 106 .. code-block:: bash
 107
 108     python bin/upgrade/convert-shiro-ini-to-rest-payload etc/shiro.ini > etc/opendaylight/datastore/initial/config/aaa-app-config.xml
 109
 110
 111 Compatibility
 112 -------------
 113
 114 * Is this release compatible with the previous release?
 115
 116   Yes.
 117
 118 * Any API changes?
 119
 120   No.
 121
 122 * Any configuration changes?
 123
 124   Some CLI commands were modified for security and ease of use purposes.  Nothing else.
 125
 126 Bugs Fixed
 127 ----------
 128
 129 * `8373 <https://bugs.opendaylight.org/show_bug.cgi?id=8373>`_ Unable to start blueprint container for bundle org.opendaylight.aaa.idmlight
 130 * `8062 <https://bugs.opendaylight.org/show_bug.cgi?id=8062>`_ Bad padding in encrypted data
 131 * `8214 <https://bugs.opendaylight.org/show_bug.cgi?id=8214>`_ NPE in org.opendaylight.aaa.shiro.realm.MDSALDynamicAuthorizationFilter
 132 * `8313 <https://bugs.opendaylight.org/show_bug.cgi?id=8313>`_ AAA dependencies cause it not to come up
 133 * `8157 <https://bugs.opendaylight.org/show_bug.cgi?id=8157>`_ Deleting a user and recreating it fails using the aaa-cli-jar
 134 * `7527 <https://bugs.opendaylight.org/show_bug.cgi?id=7527>`_ Karaf 4 migration: provide Karaf 4 aaa features
 135
 136 Known Issues
 137 ------------
 138
 139 * List key known issues with workarounds
 140
 141   N/A
 142
 143 * `Link to Open Bugs <https://bugs.opendaylight.org/buglist.cgi?component=General&list_id=78831&product=aaa&resolution=--->`_
 144
 145 End-of-life
 146 ===========
 147
 148 * N/A
 149
 150 Standards
 151 =========
 152
 153 * LDAP, ActiveDirectory (less tested)
 154
 155 Release Mechanics
 156 =================
 157
 158 * `Link to release plan <https://wiki.opendaylight.org/view/AAA:Carbon:Release_Plan>`_
 159 * Describe any major shifts in release schedule from the release plan
 160
 161   None.