Thanh Ha [Sun, 9 Sep 2018 00:21:26 +0000 (20:21 -0400)]
Migrate AAA docs to the AAA project
Issue: DOCS-69
Change-Id: I7892ceacb80b12e5ec118e2004e9afbbcbbf60c6
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Sep 2018 00:18:06 +0000 (20:18 -0400)]
Bootstrap AAA documentation
Issue: DOCS-69
Change-Id: Ie5acf18dad0146f5c4fd49d4c1f1ecf0699e64ab
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Robert Varga [Mon, 3 Sep 2018 08:40:09 +0000 (10:40 +0200)]
Revert "Avoid depending on immutables.value at runtime"
This reverts commit
3b376e1d3a24bab738524785c5b3420ece2e0382. This
is no longer needed with immutables.org 2.7.1.
Change-Id: Idc158f85a49956358df81d74029234c33adf39ae
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 23 Aug 2018 22:23:32 +0000 (00:23 +0200)]
Avoid depending on immutables.value at runtime
Change-Id: Ib378a2d174c6242499e9c8680351bc4a1d593947
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 23 Aug 2018 21:23:12 +0000 (23:23 +0200)]
Fix findbugs issues
Upgraded findbugs is finding violations related to use of slf4j,
fix those isses before we upgrade.
Change-Id: I2eaca145b4aee017169a552ccd151b989ed9382c
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 17 Aug 2018 16:30:07 +0000 (18:30 +0200)]
Fix logging string
As per guidelines and now checkstyle, format string should be constant.
Change-Id: I54e982afdaf9f30013c01699943b7013aec050b8
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Anil Belur [Thu, 9 Aug 2018 12:40:14 +0000 (18:10 +0530)]
Bump versions by x.(y+1).z for next dev cycle
Change-Id: I1d1a6b7bbd20bf3b8fb2f48367c43df8130ac462
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Tom Pantelis [Tue, 7 Aug 2018 11:54:45 +0000 (11:54 +0000)]
Merge "Bump yangtools to 2.0.10"
Robert Varga [Mon, 6 Aug 2018 15:57:49 +0000 (17:57 +0200)]
Bump yangtools to 2.0.10
This fixes an issue with actions, hence we need it in Fluorine.
Change-Id: I94cb8eab95987c8703bf9e05590b3b57085c6ac4
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Tom Pantelis [Thu, 2 Aug 2018 14:54:26 +0000 (10:54 -0400)]
Remove ListenableFuture in CustomFilterAdapter
The CustomFilterAdapterConfiguration field no longer needs to be
a ListenableFuture - this was a remnant from when it was obtained async.
Change-Id: Ib9bb64d988ecd560997f91e437bbc694feed8549
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Robert Varga [Fri, 27 Jul 2018 12:05:16 +0000 (14:05 +0200)]
Bump yangtools to 2.0.9
This patch bumps yangtools to latest release.
Change-Id: I0a59adc4feeae4f29e892d02eb5039fdbf70f7a4
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Stephen Kitt [Wed, 18 Jul 2018 16:06:31 +0000 (18:06 +0200)]
Bump to odlparent 3.1.3
Change-Id: I70f9ac83b235adf06dc744604948c14dea69fbbe
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Jamo Luhrsen [Tue, 17 Jul 2018 21:02:03 +0000 (14:02 -0700)]
Remove dynamicAuthorization
This is in response to some bugs like these:
https://jira.opendaylight.org/browse/CONTROLLER-1838
https://jira.opendaylight.org/browse/CONTROLLER-1849
where we believe not having things fail at this
level may help give us more details about a root
cause.
Change-Id: I7416c4d61133f1553e4ae83d9f3e0be48f55de6e
Signed-off-by: Jamo Luhrsen <jluhrsen@redhat.com>
Tom Pantelis [Wed, 11 Jul 2018 00:53:26 +0000 (00:53 +0000)]
Merge changes I65221cae,If580af40
* changes:
Subscribe to authentication information instead of reading it
Subscribe to authorization information instead of reading it
Tom Pantelis [Sun, 8 Jul 2018 15:42:19 +0000 (11:42 -0400)]
Handle UnknownSessionException in ODLAuthenticator
UnknownSessionException seems to indicate the internal stored/cached
session has expired so do an explicit logout and retry the login.
Since it appears we just use the subject/session for a one-shot
authentication, perhaps we should logout immediately after login,
however that can be investigated later.
Change-Id: I72f5a418869e5cf480b21df81be4c1b2aebf4f60
JIRA: AAA-176
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Robert Varga [Wed, 27 Jun 2018 12:43:05 +0000 (14:43 +0200)]
Subscribe to authentication information instead of reading it
Instead of explicitly reading authentication information, pull it
through a DTCL, so we can access the information without actually
touching the datastore.
Change-Id: I65221caed40d932c45cb2e29ac06e712fe85ba3b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 26 Jun 2018 16:57:25 +0000 (18:57 +0200)]
Subscribe to authorization information instead of reading it
Instead of explicitly reading authorization information, pull it
through a DTCL, so we can access the information without actually
touching the datastore.
Change-Id: If580af40b3a1c22c1e2ad8a550c075adcba20ed1
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 28 Jun 2018 06:57:29 +0000 (08:57 +0200)]
Bump yangtools to 2.0.7
This patch bumps yangtools to latest release.
Change-Id: Iaba93bd609f4ee76a35f183c9e61a334212026ab
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Stephen Kitt [Wed, 30 May 2018 13:44:25 +0000 (15:44 +0200)]
Bump odlparent to 3.1.2
Change-Id: I43fc0c6807b445ad5b40c38ebd2d10d54b797367
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Fri, 1 Jun 2018 13:29:45 +0000 (15:29 +0200)]
Bump yangtools to 2.0.5
To pick up the latest fixes.
Change-Id: I75e8408049dd91d3a08473232152da98ab63b748
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Tom Pantelis [Mon, 4 Jun 2018 14:48:37 +0000 (14:48 +0000)]
Merge "Fixup Augmentable and Identifiable methods changing"
Ryan Goulding [Tue, 29 May 2018 14:22:08 +0000 (10:22 -0400)]
Remove Accounter impl
Accounter is purely impl and not API. It was meant to be a
means to funnel important accounting messages, but it really
doesn't provide anything above what the standard Logger provides.
Additionally, it is less configurable. Thus, get rid of it.
Just use log4j instead.
Change-Id: I39ae4fe49f496382989a8676fba0c9bfe66db9a3
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Robert Varga [Tue, 24 Apr 2018 13:15:44 +0000 (15:15 +0200)]
Fixup Augmentable and Identifiable methods changing
This is a fixup of the change in binding codegen, adjusting:
- getKey() -> key()
- setKey() -> withKey()
- getAugmentation() -> augmentation()
Change-Id: I84a38f788b84e4db50cf1006ad36f6fb0863907b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Ryan Goulding [Sun, 3 Jun 2018 18:19:43 +0000 (18:19 +0000)]
Merge changes I737d5336,Ied83aaa0
* changes:
Undeprecate PKIUtil
Cleanup MDSALDynamicAuthorizationFilterTest
Ryan Goulding [Sun, 3 Jun 2018 18:19:13 +0000 (18:19 +0000)]
Merge changes I57664369,Ie46f76d3
* changes:
Remove odl-config-core from odl-aaa-encryption-service feature
Convert CLI commands to Action
Tom Pantelis [Sun, 3 Jun 2018 15:44:30 +0000 (11:44 -0400)]
Remove odl-config-core from odl-aaa-encryption-service feature
odl-config-core is a CSS feature which isn't needed and is going away.
Change-Id: I57664369cae15325f17392cac37bcbc61de1a503
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Fri, 1 Jun 2018 17:57:35 +0000 (13:57 -0400)]
Convert CLI commands to Action
OsgiCommandSupport et al are deprecated.
Change-Id: Ie46f76d30b452eee1a76867dc7b105c0274808ab
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Fri, 1 Jun 2018 11:18:47 +0000 (07:18 -0400)]
Undeprecate PKIUtil
There's no alternative for users to switch to and not
clear whether it actually warrants a service with API and impl.
Change-Id: I737d53362330b1aba9329d565b16476322df5a59
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Robert Varga [Fri, 1 Jun 2018 08:47:02 +0000 (10:47 +0200)]
Do not repackage yangtools concepts
Depend of the feature providing the bundle, cutting duplicate
packaging.
Change-Id: Ia24477789545c3cbc9e2061dc82fdab3289bfe6b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Tom Pantelis [Fri, 1 Jun 2018 00:57:32 +0000 (00:57 +0000)]
Merge "update README.md"
Tom Pantelis [Thu, 31 May 2018 22:52:38 +0000 (18:52 -0400)]
Cleanup MDSALDynamicAuthorizationFilterTest
Consolidated some common code for reuse and to reduce the
deprecation warnings due to CheckedFuture. Also used the
real Optional and CheckedFuture classes - no need to mock
such clsses.
Change-Id: Ied83aaa0d266658fbda73c6b53beadd19d523816
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 31 May 2018 20:42:37 +0000 (16:42 -0400)]
Remove deprecated SHA256Calculator
Not used anywhere.
Change-Id: I1bfa0db35eb3e692cc1c98cf55b3c8ed004d3deb
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 31 May 2018 20:29:29 +0000 (16:29 -0400)]
Remove deprecated StoreBuilder#init
Change-Id: I9f4a92572b0db28c9a07ad596a7b9f7cf92cf841
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 31 May 2018 20:13:13 +0000 (16:13 -0400)]
Remove deprecated IdmLightConfig#getDbPath
Change-Id: I00e1b1143a6d4c38f42f1d9d26a6cce359a884ed
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 31 May 2018 19:55:09 +0000 (15:55 -0400)]
Remove static CustomFilterAdapterConfigurationImpl instance
This was kept for backwards compatibility for web.xml's which
have been removed.
Change-Id: I9a7269a4807bf54fa3945c28ee78ad32a1725f24
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 31 May 2018 18:22:13 +0000 (14:22 -0400)]
Fix some deprecation warnings
CheckedFuture et al.
Change-Id: Ibd4324fbc57367eb1ab1508bc56053977fb5e47a
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 31 May 2018 15:25:24 +0000 (11:25 -0400)]
Remove KarafIniWebEnvironment
Deprecated and not used anymore.
Change-Id: Id06ffe5768c8564a97c9c7c08db1cdd622b82e10
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Ryan Goulding [Tue, 29 May 2018 13:44:18 +0000 (09:44 -0400)]
update README.md
Update README.md to utilize correct max line lengths as well as
maven versions and target releases for future work.
Change-Id: Ie7aecca9b8c7bbedb98a06d218c33e5d72dd6b16
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 17 May 2018 20:13:26 +0000 (16:13 -0400)]
adjust to use password-service
Use the simplified password-service instead of SHA256Calculator.
After all, SHA256Calculator is deprecated since it combines API
and IMPL even in the name!
This is also more configurable and secure.
Change-Id: I471e0fe1d11d6b65ab574c5286ce1a874a2231fb
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Tom Pantelis [Wed, 30 May 2018 13:45:51 +0000 (13:45 +0000)]
Merge "Split aaa-encryption-service api and impl"
Ryan Goulding [Wed, 30 May 2018 13:17:22 +0000 (13:17 +0000)]
Merge "Convert to jersey 2"
Ryan Goulding [Tue, 22 May 2018 20:18:01 +0000 (16:18 -0400)]
Split aaa-encryption-service api and impl
The original contributor jammed api and impl into one bundle. This is
bad practice for SOA, so this change separates out api and impl. The
API class package remains the same for outside consumers (i.e., it is
left as org.opendaylight.aaa.encrypt instead of the normal convention
of org.opendaylight.aaa.encrypt.api).
Additionally, a maven-bundle-plugin instruction was added to explicitly
not export any impl bundle classes. This is important to avoid possible
consumption from downstream consumers.
Change-Id: I0e2fca345501deaf9645b4b044dbc549b222c69b
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Michael Vorburger [Tue, 29 May 2018 10:10:53 +0000 (12:10 +0200)]
add .apt_generated_tests/ to .gitignore
Change-Id: Ie2c3be4911874cf59d7f691d357e45f03bdfee71
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Tom Pantelis [Wed, 23 May 2018 22:08:51 +0000 (18:08 -0400)]
Convert to jersey 2
Modified the WenInitializer to use the new servlet API and changed
the jersey client version to 2.25.1. Also modified the UTs to jersey 2
test framework.
JIRA: TSC-113
Change-Id: I3864bd217126954e93308699e095f67afc2e53da
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 24 May 2018 01:55:44 +0000 (21:55 -0400)]
Fix STF error in odl-aaa-password-service
[caused by: Unable to resolve org.opendaylight.aaa.password-service-api/0.8.0.SNAPSHOT: missing requirement [org.opendaylight.aaa.password-service-api/0.8.0.SNAPSHOT] osgi.wiring.package; filter:="(&(osgi.wiring.package=org.opendaylight.yangtools.concepts)(version>=2.0.0)(!(version>=3.0.0)))"]]]
The feature needs to install the mdsal binding and yangtools
artifacts.
Change-Id: I1c98bc77e76d85181b559f499a6cfe38c0da4a7b
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Robert Varga [Mon, 23 Apr 2018 14:37:43 +0000 (16:37 +0200)]
Adjust to RPC method signature update
Input/Output structures are always present and we need to return
ListenableFuture.
Change-Id: Icce2f1091577d8741baf1bfd3b3de27463ca399e
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Ryan Goulding [Tue, 22 May 2018 17:35:46 +0000 (13:35 -0400)]
Deprecate Encryption Service Impl
The default encryption service implemention is a mess that shouldn't be
maintained. Instead, AAA team plans to add a new implementation that
is backed by Shiro cryptography. We will expose a knob to control which
implementation is used at runtime.
Change-Id: Ie9ff9b3de7e78102f17fbfbb1ed93e14e20c2bcb
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Tue, 22 May 2018 14:33:53 +0000 (10:33 -0400)]
Add odl-aaa-password-service feature
Add in a feature for use at runtime.
Change-Id: I0ce1cf7c1cf43cba69b817f855cef2164ab1b6a7
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 17 May 2018 20:16:06 +0000 (16:16 -0400)]
password service implementation
Implement PasswordHashService with a Default impl. This impl is capable
of deriving values from aaa-password-service-config.yang.
Change-Id: I55a6bebcc18ab60b229006ec50b9440292ec5ffb
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Mon, 21 May 2018 18:04:10 +0000 (14:04 -0400)]
password-service api cleanup
Change-Id: I89949d2d40605b40286c770e950a33b2ce6320f6
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 17 May 2018 20:13:26 +0000 (16:13 -0400)]
salt creation and password hash comparison service api
A generic one-way password comparison (hash equality) and salt generation
API. This is not meant to cover Password criteria satisfaction.
Change-Id: I6c8cb72a5cf83108b29232b6c1a8b8ae1cee21e8
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Tom Pantelis [Mon, 14 May 2018 18:42:17 +0000 (14:42 -0400)]
Remove AAAFilter and aaa-shiro-act
There's no more usasges of AAAFilter and restcong no longer needs
aaa-shiro-act so remove them.
Change-Id: Ia763ee7f872b13d138ad49d6120495843a447599
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Thu, 26 Apr 2018 13:55:38 +0000 (09:55 -0400)]
Add resource registration to web API
In order to access html files, jsps etc, the resource path(s) in the
bundle need to be registered with pax web. Added a resources property
to WebContext to capture this.
Change-Id: Ic47558588601cb340ab5b0c3c218fe43226ce769
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Robert Varga [Fri, 13 Apr 2018 15:08:40 +0000 (17:08 +0200)]
Add web/servlet-api and jersey2 implementation
web/servlet-api provides implementation-agnostic entrypoints for
creating Clients and HttpServlets.
web/servlet-jersey2 provides an implementation based on jersey-2.25.1.
This split allows us to have applications independent of the
implementation.
Change-Id: I77d92fb8764aa28817d5dcac9f8450dc42017429
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Michael Vorburger [Thu, 12 Apr 2018 16:06:17 +0000 (18:06 +0200)]
add full implementation in web-jetty-impl
Change-Id: I649336bcaf51f683e52284cc549332c4c1815836
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Michael Vorburger [Wed, 11 Apr 2018 18:39:40 +0000 (20:39 +0200)]
add skeleton web-jetty-impl (to be implemented)
This lets one use the new WebServer API outside of OSGi, e.g. in
component tests; specifically, I would like to use this in project
Neutron.
Change-Id: I7035078b877daaebceeb71a5e664386f6a85969a
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Ryan Goulding [Mon, 16 Apr 2018 16:43:25 +0000 (12:43 -0400)]
Align with odlparent version of jolokia
Change-Id: I123be8cd1732c467f692df11b183606d01e78d51
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Stephen Kitt [Mon, 16 Apr 2018 09:16:32 +0000 (11:16 +0200)]
Ensure Jersey is initialised before AAA-Shiro
When we group the Jersey bundles with bundles using them, we run into
initialisation races where AAA-Shiro ends up trying to use Jersey
before the latter’s activators have run.
All credit to Robert Varga for figuring out that we need an ordering
constraint between Jersey as a whole and the rest of AAA-Shiro. The
new odl-aaa-jersey-1 feature will eventually be replaced by ODL
Parent’s odl-jersey-1 feature, once we’ve added jersey-client to
that.
Issue: RELENG-85
Change-Id: I3d87dc28c8067bbeb0ca32be96ccdb4f6d359573
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Robert Varga [Fri, 13 Apr 2018 17:34:17 +0000 (19:34 +0200)]
Remove javax.ws.rs-api dependency
Let's not pull javax.ws.rs-api-2.0.1 and see what gives.
Change-Id: I7c8656f4423e87818c844f49019f83fe39731bc4
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Stephen Kitt [Fri, 13 Apr 2018 11:20:11 +0000 (13:20 +0200)]
Align pax-web-api with Karaf 4.1.5
Karaf now uses version 6.0.9.
Change-Id: I08b9440448247234e1c9a15e557033deb9d467be
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Thu, 22 Mar 2018 17:24:27 +0000 (18:24 +0100)]
Bump to odlparent 3.1.0 and yangtools 2.0.3
Change-Id: Idca8474f104b93a7c4a2e5148ad4d414306cfa69
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Mon, 9 Apr 2018 13:49:53 +0000 (15:49 +0200)]
Clean up odl-aaa-web
This needs Guava, so use odl-guava-23.
Change-Id: I666b0aff22329a6e77998c7e280146f71a2a734f
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Mon, 9 Apr 2018 13:23:27 +0000 (15:23 +0200)]
Clean up odl-aaa-shiro
Pull in odl-jolokia and odl-aaa-web to reduce the bundle overlap.
Change-Id: I3bb2ba38a4a184cfe5780ca12faabc3d2a7abbf7
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Jamo Luhrsen [Fri, 6 Apr 2018 04:26:57 +0000 (21:26 -0700)]
Add Karaf build profile
Project local Karaf distros are handy for devs to test their work
however is unneeded by autorelease builds and should not be released
as part of the Simultanious Release. Add a profile that is active by
default so that default behaviour is unchanged however allows the
autorelease project to disable building this module.
Change-Id: If26f62fd722bedce8d39d3dfe673064441fd1d36
Signed-off-by: Jamo Luhrsen <jluhrsen@redhat.com>
(cherry picked from commit
320971a7892e4540bc5d253cf9a2f8117b61e2ce)
Ryan Goulding [Sun, 25 Mar 2018 16:27:18 +0000 (12:27 -0400)]
AAA-143: Remove jackson dependencies
Other projects need to pull in jackson runtime dependencies themselves
instead of depending on AAA. AAA does not utilize Jackson anymore
period.
Change-Id: Ic2e0f36c19ad0903bc22da41b650ca6a66a62a40
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Tom Pantelis [Tue, 20 Mar 2018 00:33:29 +0000 (20:33 -0400)]
Remove aaa-filterchain Activator and statics
Removed the bundle Activator in lieu of blueprint and also
removed the static CustomFilterAdapterConfiguration instance.
CustomFilterAdapterConfiguration was converted to an interface
with implementation CustomFilterAdapterConfigurationImpl so it
can be advertised as a service and consumed by aaa-shiro and
injected into the CustomFilterAdapter.
Change-Id: Id1b6be949d9ce1bb895050e1ed95f321cdd2188a
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sun, 25 Mar 2018 21:19:40 +0000 (17:19 -0400)]
Use odl:type="default" for IdmLightProxy service reg
Change-Id: Ieb5d096aa64836e71ae6c1c7be810a36d49a907e
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Ryan Goulding [Sun, 25 Mar 2018 15:54:59 +0000 (15:54 +0000)]
Merge "remove Import-Package from aaa-shiro POM"
Ryan Goulding [Sun, 25 Mar 2018 15:54:41 +0000 (15:54 +0000)]
Merge "Convert IdmLightProxy CLAIM_CACHE to non-static"
Robert Varga [Thu, 22 Mar 2018 15:08:10 +0000 (16:08 +0100)]
Package aaa-shiro-act
This provides simple packaging of aaa-shiro-act, so netconf does
not have to package it itself.
JIRA: AAA-164
Change-Id: I4e65d102d15a0c35b579837840f9f46ae7ece7dd
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Tom Pantelis [Wed, 21 Mar 2018 16:11:33 +0000 (12:11 -0400)]
Convert IdmLightProxy CLAIM_CACHE to non-static
The map was static so the clearClaimCache method could be accessed
statically by UserHandler etc. Now the IdmLightProxy instance is injected
and referenced as a new interface, ClaimCache.
Change-Id: I7ed214c6158d950dc7da81813ca6b230dc3a6767
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Ryan Goulding [Tue, 20 Mar 2018 19:55:08 +0000 (19:55 +0000)]
Merge "introduce WebContextSecurer service API"
Michael Vorburger [Mon, 12 Mar 2018 21:58:49 +0000 (22:58 +0100)]
remove Import-Package from aaa-shiro POM
as far as I can tell from a quick test, it still works.
Change-Id: Id223170832378bed19f62e620f7353fb79723a74
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Ryan Goulding [Tue, 20 Mar 2018 17:58:58 +0000 (17:58 +0000)]
Merge changes from topic 'java-8-migration'
* changes:
Java 8 migration
Java 7 migration
Ryan Goulding [Tue, 20 Mar 2018 16:55:09 +0000 (16:55 +0000)]
Merge "Java 5 migration"
Stephen Kitt [Tue, 20 Mar 2018 15:02:27 +0000 (16:02 +0100)]
Java 8 migration
As suggested by IntelliJ:
* clean up lambdas;
* use new Map methods.
Change-Id: Icda29431e29a35849aa60be145b0029ae72ad055
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Ryan Goulding [Tue, 20 Mar 2018 14:30:05 +0000 (14:30 +0000)]
Merge "Remove unused code"
Ryan Goulding [Tue, 20 Mar 2018 12:59:55 +0000 (08:59 -0400)]
Remove unused code
Removed unused code.
Change-Id: I88d1a561dfd25ba6fe2908f7308c174f151c2ce4
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Stephen Kitt [Tue, 20 Mar 2018 10:47:54 +0000 (11:47 +0100)]
Java 7 migration
As suggested by IntelliJ:
* remove redundant type specifiers;
* use try-with-resources.
Change-Id: Ie6b777fd9cbf9d1e9e3f98fecccdb2f8b2ee2caa
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Tue, 20 Mar 2018 10:19:21 +0000 (11:19 +0100)]
Java 5 migration
As suggested by IntelliJ:
* use foreach loops;
* use StringBuilder instead of StringBuffer;
* drop unnecessary boxing constructors.
Change-Id: Ic6d77c3413bc8ac04a83fb0cd42a34c0f09fc717
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Tue, 20 Mar 2018 08:43:02 +0000 (09:43 +0100)]
Add domain to the PasswordCredentials equality check
Change-Id: Ib719afc87e43f905e460bdcfd3890f99c7b5f5dc
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Stephen Kitt [Tue, 20 Mar 2018 08:41:45 +0000 (09:41 +0100)]
Remove EqualUtil
This patch uses Objects.equals() instead. The equality checks are
preserved as-is.
Change-Id: Iaf3cd4723ddf17f38dd04c527b81ebd555b0df52
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Michael Vorburger [Thu, 15 Mar 2018 23:24:26 +0000 (00:24 +0100)]
introduce odl-aaa-web feature
Change-Id: I3993ddd82e09d0075e47000b7ff75632b2bd5b3d
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Ryan Goulding [Mon, 19 Mar 2018 18:01:24 +0000 (18:01 +0000)]
Merge changes I6062ddfa,If91c0ea5,Idd92e1be,I224e0fb7,Iab290548, ...
* changes:
Enable findbugs in aaa-parent
Fix findbugs violations in aaa-cli
Fix findbugs violations in aaa-filterchain
Fix findbugs violations in aaa-shiro
Fix findbugs violations in aaa-cert
Fix findbugs violations in aaa-encrypt-service
Ryan Goulding [Mon, 19 Mar 2018 17:48:24 +0000 (17:48 +0000)]
Merge changes Ia7a47d3b,I0d9b6fc2
* changes:
Fix findbugs violations in aaa-authn-api
Move checkstyle config to aaa-parent
Michael Vorburger [Fri, 16 Mar 2018 14:43:08 +0000 (15:43 +0100)]
introduce WebContextSecurer service API
This API allows other projects to secure their web context, but without
directly relying on AAA Shiro internals. Using this, other applications
will be able to significantly reduce their dependencies, Package-Import
etc. to AAA Shiro internals. (This opens the door both to more
independently evolve aaa-shiro internals, and allows for possible
alternative implementations, later.)
This also makes aaa-shiro secure its own IdmLightApplication REST
endpoints using the same approach, which avoids copy/paste of the
AAAShiroFilter and the KarafIniWebEnvironmentLoaderListener it needs
between the WebInitializer and the ShiroWebContextSecurer.
Change-Id: Ia3a16df71384610a75acf3d28205c973c554d477
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Michael Vorburger [Mon, 19 Mar 2018 14:17:20 +0000 (15:17 +0100)]
ditch HashCodeUtil, and use JDK Objects.hash() instead
having a utility like this in Guava and in the JDK is probably are 1 too
much, let us not have another one doing the exact same thing in AAA as
well.
Change-Id: Icb19d3e5aed73eb46dee1394be0ae06181ab6ef4
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Tom Pantelis [Sun, 18 Mar 2018 00:43:44 +0000 (20:43 -0400)]
Enable findbugs in aaa-parent
Change-Id: I6062ddfa44de6cba7540beea5fbb8d215d3ca2d1
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sun, 18 Mar 2018 00:36:09 +0000 (20:36 -0400)]
Fix findbugs violations in aaa-cli
- Method may fail to close stream
- Reliance on default encoding
- Incorrect lazy initialization of static field
- Unread field: should this field be static?
- Write to static field from instance method
Change-Id: If91c0ea5997490468d030cab3aead2825fbe9c9e
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 13:38:50 +0000 (09:38 -0400)]
Fix findbugs violations in aaa-authn-api
- Equals method should not assume anything about the type of its argument
- Reliance on default encoding
- Dead store to local variable
- Possible null pointer dereference on branch that might be infeasible
- Field not initialized in constructor but dereferenced without null check
Change-Id: Ia7a47d3b3b6a9729263c7c42656f14791edefccc
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 15:39:37 +0000 (11:39 -0400)]
Fix findbugs violations in aaa-filterchain
- May expose internal representation by returning reference to mutable object
- Inefficient use of keySet iterator instead of entrySet iterator
- Field not initialized in constructor but dereferenced without null check
Change-Id: Idd92e1beb6998a6968ae6be3b5f1e83ae1ca50d7
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 12:50:56 +0000 (08:50 -0400)]
Move checkstyle config to aaa-parent
Change-Id: I0d9b6fc2f2eec27f2d438148bd3cb148901d72ff
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 17:08:59 +0000 (13:08 -0400)]
Fix findbugs violations in aaa-shiro
- Possible null pointer dereference
- Class names shouldn't shadow simple name of implemented interface
- Method may fail to close database resource
- Non-transient non-serializable instance field in serializable class
- Non-serializable class has a serializable inner class
- Class is Serializable, but doesn't define serialVersionUID
- Consider using Locale parameterized version of invoked method
- Reliance on default encoding
- May expose internal representation by returning reference to mutable object
- Method invokes toString() method on a String
- Private method is never called
- Unread field
- Nonconstant string passed to execute or addBatch method on an SQL statement
- Unchecked/unconfirmed cast
- Dead store to local variable
- Class implements same interface as superclass
- Redundant nullcheck of value known to be non-null
- Exception is caught when Exception is not thrown
- Useless control flow
Change-Id: I224e0fb71f3570f69fa1963e89b8c687a464156a
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 15:16:56 +0000 (11:16 -0400)]
Fix findbugs violations in aaa-cert
- Null pointer dereference
- Method ignores exceptional return value
- Method ignores results of InputStream.read()
- Method may fail to clean up stream or resource
- Method may fail to close stream on exception
- Reliance on default encoding
- Consider returning a zero length array rather than null
- Redundant nullcheck of value known to be non-null
- Potentially dangerous use of non-short-circuit logic
Change-Id: Iab2905488bbe2d4b9be3e92c69e49e5eb0129958
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 14:20:35 +0000 (10:20 -0400)]
Fix findbugs violations in aaa-encrypt-service
- Method may fail to clean up stream or resource
- Reliance on default encoding
- Method invokes inefficient new String(String) constructor
- Unchecked/unconfirmed cast
Change-Id: I0dd13b306a684167bacdf94648369150f365d590
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 12:20:17 +0000 (08:20 -0400)]
Derive all code sub-projects from aaa-parent
We can then centralize configs for CS and findbugs etc.
Change-Id: Iecca472fb7de14b34cf88b34765f7741d4e3c60b
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
David Suarez [Sun, 11 Mar 2018 15:37:20 +0000 (16:37 +0100)]
Fix checkstyle issues to enforce it
Change-Id: I77b3e119c7cd972f1f2f141f5adfdeab6c518ead
Signed-off-by: David Suarez <david.suarez.fuentes@gmail.com>
Tom Pantelis [Sat, 17 Mar 2018 01:24:05 +0000 (21:24 -0400)]
Remove static AuthenticationManager instance
It's only used by UT's.
Change-Id: I25271cd06d578942b7cf9cd35a38a338c5527f29
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Tom Pantelis [Fri, 16 Mar 2018 22:59:35 +0000 (18:59 -0400)]
Remove ServiceLocator
Removed the static instance holders in favor of injection.
Change-Id: Iea7beda16450f28af4119995da4768e931086592
Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
Ryan Goulding [Fri, 16 Mar 2018 15:15:55 +0000 (15:15 +0000)]
Merge "Eliminate injection of AAAShiroProvider"
Code Review / aaa.git / log