Ryan Goulding [Tue, 13 Jun 2017 15:25:08 +0000 (15:25 +0000)]
Merge "Revert "Refactoring AAA datastore bundles""
Ryan Goulding [Tue, 13 Jun 2017 13:04:33 +0000 (13:04 +0000)]
Revert "Refactoring AAA datastore bundles"
This reverts commit
d00348582c23379e0f5baca555f378314d9bf560.
Change-Id: I574ab168e53b853b2a99737129dc3ddeb3025a6a
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Mon, 12 Jun 2017 20:11:07 +0000 (20:11 +0000)]
Merge "Add gitignore to aaa-cert"
Ryan Goulding [Mon, 12 Jun 2017 19:23:25 +0000 (19:23 +0000)]
Merge "Refactoring AAA datastore bundles"
Ryan Goulding [Mon, 12 Jun 2017 17:20:59 +0000 (13:20 -0400)]
Add gitignore to aaa-cert
Avoid some files that are laid down during compilation.
Change-Id: I4903e1f7ea56d235a834ba5caaffec6d8504c9fb
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Mohamed El-Serngawy [Wed, 17 May 2017 20:57:18 +0000 (16:57 -0400)]
Refactoring AAA datastore bundles
The two datastore bundles aaa-mdsal and aaa-h2 are
combiend in the aaa-idmlight bundle. Also the aaa-features
bundle has been updated to match the new changes
Change-Id: Ic0413a1deb7704ed4f93c948d887dca92779b4e7
Signed-off-by: Mohamed El-Serngawy <serngawy@gmail.com>
Ryan Goulding [Fri, 9 Jun 2017 14:44:18 +0000 (10:44 -0400)]
Remove idmlight.db.mv.db from source
Remove from source. Accidental add.
Change-Id: I6831e3ac020980ca799082e771a44697221dbdd0
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Thanh Ha [Tue, 6 Jun 2017 01:42:26 +0000 (21:42 -0400)]
Migrate to odlparent 1.8.0-Carbon
Per request of odlparent project we are downgrading all Nitrogen
projects to use the released odlparent 1.8.0-Carbon to allow for the
odlparent project to start performing semver style releases.
Jira: RELENG-159
RT: 41406
Change-Id: Ia00b3a90aa68d66a05570be8eca13b6144ca70c2
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
David Suarez [Sun, 14 May 2017 17:13:32 +0000 (19:13 +0200)]
Fix issues in checkstyle enforcement for module aaa-h2-store
- Copyright section
- Order imports
- Line lengths
- Remove IllegalCatch
- Improve exception handling
- Declare some static constants properly
- JavaDocs
- Move overloaded methods closer to each other
- Change variables and methods names
- Enforcement in pom.xml
Change-Id: If9ce15fdfcacaa7d94e56368cdf8c74b1b140ece
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
Ryan Goulding [Mon, 5 Jun 2017 13:21:21 +0000 (13:21 +0000)]
Merge "Fix issues in checkstyle enforcement for module aaa-cert"
Ryan Goulding [Mon, 5 Jun 2017 13:20:55 +0000 (13:20 +0000)]
Merge "Bug 8437: remove deprecated aaa-authn-store bundle"
David Suarez [Sat, 13 May 2017 20:14:39 +0000 (22:14 +0200)]
Fix issues in checkstyle enforcement for module aaa-cert
- Copyright section
- Line lengths
- JavaDocs
- Order imports
- Declare some static constants properly
- Move overloaded methods closer to each other
- Returning variables directly
- Change variables and methods names
- Enforcement in pom.xml
Change-Id: I15fffbeb9de5f08e10aebd640437ddbbc97cf94b
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
David Suarez [Sun, 14 May 2017 18:55:44 +0000 (20:55 +0200)]
Fix issues in checkstyle enforcement for module aaa-idmlight
- Copyright section
- Order imports
- Line lengths
- JavaDocs
- Improve exception handling
- Change variables and methods names
- Move variables closer to their use
- Move overloaded methods closer to each other
- Declare some static constants properly
- Enforcement in pom.xml
Change-Id: Ic673b8239c3abd7ba0c23a242293fe32cc48b103
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
Mohamed El-Serngawy [Fri, 2 Jun 2017 16:00:08 +0000 (16:00 +0000)]
Merge "Fix issues in checkstyle enforcement for module aaa-cli"
Ryan Goulding [Thu, 1 Jun 2017 21:00:34 +0000 (17:00 -0400)]
Bug 8437: remove deprecated aaa-authn-store bundle
This was deprecated long ago. This is the removal of the bundle.
Change-Id: I42caef0fe749a7d52a1e0cbf8a2440bbaf93d548
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 1 Jun 2017 19:12:53 +0000 (15:12 -0400)]
Bug 8437: Move oauth2 functionality into the shiro module
odl-aaa-shiro is the only consumer of the oauth2 functionality in ODL.
The fact that aaa-authn-sts is aggregated as a separate bundle for
this functionality is confusing and superfluous. This change moves
the functionality, does some good renaming, and puts in some docs
surrounding the current status of aaa-authn-sts and aaa-shiro.
This change was tested manually with odl-restconf and works
correctly.
In the future, in a follow up, aaa-authn-sts will be completely
removed. For now it is still keeping track of the various "services"
that we are working to converge.
Change-Id: Id9cc5bd70e0866d72b712ddc559c1cd0154268d9
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 1 Jun 2017 17:50:40 +0000 (17:50 +0000)]
Merge "Fix a gitignore and accidentally added file"
Ryan Goulding [Thu, 1 Jun 2017 16:20:46 +0000 (12:20 -0400)]
Fix a gitignore and accidentally added file
Change-Id: I15bd3190baa5298d953e2cfa52ed8dfed13b8418
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
David Suarez [Sun, 14 May 2017 00:27:12 +0000 (02:27 +0200)]
Fix issues in checkstyle enforcement for module aaa-cli
- Copyright section
- Line lengths
- JavaDocs
- Order imports
- Declare some static constants properly
- Remove IllegalCatch
- Change variables and methods names
- Enforcement in pom.xml
- Move overloaded methods closer to each other
- Returning variables directly
Change-Id: I4bd93465b43610cfd931b104803142b371c42240
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
Ryan Goulding [Wed, 31 May 2017 22:42:18 +0000 (18:42 -0400)]
Remove unused UnauthorizedException
This is not used, and should be removed.
Change-Id: I3e9390df44652d153565f97dab8f390f2b7339f3
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Wed, 31 May 2017 22:18:06 +0000 (22:18 +0000)]
Merge "Bug 8572: Remove unused SecureBlockingQueue"
Ryan Goulding [Wed, 31 May 2017 21:48:50 +0000 (21:48 +0000)]
Merge "Fix issues in checkstyle enforcement for module aaa-shiro-api"
Ryan Goulding [Wed, 31 May 2017 21:23:56 +0000 (17:23 -0400)]
Bug 8572: Remove unused SecureBlockingQueue
This is unused and needs to be removed.
Change-Id: I141af03f6852bb69fbc8518eb7cf10e685cebca4
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 25 May 2017 19:40:33 +0000 (15:40 -0400)]
Fix a few formatting issues
https://git.opendaylight.org/gerrit/#/c/57826/ intro'd
a few poor formatting issues.
Change-Id: Ib04c2899a3de4c03a5dfadbd45b652f32ecf1635
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 25 May 2017 17:42:51 +0000 (13:42 -0400)]
Bug 8352: Explicitly set the SecurityManager
This issue is described more in depth in this thread:
http://shiro-user.582556.n2.nabble.com/ \
Shiro-with-Wicket-on-OSGi-ServiceMix-td7580484.html
We found that sometimes the SecurityManager for Shiro
is not set otherwise
Change-Id: I69829136f999d458058f0f112240cdf29bd1edc5
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
David Suarez [Tue, 23 May 2017 14:12:57 +0000 (16:12 +0200)]
Fix a parameter description in the CLI
Minor fix for the user's email parameter description.
Change-Id: Iae54cebbba72ce315eaca3928ee822f401c08210
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
Mohamed El-Serngawy [Tue, 16 May 2017 13:41:25 +0000 (13:41 +0000)]
Merge "Bug 8382: Update idmtool to not utilize ids in payload"
Ryan Goulding [Mon, 15 May 2017 18:08:56 +0000 (14:08 -0400)]
Bug 8382: Update idmtool to not utilize ids in payload
id is an internal implementation detail, as outlined by
bug 8382. Prior patches were submitted to enforce that.
This patch just removes specification of the id as part
of the wrapped requests.
Change-Id: If1e12b899840b2c316400846bfcaf3c91d1ec11d
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Mohamed El-Serngawy [Mon, 15 May 2017 17:47:18 +0000 (17:47 +0000)]
Merge "Remove federation related documents"
Mohamed El-Serngawy [Mon, 15 May 2017 17:45:33 +0000 (17:45 +0000)]
Merge "Update idmtool for oauth2 token generation"
Mohamed El-Serngawy [Mon, 15 May 2017 17:44:22 +0000 (17:44 +0000)]
Merge "Fix checkstyle issues in module aaa-authn-mdsal-store-impl"
Mohamed El-Serngawy [Mon, 15 May 2017 17:30:04 +0000 (17:30 +0000)]
Merge "Fix issues in checkstyle enforcement for module aaa-encrypt-service"
Mohamed El-Serngawy [Mon, 15 May 2017 17:00:24 +0000 (17:00 +0000)]
Merge "Fix issues in checkstyle enforcement for module aaa-auth-mdsal-api"
Ryan Goulding [Mon, 15 May 2017 16:41:14 +0000 (12:41 -0400)]
Update idmtool for oauth2 token generation
Add functionality to grab an oauth2 token using idmtool.
Change-Id: I3b1ccd8a27ed01dbbf4f5388421c14598c64d89c
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
David Suarez [Sun, 14 May 2017 19:23:52 +0000 (21:23 +0200)]
Fix issues in checkstyle enforcement for module aaa-shiro-api
- Enforcement in pom.xml
Change-Id: I4b0e3a696b8f1b8b5486fd5500f960126cd6887f
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
David Suarez [Sun, 14 May 2017 11:05:56 +0000 (13:05 +0200)]
Fix issues in checkstyle enforcement for module aaa-encrypt-service
- Copyright section
- Remove redundant modifiers
- Move overloaded methods closer to each other
- Order imports
- Line lengths
- Declare some static constants properly
- Change variables and methods names
- JavaDocs
- Enforcement in pom.xml
Change-Id: Ie9e5031e3b1fa0854e16eaab6798f4c7b310bd73
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
Ryan Goulding [Fri, 12 May 2017 17:30:25 +0000 (13:30 -0400)]
Remove aaa-credential-store-api
This was deprecated long ago. It is time to remove it.
Change-Id: Iaa3ca9ca8eb4fc806f5aa2b93d10c1bb9bcddb0e
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
David Suarez [Sat, 13 May 2017 17:08:08 +0000 (19:08 +0200)]
Fix checkstyle issues in module
aaa-authn-mdsal-store-impl
- Copyright sections
- Remove @SuppressWarnings("checkstyle:IllegalCatch")
by fixing exception handling
- Enforcement in pom.xml
Change-Id: I9564db1b11f2166551cb4b8fbd627fd453ab71fa
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
David Suarez [Sat, 13 May 2017 15:39:53 +0000 (17:39 +0200)]
Fix issues in checkstyle enforcement for module aaa-auth-mdsal-api
- Copyright section
- Enforcement in pom.xml
Change-Id: I7db3689e20e2d05e780bb9c4de4ddcdc1946b290
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
Ryan Goulding [Fri, 12 May 2017 16:58:44 +0000 (12:58 -0400)]
Remove federation related documents
Federation is now done through the Shiro based impl. The
docs related to the removed odl-aaa-authn-federation
functionality are no longer needed.
Change-Id: I9a635a3e1630a9e7bffc5e3bb8ac704faad97389
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
David Suarez [Wed, 10 May 2017 23:01:39 +0000 (01:01 +0200)]
Remove <prerequisites><maven> from pom.xml to avoid WARNING
[WARNING] The project ... uses prerequisites which is only intended for
maven-plugin projects but not for non maven-plugin projects. For such
purposes you should use the maven-enforcer-plugin. See
https://maven.apache.org/enforcer/enforcer-rules/requireMavenVersion.html
This is already done in odlparent.
Change-Id: Iedfaeb92fba3bf392554ece1f20358060c398a00
Signed-off-by: David Suarez <david.suarez.fuentes@ericsson.com>
Ryan Goulding [Mon, 1 May 2017 20:02:10 +0000 (16:02 -0400)]
Remove aaa-idp-mapping bundle
Was deprecated in Boron, dissuaded in Carbon, now
removed in nitrogen.
Change-Id: I0f564d4b2806259eb00695dd194dc65bf394f99d
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Sat, 6 May 2017 16:16:47 +0000 (12:16 -0400)]
Remove sssd feature
Change-Id: Ie96dee58d75a6ede910cd37494672032415c3086
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Mohamed El-Serngawy [Fri, 5 May 2017 18:10:42 +0000 (18:10 +0000)]
Merge "sssd functionality removal"
Mohamed El-Serngawy [Fri, 5 May 2017 18:09:52 +0000 (18:09 +0000)]
Merge "Bug 7090: Move idmlight.db to the data directory"
Mohamed El-Serngawy [Fri, 5 May 2017 18:09:12 +0000 (18:09 +0000)]
Merge "Bug 8383: no email in user creation results in NPE"
Ryan Goulding [Fri, 5 May 2017 16:27:52 +0000 (12:27 -0400)]
Bug 8382: disallow client specified ids
ids are an implementation specific internal detail. Thus,
AAA should endpoints should prevent users from specifying
such values.
This change fixes the behavior by returning 400 when ids
are specified. Appropriate test cases are added.
Change-Id: I15cc66f9881347334b919dbeb6bc686694367bd6
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 4 May 2017 20:43:11 +0000 (20:43 +0000)]
Merge "Remove the aaa-authn-federation bundle artifacts"
Ryan Goulding [Thu, 4 May 2017 20:32:20 +0000 (16:32 -0400)]
Bug 8383: no email in user creation results in NPE
Change-Id: I1eac566bcbfa0da44e09d7062e174fd597ccd0f4
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Mohamed El-Serngawy [Thu, 4 May 2017 20:25:30 +0000 (20:25 +0000)]
Merge "Bug 8379: Remove deprecated TokenAuthFilter"
Ryan Goulding [Mon, 1 May 2017 20:15:06 +0000 (16:15 -0400)]
Bug 7090: Move idmlight.db to the data directory
Simply change the default behavior to plant idmlight.db
in the data directory
Change-Id: Ic766d0306b92cbe87533af6c885ff08ca8e6c78c
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 4 May 2017 19:18:10 +0000 (15:18 -0400)]
Remove the aaa-authn-federation bundle artifacts
Change-Id: I55792e209755adf98f7190884404d253e8b23012
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 4 May 2017 19:12:40 +0000 (15:12 -0400)]
sssd functionality removal
odl-authn-sssd was deprecated in Boron. The feature was removed
in Carbon, but the underlying bundles were kept just in case
(i.e., one could install manually but it wasn't a present
feature). This completes the removal since adequate time has
been given for consumers to move on to the new method, Shiro.
Change-Id: Idb95c0f41a3db0300fd8fbd7272ec3ab842f9c45
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Robert Varga [Thu, 4 May 2017 18:21:58 +0000 (20:21 +0200)]
Do not override versions defined in odlparent
This fixes commons-codec version duplication, cutting ~250kB
from distribution package.
Change-Id: I7812e5ac8ae02de25d9359eda12e78642cf33f41
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
457bafe812c6330ae314dd048e3e64ddd4165a68)
Ryan Goulding [Thu, 4 May 2017 17:41:09 +0000 (13:41 -0400)]
Bug 8379: Remove deprecated TokenAuthFilter
TokenAuthFilter was deprecated in either Beryllium or Boron.
It has been kept around for compatibility reasons, but it
is no longer needed. This patch removes the Filter class,
moves the inner UnauthorizedException to its own class
(better anyway), and removes some dead tests that were
testing the old filter functionality. It is clear that
the tests were testing the old Filter mechanism instead
of AAAShiroFilter, since AUTH_FILTERS was set to
TokenAuthFilter.class.getName(). Thus, the test is no
longer appropriate.
Change-Id: I08295daccc13bd9ac9113a8cf55e779ca1001775
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Mohamed El-Serngawy [Thu, 4 May 2017 18:40:38 +0000 (18:40 +0000)]
Merge "Bug 8214: Avoid throwing NPE when DataBroker is null"
Andrej Mak [Thu, 4 May 2017 16:53:43 +0000 (18:53 +0200)]
Bug 8373: Set destroy method for aaa h2 store
Change-Id: I3eeec2f11240c10cc70ebb7f52560cc12da19880
Signed-off-by: Andrej Mak <andrej.mak@pantheon.tech>
Ryan Goulding [Thu, 4 May 2017 16:05:54 +0000 (12:05 -0400)]
Bug 8214: Avoid throwing NPE when DataBroker is null
MDSALDynamicAuthorizationFilter is instantiated by shiro when
the web container is brought up. shiro has no knowledge of
the DataBroker, so the dependency cannot be injected in shiro.ini.
shiro.ini needs to die, and is tracked by Bug 7793. For now,
to avoid throwing the NPE (in the case that the DataBroker hasn't
been brought up yet), just fail-close until the dataBroker is
made available (i.e., AAAShiroProvider.newInstance(DataBroker)
is called).
Change-Id: I28e2eb0780f4f7761a5e2f81d167afc5a4b10cba
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Tue, 2 May 2017 18:49:52 +0000 (18:49 +0000)]
Merge "Remove the aaa-authn-federation bundle"
Ryan Goulding [Mon, 1 May 2017 20:08:35 +0000 (16:08 -0400)]
Remove the aaa-authn-federation bundle
It was deprecated in Boron, dissuaded in Carbon,
now removed in Nitrogen.
Change-Id: Id316c1e37b57369ad8b9791f83a30eb6e59db9ac
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Mon, 1 May 2017 19:39:59 +0000 (15:39 -0400)]
Bug 7265 Move idmtool to the bin directory
Simply changes idmtool destination from etc to bin.
Change-Id: Ic3a0e1ccf484822b2cfe8ca9d6335f0ad2c0b58e
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Mohamed El-Serngawy [Mon, 1 May 2017 18:27:49 +0000 (18:27 +0000)]
Merge "Bug 8214 Prevent NPE in isolation scenario"
Ryan Goulding [Mon, 1 May 2017 17:09:27 +0000 (13:09 -0400)]
Bug 8214 Prevent NPE in isolation scenario
If the datastore is not readable, then fail out gracefully.
Deny access to prevent unauthorized requests from
succeeding, and report a warning to karaf.log.
Change-Id: I0b40d27b3346d8a0357f41e8c68464057d4ec1c0
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 27 Apr 2017 23:06:02 +0000 (23:06 +0000)]
Merge "Cleanup prerequisite in karaf pom"
Robert Varga [Thu, 27 Apr 2017 19:26:29 +0000 (21:26 +0200)]
Do not override shiro-core version
This is a duplicate dependency, with managed version being 1.3.2.
Remove the duplicate declaration.
Change-Id: I4bd5f6121e2a03a0f7e72bb9d1d9566ba0d3df23
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 27 Apr 2017 19:26:01 +0000 (21:26 +0200)]
Fix NPE in TokenAuthRealm
If the TokenStore is not available, do not throw a NPE.
Change-Id: Ie346e89dd1dc29c705f51712e58859065b81a787
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Ryan Goulding [Thu, 27 Apr 2017 09:19:48 +0000 (05:19 -0400)]
Cleanup prerequisite in karaf pom
An outdated prerequisite in the karaf pom for maven version
was removed.
Change-Id: I585ab08ba127164b76068dd523d6a93cdbfbe0cc
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Wed, 26 Apr 2017 21:31:57 +0000 (17:31 -0400)]
Include jetty-servlets as dep for use with filter framework
jetty-servlets is super useful to do things like DoS and QoS filtering
in the context of a J2EE servlet. This patch adds a dependency on
jetty-servlets (whatever version is in odlparent) to allow easy
configuration and specification of DoS/QoSFilter. To enable DoSFilter
for example, write the following to
etc/org.opendaylight.aaa.filterchain.cfg:
customFilterList=org.eclipse.jetty.servlets.DoSFilter
org.eclipse.jetty.servlets.DoSFilter.maxRequestsPerSec=1
org.eclipse.jetty.servlets.DoSFilter.delayMs=10000
By simply adding the dependency, it allows us to use filter(s) from
jetty-servlets without manually installing the bundle. It also
allows us to avoid version skew as we are just grabbing whatever
upstream odlparent offers.
Change-Id: I63f135872c447e9be75dde0547f81d7876afe761
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
David [Wed, 19 Apr 2017 12:00:00 +0000 (14:00 +0200)]
Update shiro.ini for KeystoneRealm configuration section
- Update to better explain the configuration section of the
KeystoneRealm
in the shiro.ini file.
- Update section for available realms.
Change-Id: I6db4b9ccb1d3549c044957ab31ef64bcb93c77ba
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
Jaime Caamaño Ruiz [Wed, 1 Mar 2017 19:05:08 +0000 (20:05 +0100)]
KeystoneAuthRealm: reuse http client
Jersey documentation advises against building multiple clients of the
same characteristics and advertises that is perfectly safe to use the
same client over multiple threads.
Moreover, each time the SSL context is obtained, it may synchronize the
keystores from the filesystem or the database. KeystoneAuthRealm
assumes a dynamic certificate handling.
The purpose of this commit is to reuse the http client to some degree
while refreshing it rather frequently due to the dynamic certificate
handling.
Change-Id: Ifa188ad6f2a99e64c5d560d58057428aab37df26
Signed-off-by: Jaime Caamaño Ruiz <jaime.caamano.ruiz@ericsson.com>
Robert Varga [Tue, 25 Apr 2017 09:48:13 +0000 (11:48 +0200)]
Clean read-only transactions
Read-only transactions are documented to be a resource and should
be closed as soon as they are not needed. Failing to do so
triggers warnings in tell-based protocol in CDS, as they trigger
inefficient GC-triggered cleanup.
Change-Id: Ia8468704a75fd42c105f3fba49f817d5c2e0ec30
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
3a2b698c58ab6cee9f75e84f307298cf75ab5553)
Ryan Goulding [Wed, 26 Apr 2017 16:05:08 +0000 (12:05 -0400)]
Bug 8313 hard code encry serv config
Updating the config seems to be causing issues in loading.
Change-Id: Iec467c589d56eb44a87f8e68b9f45ee2263b929b
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Mon, 24 Apr 2017 21:29:02 +0000 (21:29 +0000)]
Merge "Bug 8214: Expose Service Interface for AAA"
Ryan Goulding [Wed, 19 Apr 2017 14:41:47 +0000 (10:41 -0400)]
Bug 8214: Expose Service Interface for AAA
Hitherto, the tie between AAA and its downstream consumers has been
nebulous. The instantiation of javax servlets requires runtime
dependencies to be resolved. Bug 8214 exposes a race condition
in which RESTCONF attempts to resolve AAAFilter, but the AAA
service is not yet instantiated. To resolve this, the solution
is to:
1) expose a AAAService interface. In this case, that is quite
easy since we already have the necessary implementation,
AAAFilter. Thus, all that is done is the extraction of the
service interface.
2) Advertise the service to the OSGI registry via blueprint.
This is a quick 3 liner.
A corresponding change will be submitted to the downstream
consumer (RESTCONF) to depend on AAAService.
Change-Id: I5d8208ddbe817963ce596ecc34ad38ff0f760410
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Wed, 19 Apr 2017 22:19:38 +0000 (22:19 +0000)]
Merge "Fix issues related to checkstyle enforcement for module aaa-authn-mdsal-store-impl"
melserngawy [Mon, 17 Apr 2017 20:19:17 +0000 (16:19 -0400)]
Bug 8062: Fix sharing the encryption service config
across the cluster nodes
Change-Id: Ie53cbde91c4388cb45459424283ef7a90f3ae25a
Signed-off-by: melserngawy <melserngawy@inocybe.com>
David [Sun, 2 Apr 2017 16:35:59 +0000 (18:35 +0200)]
Fix issues related to checkstyle enforcement for module
aaa-authn-mdsal-store-impl
- Copyright sections
- Line lengths
- Formatting
- Remove redundant modifiers
- Move variable declaration closer to its use
- Group overloaded methods
- Change variable names
- Enforcement in pom.xml
Note: I'll fix exception catching in a separate change.
Change-Id: If1065f78d6f7ef737bb64deb70feaf7992856d35
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
Anil Belur [Tue, 11 Apr 2017 01:45:25 +0000 (11:45 +1000)]
Bump versions by x.(y+1).z for next dev cycle
Change-Id: I3e3561122e5f69a982cf69e6e07b7fcaaba5b6ca
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
Michael Vorburger [Wed, 5 Apr 2017 11:12:51 +0000 (13:12 +0200)]
Bug 8157 Fixed deleting a user and recreating it fails with aaa-cli-jar
Change-Id: I3894185412922fbe5a30aa899d801ed115bf8c9c
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Claudio D. Gasparini [Fri, 31 Mar 2017 15:21:16 +0000 (17:21 +0200)]
BUG-7527: Karaf 4 Migration
Add missing karaf 4 features to artifacts.
Change-Id: Ic287bde110b35b3c9e76ab285a2f1a2b1afb1b44
Signed-off-by: Claudio D. Gasparini <claudio.gasparini@pantheon.tech>
Ryan Goulding [Sat, 1 Apr 2017 17:58:18 +0000 (17:58 +0000)]
Merge "Fix some compilation warnings for JavaDocs"
David [Fri, 10 Mar 2017 10:22:44 +0000 (11:22 +0100)]
Fix some compilation warnings for JavaDocs
Remove some meaningless and malformed JavaDocs to avoid compilation
warnings.
Change-Id: I0a4d25546f0c515ce0ccc3295add0313841f49b8
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
Michael Vorburger [Wed, 29 Mar 2017 21:06:29 +0000 (23:06 +0200)]
aaa-cli-jar Checkstyle clean up and enforcement enabled
Change-Id: Ic7a8b70a4189700e4a12c5b3f8490c4f9e7a9a23
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Michael Vorburger [Wed, 29 Mar 2017 21:04:16 +0000 (23:04 +0200)]
aaa-cli-jar with new --deleteUser <UID> option
Change-Id: I0b343d00133895b87217b39ad54dc1267cfb9c4b
Signed-off-by: Michael Vorburger <vorburger@redhat.com>
Ryan Goulding [Thu, 23 Mar 2017 17:34:09 +0000 (17:34 +0000)]
Merge "Revert "Migrate to karaf4 for the local karaf distribution""
Ryan Goulding [Thu, 23 Mar 2017 11:12:01 +0000 (11:12 +0000)]
Revert "Migrate to karaf4 for the local karaf distribution"
This reverts commit
fbfe065aa9fdbcd67eb71e913421db4c749683e4.
Change-Id: I69bd0d37a98066dfe4dbbe29a2145b9d138bc3ff
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Wed, 22 Mar 2017 11:33:33 +0000 (11:33 +0000)]
Merge "Migrate to karaf4 for the local karaf distribution"
Ryan Goulding [Wed, 22 Mar 2017 00:19:13 +0000 (20:19 -0400)]
Migrate to karaf4 for the local karaf distribution
Several folks have put in incredible effort to make karaf4 a reality in ODL.
Kudos to those folks for this great effort. This patch officially converts
AAA's local karaf distribution to use odlparent's karaf4-parent artifact.
What this means is that now when AAA is built locally, the aaa-karaf artifact
will produce a karaf4 implementation. I am opting to move to karaf4 sooner
rather than later in hopes that we may catch any lingering bugs before debuting
karaf4 as the standard for Carbon distributions.
The karaf4 implementation will still be accessible at the following well-known
path:
> karaf/target/assembly
Change-Id: Ifda98dbf470555b4d35cad058c5a2762a7cf21bf
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
David [Mon, 20 Mar 2017 22:21:15 +0000 (23:21 +0100)]
Fix format strings for String.format
String.format() uses C-style format strings, not SLF4J-style.
Change-Id: I09926eccd4c42a8869d641944386e3232358b91b
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
melserngawy [Fri, 17 Feb 2017 22:21:12 +0000 (17:21 -0500)]
Add import and export keystore commands
Add the cli commands import and export keystore
to allow better keystore deployment.
Change-Id: I16ba6ff3b37af0462cd87c9a415f2711507cc79c
Signed-off-by: melserngawy <melserngawy@inocybe.com>
David [Sat, 11 Mar 2017 18:21:49 +0000 (19:21 +0100)]
Fix issues related to checkstyle enforcement for module
aaa-authn-sts
- Copyright sections
- Line lengths
- Formatting
- Remove redundant modifiers
- Move variable declaration closer to its use
- Change variable names
- Exception catching
- Enforcement in pom.xml
Change-Id: I7590067d0952424e30c3c91983a0d5a517519129
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
David [Thu, 9 Mar 2017 22:17:26 +0000 (23:17 +0100)]
Fix issues related to checkstyle enforcement for module
aaa-authn-sssd
- Copyright sections
- Line lengths
- Formatting
- Move variable declaration closer to its use
- Change variable names
- Exception catching
- JavaDoc
- Enforcement in pom.xml
Change-Id: I4082eced4907409b20be18cf2cd348e3f59096f6
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
Ryan Goulding [Wed, 22 Mar 2017 00:17:33 +0000 (00:17 +0000)]
Merge "Fix issues related to checkstyle enforcement for module aaa-authn-store"
David [Sun, 12 Mar 2017 10:08:00 +0000 (11:08 +0100)]
Fix issues related to checkstyle enforcement for module
aaa-filterchain
- Copyright sections
- Line lengths
- Formatting
- Move variable declaration closer to its use
- Change variable names
- Exception catching
- JavaDoc
- Enforcement in pom.xml
Change-Id: Ib13d281a4fe88fed098a00d49438d0aa3fb3c654
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
Ryan Goulding [Mon, 20 Mar 2017 16:43:41 +0000 (16:43 +0000)]
Merge "Make IDMStoreUtil a final class"
David [Thu, 9 Mar 2017 22:59:38 +0000 (23:59 +0100)]
Fix issues related to checkstyle enforcement for module
aaa-authn-store
- Copyright sections
- Line lengths
- Formatting
- Order of modifiers
- Move variable declaration closer to its use
- Change variable names
- Exception catching
- Enforcement in pom.xml
Change-Id: Ice2db2271c441175d2789656a3da7efffc97108c
Signed-off-by: David <david.suarez.fuentes@ericsson.com>
matthieu cauffiez [Tue, 14 Mar 2017 15:09:35 +0000 (11:09 -0400)]
Add AaaCertRpcServiceImpl unit tests
Change-Id: I912a8a9dfaa21061731e3abe088a6075a350e3f6
Signed-off-by: matthieu cauffiez <mcauffiez@inocybe.com>
matthieu [Mon, 13 Mar 2017 14:45:53 +0000 (10:45 -0400)]
Add Unit Test for aaa cert provider mdsal
Add unit test for aaa cert provider mdsal and
add testutil for the certificate
Change-Id: I77838c8c97b572490fdb9e853ce3ffa62e43484f
Signed-off-by: matthieu <mcauffiez@inocybe.com>
Mohamed El-Serngawy [Thu, 16 Mar 2017 17:10:14 +0000 (17:10 +0000)]
Merge "Generate Random password for encryption service"
melserngawy [Thu, 23 Feb 2017 20:24:03 +0000 (15:24 -0500)]
Generate Random password for the keystores
Generate random password for the keystores
at the installation time to enhance and secure
Opendaylight deployment.
Change-Id: I93dc2cc292f2c3dfac9cff87b6222a994936125b
Signed-off-by: melserngawy <melserngawy@inocybe.com>
Code Review / aaa.git / log