Ryan Goulding [Fri, 23 Oct 2015 21:37:48 +0000 (17:37 -0400)]
Adds Shiro Web-based authorization capabilities
Shiro supports RBAC for url patterns that may contain asterisks. Some DOM
leaves should be filtered for security reasons, such as those containing AAA
data. This allows installation of a set of default, immutable filters; the
alternative was to allow installation in shiro.ini, but that file is mutable.
Since aaa-shiro isn't presently active, no changes will occur for external
projects. This is setting up for when the aaa implementation is swapped out
for an Apache Shiro based one.
Change-Id: If0d037cafb90d8cf51713e538f41967f85f325ae
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Fri, 23 Oct 2015 17:43:37 +0000 (17:43 +0000)]
Merge "unit test for authn-idp-mapping"
melserngawy [Thu, 8 Oct 2015 21:50:11 +0000 (17:50 -0400)]
unit test for authn-idp-mapping
Change-Id: Ic720195734e18f8ddbea6e54713f70be2920b30f
Signed-off-by: melserngawy <melserngawy@inocybe.com>
Ryan Goulding [Fri, 23 Oct 2015 14:58:42 +0000 (14:58 +0000)]
Merge "unit test for AuthNStoreUtil, add check for null values to AuthNStoreUtil class methods and update POM file for test dependencies"
melserngawy [Thu, 8 Oct 2015 15:48:23 +0000 (11:48 -0400)]
unit test for AuthNStoreUtil, add check for null values to AuthNStoreUtil class methods and update POM file for test dependencies
Change-Id: I0f2eec5c3500105854547d3216755c47a1b30cf7
Signed-off-by: melserngawy <melserngawy@inocybe.com>
Wojciech Dec [Fri, 9 Oct 2015 05:06:18 +0000 (05:06 +0000)]
Merge "Use odlparent-lite as parent for artifact pom"
Wojciech Dec [Thu, 8 Oct 2015 15:28:40 +0000 (15:28 +0000)]
Merge "Bug4430 Unclear error message when Basic Authentication has a bad header format"
Ryan Goulding [Wed, 7 Oct 2015 19:23:35 +0000 (15:23 -0400)]
Bug4430 Unclear error message when Basic Authentication has a bad header format
This change ensures an AuthenticationException is thrown when and improperly
formatted Authentication Header is provided. Tests are provided to ensure this
functionality. The HttpBasicAuth.validate() function is refactored to utilize a
series of helper methods.
Change-Id: I2438651092c4bc018270ead0ccddd98ec10a3422
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Thu, 1 Oct 2015 23:14:39 +0000 (19:14 -0400)]
ServiceLocator to use accessor methods instead of public fields
Accessor methods shoould be preferred to public fields, as stated in
Effective Java 2 Item 14 (page 71). This changes the aaa-authn-sts bundle so
that accessor methods are used instead of public instance variables. Since
accessor and setter methods are synchronized, this change also provides
thread safety, which is currently missing.
Change-Id: I24bae3cfdb9525279539536876796bbd41ebf9af
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Thanh Ha [Wed, 30 Sep 2015 22:18:47 +0000 (18:18 -0400)]
Use odlparent-lite as parent for artifact pom
Change-Id: Iabba38dcec50367e715a50a2ca0d8884d7955f40
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Ryan Goulding [Mon, 28 Sep 2015 12:29:03 +0000 (12:29 +0000)]
Merge "Support enabling and disabling shiro based AAA"
Tomas Cere [Wed, 23 Sep 2015 09:22:33 +0000 (11:22 +0200)]
Use default sdn domain when credential domain is null
Change-Id: I4a3e0179475466d2ac2795564f71176189356c20
Signed-off-by: Tomas Cere <tcere@cisco.com>
Sharon Aicler [Sat, 12 Sep 2015 20:20:22 +0000 (13:20 -0700)]
Resubmit AAA Model Changes
Change-Id: I355acae1ac6652eb15cbd83ce9b0fcdcb9cc8afc
Signed-off-by: Sharon Aicler <saichler@cisco.com>
Ryan Goulding [Tue, 15 Sep 2015 14:49:30 +0000 (10:49 -0400)]
Support enabling and disabling shiro based AAA
This change supports enabling and disabling shiro AAA through the use of a
ServiceProxy. This support was added in order to support workflows such as
those included in the odl-restconf-noauth feature. This change also adds a
significant amount of documentation to help users extend and debug the shiro
functionality.
Change-Id: I213a200c18d48fd1bf59da1ec171b0814a283fce
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Wojciech Dec [Tue, 15 Sep 2015 14:00:13 +0000 (14:00 +0000)]
Merge "Adds some documentation and sample files surrounding federation"
Wojciech Dec [Tue, 15 Sep 2015 13:59:23 +0000 (13:59 +0000)]
Merge "Bug 4313: Remove dependency on netconf"
Stephen Kitt [Tue, 15 Sep 2015 08:06:44 +0000 (10:06 +0200)]
Bug 4313: Remove dependency on netconf
aaa's features-aaa-authz still depends on netconf, which introduces a
cyclic dependency. Dropping the odl-restconf feature from
odl-aaa-authz fixes this.
Change-Id: I77a1de4ef2d9d8892c5fd3886966c8a309dbf953
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Ryan Goulding [Mon, 20 Jul 2015 20:11:08 +0000 (16:11 -0400)]
Adds some documentation and sample files surrounding federation
Some documentation and a few sample files to set up a simple
federated AAA scenario.
Change-Id: I9442e4ada2c718c88f9ca576f0959880f0043372
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Wojciech Dec [Fri, 11 Sep 2015 11:26:40 +0000 (11:26 +0000)]
Revert "Revert "Formatting fixes""
This reverts commit
db480102f6a9496ada7cfa7354ed88f4ea313d24
Change-Id: Id04fe9e09ecac8d2506669cc7b83449048272b24
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Wojciech Dec [Fri, 11 Sep 2015 10:18:39 +0000 (10:18 +0000)]
Merge "Introduction of the odl-aaa-shiro feature"
Wojciech Dec [Fri, 11 Sep 2015 09:30:50 +0000 (09:30 +0000)]
Revert "AAA Model Changes"
Revert until feature loading is addressed.
This reverts commit
a5c6bbab17ffe1cc712f9c7566efbed1a258250e.
Change-Id: I7415a6a1df6382415db404229f41c292e246136d
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Wojciech Dec [Fri, 11 Sep 2015 09:06:14 +0000 (09:06 +0000)]
Merge "Bug 4289 AuthZ config subsystem files are loaded to the wrong place"
Wojciech Dec [Fri, 11 Sep 2015 08:38:17 +0000 (08:38 +0000)]
Merge "AAA Model Changes"
Ryan Goulding [Thu, 10 Sep 2015 18:25:50 +0000 (14:25 -0400)]
Bug 4289 AuthZ config subsystem files are loaded to the wrong place
AuthZ config subsystem files are loaded to ${KARAF_HOME} instead of
${KARAF_HOME}/etc/opendaylight/karaf.
Change-Id: Ib0c9b440d40930745913be4af1923dd50369aece
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Wed, 9 Sep 2015 16:50:47 +0000 (16:50 +0000)]
Merge "Migration to use MD-SAL Project"
Sharon Aicler [Sat, 22 Aug 2015 01:58:00 +0000 (18:58 -0700)]
AAA Model Changes
Change-Id: I76f8d2405a57480d484a7dc8df5e44c71de40314
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Ryan Goulding [Thu, 3 Sep 2015 15:54:24 +0000 (11:54 -0400)]
Introduction of the odl-aaa-shiro feature
Introduces the odl-aaa-shiro feature, based on the aaa-shiro bundle. This
bundle is built separately from the rest of the AAA subsystem, and can stand
independent of other code in AAA. Without appropriate changes to restconf
in the netconf project, this change is not usable in the ODL project.
This sets the AAA scaffolding for aaa-shiro integration. This patch can
be merged without affecting other code in the aaa or restconf projects. It
is the start to migrating from the custom AAA solution to one that is built
on Apache Shiro. This patch supports 1.X versions of JAX-RS at this time,
and will later provide functionality to support the 2.X API.
This introduction of code adds/allows the following Realms:
1) ODLJndiLdapRealm
2) INI file based
3) JDBCRealm
There is stub support for:
1) RadiusRealm
2) TACACSRealm
But these have not yet been implemented. They stand as a Proof of Concept
as to how easy it is to create different AAA backends to authenticate against.
Corresponding test methods are present for all testable methods in classes.
This is the first of many incremental patches to help migrate AAA to Shiro.
This particular patch will not actually affect the current implementation.
Change-Id: Ifbdec290d87434279882295c24e35412b641154f
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Tony Tkacik [Wed, 2 Sep 2015 14:13:30 +0000 (16:13 +0200)]
Migration to use MD-SAL Project
Change-Id: I8490822ef10962d5bbd48fe4fd27092a4c26b916
Signed-off-by: Tony Tkacik <ttkacik@cisco.com>
Wojciech Dec [Mon, 7 Sep 2015 14:39:44 +0000 (14:39 +0000)]
Revert "Formatting fixes"
This reverts commit
7803df99b6b61c43048ccbc20afb6f640a53c0a3.
Change-Id: Ic91845013379c710238070c88526302a8a3bdc82
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Wojciech Dec [Mon, 7 Sep 2015 14:37:17 +0000 (14:37 +0000)]
Merge "Remove pluginManagement and clean up variables"
Wojciech Dec [Mon, 7 Sep 2015 14:35:27 +0000 (14:35 +0000)]
Merge "Formatting fixes"
Stephen Kitt [Thu, 3 Sep 2015 12:23:50 +0000 (14:23 +0200)]
Remove pluginManagement and clean up variables
The parent POM's pluginManagement is redundant with odlparent's, so
remove it. (I'm working on reducing the number of variables which need
to be exported from odlparent.)
A few other variables aren't used, remove them too.
Change-Id: I4c9e41633527457054661f35edb4e1077108d6d7
Signed-off-by: Stephen Kitt <skitt@redhat.com>
Wojciech Dec [Thu, 3 Sep 2015 17:33:28 +0000 (19:33 +0200)]
Formatting fixes
Change-Id: I213628f223267a0bb185ebccdb7230c71658d6ef
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Wojciech Dec [Thu, 3 Sep 2015 17:24:23 +0000 (19:24 +0200)]
Fix to checkstyle configuration
Change-Id: I0ad8aa77b362b717d968f0b872b1c0e1227e3f7a
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Tomas Cere [Wed, 2 Sep 2015 12:19:47 +0000 (14:19 +0200)]
Resolve cyclic dependency with netconf
Move aaa-authn-odl-plugin to netconf to prevent cyclic dependency.
Migrate restconf dependencies to new groupId
Change-Id: I7931dbee55199ea4cc0b11f4f32e78da9eb4c9c1
Signed-off-by: Tomas Cere <tcere@cisco.com>
Wojciech Dec [Fri, 26 Jun 2015 19:41:15 +0000 (21:41 +0200)]
Bug 3680 - Adding post activation service registration callbacks
Change-Id: Ia413410ae139d6b0fec1bb40aba5d4d345158561
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Wojciech Dec [Tue, 25 Aug 2015 08:30:21 +0000 (08:30 +0000)]
Merge "Bug4168 Deprecate inappropriate uses of StringBuilder"
Wojciech Dec [Tue, 25 Aug 2015 08:28:53 +0000 (08:28 +0000)]
Merge "Bug 4146 odl-aaa-authz does not work for Write or ReadWrite Transactions"
Ryan Goulding [Mon, 17 Aug 2015 20:50:34 +0000 (16:50 -0400)]
Bug 4146 odl-aaa-authz does not work for Write or ReadWrite Transactions
This patch modifies the authorization model by defining ActionTypes that are
applicable to the existing DOMDataReadOnlyTransaction,
DOMDataWriteOnlyTransaction and DOMDataReadWriteTransaction. The ActionType
enum is utilized to add authorization to the AuthzWriteOnlyTransaction and
AuthzReadWriteTransaction. Utility methods for ensuring authorization are
added to the AuthzServiceImpl.
Change-Id: Ia5c67946160e3dc0a074e616fbbb980e5eeafec1
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Sat, 22 Aug 2015 18:01:58 +0000 (14:01 -0400)]
Bug4168 Deprecate inappropriate uses of StringBuilder
Patches old code to replace StringBuilder invocations with String
concatenation for performance reasons.
Change-Id: I048c73969c6251b77a2c90a0fdd8825f59dd01dd
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Wojciech Dec [Thu, 20 Aug 2015 13:35:52 +0000 (13:35 +0000)]
Merge "Adds a folder for postman collections and a basic authz example"
Wojciech Dec [Tue, 18 Aug 2015 07:37:31 +0000 (07:37 +0000)]
Merge "Add config subsystem binding to aaa-authn-odl-plugin"
Ryan Goulding [Thu, 13 Aug 2015 13:23:47 +0000 (09:23 -0400)]
Adds a folder for postman collections and a basic authz example
Adds authz postman collection for easy import/use. These rest
endpoints are just scaffolding right now; they do not actually
affect the Java code
Change-Id: I2e4c59c0eceb334ac5758cd8507027af81842c45
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Thanh Ha [Sun, 9 Aug 2015 06:06:04 +0000 (02:06 -0400)]
Fix license header violations in aaa-idmlight
Change-Id: Ib5148d1690134501cd14a47b9b991aabe5ee30bc
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 06:02:31 +0000 (02:02 -0400)]
Fix license header violations in aaa-authn
Change-Id: Id888328a85d146249e87b1a074a64fbbf6a0464a
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 06:01:15 +0000 (02:01 -0400)]
Fix license header violations in aaa-authn-basic
Change-Id: Id2a8f0fbfb53cc6c4d4d37b103da18f757c63063
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 06:00:44 +0000 (02:00 -0400)]
Fix license header violations in aaa-authn-keystone
Change-Id: Ic4b63252428daf95d28f756f4d7800afd5b8ffe2
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 05:59:51 +0000 (01:59 -0400)]
Fix license header violations in aaa-authn-odl-plugin
Change-Id: Ia0b7cc1cd97318f370a2433b2c8ce6c912d8540e
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 05:58:35 +0000 (01:58 -0400)]
Fix license header violations in aaa-authn-sssd
Change-Id: I9f8329410f5a809236085d6ad178b772f8319ae7
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 05:57:45 +0000 (01:57 -0400)]
Fix license header violations in aaa-authn-federation
Change-Id: Ic1443b2c38581fa3fecf419899c80693187ff3e7
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 05:55:38 +0000 (01:55 -0400)]
Fix license header violations in aaa-authn-store
Change-Id: I60b24c366231dcd8f0b94e21fbe54c804a68b4fb
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Sun, 9 Aug 2015 05:50:47 +0000 (01:50 -0400)]
Fix license header violations in aaa-authn-sts
Change-Id: I744f224f9df3beaa82459fbdafce342fab0935bc
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Fri, 7 Aug 2015 18:58:04 +0000 (14:58 -0400)]
Fix license header violations in aaa-idp-mapping
Change-Id: Ifa23217964ae86d192ab271837474b054b86e9eb
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Fri, 7 Aug 2015 18:51:47 +0000 (14:51 -0400)]
Fix license header violations in aaa-authn
Change-Id: Ic55740e6ec763686a8a377cc4a7eeaffbf8a6bac
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Fri, 7 Aug 2015 18:46:23 +0000 (14:46 -0400)]
Fix license header violations in aaa-authn-api
Change-Id: If99adb015c3deebd5615a0d3ca267447428fbe8b
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Maros Marsalek [Wed, 15 Jul 2015 13:20:54 +0000 (15:20 +0200)]
Add config subsystem binding to aaa-authn-odl-plugin
AuthProvider is now a regular module instantiated automatically as a default
instance.
Change-Id: I3244242bfe3d1be1207ab077d4e5cc107a33ee4e
Signed-off-by: Maros Marsalek <mmarsale@cisco.com>
Wojciech Dec [Wed, 29 Jul 2015 21:09:31 +0000 (21:09 +0000)]
Merge "Bug 4054 Federation RuleProcessor utilizes System.out which interferes with karaf"
Wojciech Dec [Mon, 27 Jul 2015 16:48:31 +0000 (16:48 +0000)]
Merge "Fix Bug 3924 - aaa passwords are stored in clear text"
Ryan Goulding [Fri, 24 Jul 2015 16:16:49 +0000 (12:16 -0400)]
Bug 4054 Federation RuleProcessor utilizes System.out which interferes with karaf
Changes System.out calls to logger.info().
Change-Id: I20ef61d59e2a310de8705e165b881659063d6b32
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Sharon Aicler [Tue, 14 Jul 2015 08:10:27 +0000 (01:10 -0700)]
Fix Bug 3924 - aaa passwords are stored in clear text
Change-Id: If5d370166011b85f82b54b21c273028b90b30ea1
Signed-off-by: Sharon Aicler <saichler@cisco.com>
Wojciech Dec [Thu, 23 Jul 2015 15:13:14 +0000 (15:13 +0000)]
Merge "Explicitly set git-review branch to master"
Wojciech Dec [Thu, 23 Jul 2015 14:54:50 +0000 (14:54 +0000)]
Merge "Bug 4038 Grant Creation is Broken"
Wojciech Dec [Thu, 23 Jul 2015 14:39:10 +0000 (14:39 +0000)]
Merge "Bug 4023 AAA does not enforce unqiue role names"
Wojciech Dec [Thu, 23 Jul 2015 14:38:30 +0000 (14:38 +0000)]
Merge "Bug 4020 AAA fails to perform federated authentiation responsibilities if sssd lookup fails"
Thanh Ha [Wed, 22 Jul 2015 19:06:06 +0000 (15:06 -0400)]
Explicitly set git-review branch to master
Change-Id: I7643a7921ed3fb23b992486eb658a82b40c1b899
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Ryan Goulding [Wed, 22 Jul 2015 16:00:07 +0000 (12:00 -0400)]
Bug 4038 Grant Creation is Broken
This patch correctly increments consecutive calls to
PreparedStatement.setInt().
Change-Id: Ib07d8568ce536a987f6235d96103d4af6343a990
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Wojciech Dec [Tue, 21 Jul 2015 12:57:26 +0000 (12:57 +0000)]
Merge "Bug 1911 Updating user info will result in un-redacted password field returned in the response"
Wojciech Dec [Tue, 21 Jul 2015 12:55:13 +0000 (12:55 +0000)]
Merge "Bug 1910 Enforce domain name uniqueness"
Wojciech Dec [Tue, 21 Jul 2015 12:50:55 +0000 (12:50 +0000)]
Merge "Bug 3519 Stop creating static exception instances"
Ryan Goulding [Mon, 20 Jul 2015 21:07:27 +0000 (17:07 -0400)]
Bug 1911 Updating user info will result in un-redacted password field returned in the response
Changes /auth/v1/users/{id} endpoint so that PUT request returns
a user with a redacted password. Abstracts a REDACTED_PASSWORD
constant.
Change-Id: Ib692727a69dd00f34d83ccb63095ed7623926518
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Mon, 20 Jul 2015 19:28:40 +0000 (15:28 -0400)]
Bug 4023 AAA does not enforce unqiue role names
This change enforces unique role names at the databse layer.
Change-Id: Iada8b2eb36f8fa9fbe9f935e3f0e39fe04e55166
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Mon, 20 Jul 2015 19:22:38 +0000 (15:22 -0400)]
Bug 1910 Enforce domain name uniqueness
Domain names should be unique. This change enforces domain name
uniqueness at the database layer.
Change-Id: I1cc90a3ae8683e6c51c5fd0c394b1d5973aed86c
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Mon, 20 Jul 2015 15:01:44 +0000 (11:01 -0400)]
Bug 4020 AAA fails to perform federated authentiation responsibilities if sssd lookup fails
If SSSD lookup fails, there is a possibility that invalid values are propagated
by the Apache proxy. These values should not cause a failure in
authentication, since not all IdP mapping requires every SSSD field. This
change ensures SSSD filters gracefully ignore invalid values, so the
authentication is still attempted.
Change-Id: I3ccbcf62e164e907f3fd53a14dd7cae77afaa5c2
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Wojciech Dec [Thu, 2 Jul 2015 16:45:46 +0000 (16:45 +0000)]
Merge "Reorder authN feature order to prioritize MD-SAL startup"
Wojciech Dec [Thu, 2 Jul 2015 16:17:25 +0000 (16:17 +0000)]
Merge "Bug 2923 Restarting the controller causes multiple insertions users"
Ryan Goulding [Thu, 2 Jul 2015 16:16:37 +0000 (12:16 -0400)]
Bug 3519 Stop creating static exception instances
Stop using static exceptions so the stack trace is accurate.
Change-Id: Ib8e62813578ca1ab5ec52e41d7357af92b8129ef
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Wojciech Dec [Wed, 1 Jul 2015 15:03:21 +0000 (17:03 +0200)]
Reorder authN feature order to prioritize MD-SAL startup
Change-Id: Iad0814dcd30daa9d24d029def8526a0211104639
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Wojciech Dec [Thu, 2 Jul 2015 14:02:37 +0000 (16:02 +0200)]
Bug3680 - Fix loading of AuthN config
(Issue caused by project structure cleanup)
Change-Id: I6cc0a8d137b56da11d38a97a29fa2862f360f65a
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Ryan Goulding [Wed, 1 Jul 2015 18:42:48 +0000 (14:42 -0400)]
Bug 2923 Restarting the controller causes multiple insertions users
Changes criteria of StoreBuilder.init() so it is called when
"idmlight.db.mv.db" does not exist. Previously, the code checked for the
existence of "idmlight.db". This convention changed with the addition of
H2 as the data store backing AAA data.
Change-Id: Ifa15ce89b414bbbb32b34d2ca38a3504921d8e27
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Thanh Ha [Tue, 30 Jun 2015 16:33:58 +0000 (12:33 -0400)]
Temporarily workaround deployment issue for aaa-artifacts
Change-Id: Ia9f6fa78f588982ee9ee1a54ebbd53fed13f5632
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Thanh Ha [Tue, 30 Jun 2015 14:33:02 +0000 (10:33 -0400)]
Fix missing <distributionManagement> for merge jobs
Change-Id: Ib11e06c8474185e4a64e52503b676bcd7020e333
Signed-off-by: Thanh Ha <thanh.ha@linuxfoundation.org>
Robert Varga [Wed, 24 Jun 2015 19:30:44 +0000 (21:30 +0200)]
Convert features/authn to use features-parent
features-parent contains all the magic needed to properly resolve
versions and test features, migrate to use it, simplifying things here.
Change-Id: I57abb28149837aa16b113de87f3412b00f4c5e4b
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Thu, 25 Jun 2015 08:44:53 +0000 (10:44 +0200)]
Convert features/authz to use features-parent
features-parent contains all the magic needed to properly resolve
versions and test features, migrate to use it, simplifying things here.
Change-Id: I382c47cb2df0f8b53911c794a86909604f7a6ce3
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Wed, 24 Jun 2015 19:11:56 +0000 (21:11 +0200)]
Convert features/api to use features-parent
features-parent contains all the magic needed to properly resolve
versions and test features, migrate to use it, simplifying things here.
Change-Id: I2467c292b697d88883592cbcf6bebed0070dea49
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Wed, 24 Jun 2015 16:59:57 +0000 (18:59 +0200)]
Rename and move commons/parent
Move commons/parent to top-level directory and rename it to aaa-parent,
to follow common projects structure recommendations.
Change-Id: I9a075e39129f23a21664df2e7f57ac8a73679dd4
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Wed, 24 Jun 2015 15:26:18 +0000 (17:26 +0200)]
Add aaa-artifacts
This commit centralizes the artifacts produced by aaa project for
consumption in other projects. Also import it in the parent, so
internal dependency versions can be picked up easily.
Change-Id: I889a057bdf5a050583e65e3d8fdbe938d2e15c19
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Wed, 24 Jun 2015 15:57:48 +0000 (17:57 +0200)]
Rework parent structure to point to parent
Having projects point to the aggregator defeats the idea of a parent,
especially if the aggregator does not define anything except its child
modules.
Change-Id: Ib20399817bf48eb30ffa706863559a5e7976be59
Signed-off-by: Robert Varga <rovarga@cisco.com>
Wojciech Dec [Fri, 26 Jun 2015 14:08:33 +0000 (14:08 +0000)]
Merge "Move build section into parent"
Wojciech Dec [Fri, 26 Jun 2015 14:06:25 +0000 (14:06 +0000)]
Merge "Remove unneeded dependency"
Wojciech Dec [Thu, 25 Jun 2015 12:26:09 +0000 (12:26 +0000)]
Merge "BUG 3858 - Increasing default token cache expiry to 60min"
Wojciech Dec [Thu, 25 Jun 2015 08:12:56 +0000 (10:12 +0200)]
BUG 3858 - Increasing default token cache expiry to 60min
Change-Id: Id24472b3246b981ae8a76e464b263527322e8d9d
Signed-off-by: Wojciech Dec <wdec@cisco.com>
Robert Varga [Wed, 24 Jun 2015 15:49:56 +0000 (17:49 +0200)]
Move build section into parent
Change-Id: Idd079ccfaacc520c8215db07cdbd08b1f6e06fb9
Signed-off-by: Robert Varga <rovarga@cisco.com>
Robert Varga [Wed, 24 Jun 2015 16:06:05 +0000 (18:06 +0200)]
Remove unneeded dependency
The yang model in aaa-credential-store-api does not depend on the models
pulled in, hence there is no need for the dependency.
Change-Id: I9b3cf4d9817568edbd8445acd7e56daa134f7862
Signed-off-by: Robert Varga <rovarga@cisco.com>
Ryan Goulding [Mon, 22 Jun 2015 16:56:31 +0000 (12:56 -0400)]
Bug 3820 Incorrect database initialization
This change enables IdmLightApplication to initialize the data store.
Change-Id: I65566cc5900199bffd37e43e5bb761794ae6c382
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Ryan Goulding [Fri, 19 Jun 2015 17:44:43 +0000 (13:44 -0400)]
Bug 3820 Incorrect database initialization
Added username and password parameters to database initialization. This is
necessary in order to access the database from a psql client. This change
enforces the Singleton design pattern for IdmLightApplication. The
getDbConnect() functionality included in UserStore, RoleStore, GrantStore
and DomainStore is consolidated in
IdmLightApplication.getConnection(Connection existingConnection) function.
Change-Id: Ib001e05548acf401c4633712cd7ab3ff6a2d2b44
Signed-off-by: Ryan Goulding <ryandgoulding@gmail.com>
Wojciech Dec [Tue, 9 Jun 2015 15:00:15 +0000 (15:00 +0000)]
Merge "Bug 2809:Fix AAA error reporting"
Wojciech Dec [Sun, 7 Jun 2015 19:17:25 +0000 (19:17 +0000)]
Merge "Bug 2321 - Adding Authentication to IdmLight API"
Wojciech Dec [Sun, 7 Jun 2015 19:15:05 +0000 (19:15 +0000)]
Merge "Changing sql queries to prepared statements in idmlite"
Debalina Ghosh [Thu, 4 Jun 2015 22:39:56 +0000 (15:39 -0700)]
Bug 2809:Fix AAA error reporting
Change-Id: I61c923cec41fbe2244151c354ccba0fc49703faf
Signed-off-by: Debalina Ghosh <debalina.ghosh@hp.com>
Wojciech Dec [Thu, 4 Jun 2015 17:37:53 +0000 (19:37 +0200)]
Bug 2321 - Adding Authentication to IdmLight API
Change-Id: I6197c4e518202e9d285958df741228a1dec268ad
Signed-off-by: Wojciech Dec <wdec@cisco.com>