jenkins-releng [Tue, 31 Oct 2023 10:30:04 +0000 (10:30 +0000)]
Release aaa
Robert Varga [Tue, 31 Oct 2023 08:42:27 +0000 (09:42 +0100)]
Bump upstrems
Adopt:
- odlparent-11.0.7
- infrautils-4.0.7
- yangtools-9.0.10
- mdsal-10.0.9
- controller-6.0.10
Change-Id: I02147c3beb79b0290eeef95b154770a923bda96e
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Yaroslav Lastivka [Fri, 21 Jul 2023 08:35:00 +0000 (11:35 +0300)]
Bump H2 database to 2.2.220
https://github.com/h2database/h2database/releases/tag/version-2.2.220
JIRA: AAA-262
Change-Id: I6400fb784899c178c538e355168a4f71e1a8668e
Signed-off-by: Yaroslav Lastivka <yaroslav.lastivka@pantheon.tech>
(cherry picked from commit
ada577bf6cd52b3cefed6f62224fbad8470d47b1)
Robert Varga [Sat, 16 Sep 2023 06:31:31 +0000 (08:31 +0200)]
Disable invalidRequest.blockTraversal
Shiro's traversal filtering disallows escaped slashes, which are part of
RESTCONF spec. Disable traversal filtering by default.
JIRA: AAA-265
Change-Id: I17fce53bf9e8f34a81796fa476508f5dd5a5b7e1
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
3abb8fff9677c0f4c52302926eac89eeb87161dc)
Robert Varga [Thu, 31 Aug 2023 07:23:01 +0000 (09:23 +0200)]
Bump shiro to 1.12.0
https://shiro.apache.org/blog/2023/07/18/apache-shiro-1120-released.html
JIRA: AAA-264
Change-Id: I2b8da8e1d85afe5f74a14b18d7d22cb336519e1f
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
8de5b4033abb5d7d3d2ba9a15eaeb85e8da4479c)
Robert Varga [Wed, 30 Aug 2023 16:31:50 +0000 (18:31 +0200)]
Make nested classes final
This fixes checkstyle violations reported by upgraded checkstyle.
Change-Id: Icda2fed21a05615c6831a90471202b5dbdee2272
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
3f1c7b6b61af9606ae0323654d25f69c080a4b1d)
Matej.Sramcik [Wed, 31 May 2023 09:37:44 +0000 (11:37 +0200)]
Cleanup AAA dev-guide
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: If4efc2c96ad70578ab54feaeed98450b37156277
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
(cherry picked from commit
b2c85d77306f1182db0cf1923d448f11d5ae5830)
Matej.Sramcik [Wed, 31 May 2023 09:35:47 +0000 (11:35 +0200)]
Cleanup AAA user-guide
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: I8debbf7402d3ddf8bc64f94c491c7946ba7bef6d
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
(cherry picked from commit
d4eabf590d0a0b89bb968958812c4d9eccd66fc6)
Matej.Sramcik [Wed, 31 May 2023 08:37:22 +0000 (10:37 +0200)]
Cleanup AAA readme
Update Java, Maven and Python versions.
Remove occurrences of Oauth2.
JIRA: AAA-260
Change-Id: Ied5296d8338d330570f8679a64b10981f508c72d
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
(cherry picked from commit
58bbd90c6cc75614208b6213832fc70b3bca4044)
Robert Varga [Wed, 31 May 2023 09:27:15 +0000 (11:27 +0200)]
Bump versions to 0.16.10-SNAPSHOT
This starts the next development iteration.
Change-Id: I01abf29e49dadfda1238f3730a90b1881ae2f48c
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
jenkins-releng [Tue, 30 May 2023 23:40:56 +0000 (23:40 +0000)]
Release aaa
Robert Varga [Tue, 30 May 2023 23:33:04 +0000 (23:33 +0000)]
Merge "Bump upstrems" into 0.16.x
Robert Varga [Tue, 30 May 2023 19:53:34 +0000 (21:53 +0200)]
Bump upstrems
Adopt:
- odlparent-11.0.6
- infrautils-4.0.6
- yangtools-9.0.8
- mdsal-10.0.8
- controller-6.0.9
Change-Id: I7807046ec233c04f1753dc56f8c4860ed69f15af
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Matej.Sramcik [Fri, 26 May 2023 09:50:09 +0000 (11:50 +0200)]
Bump conf.yaml versions to Chlorine
Change aaa configuration to Chlorine
JIRA: AAA-259
Signed-off-by: Matej Sramcik <matej.sramcik@pantheon.tech>
Change-Id: Ic3831d340207c3bf701d6e5715cadd7e9c8d598c
Robert Varga [Wed, 12 Apr 2023 15:31:32 +0000 (17:31 +0200)]
Bump versions to 0.16.9-SNAPSHOT
This starts the next development iteration.
Change-Id: I99404316e3d1dafb81bf1a3939ef527dc2ebfe86
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 13 Apr 2023 08:49:38 +0000 (08:49 +0000)]
Merge changes Ifb01e9f1,I405a2317,Ifbaf2447,Ief534eaa,I0716ed83 into 0.16.x
* changes:
Update dev-guide doc for H2 client
Remove oauth2 example from docs
Fix IdM examples in user-guide
Update AAA documentation
Sort out docs that look similar at first glance
Peter Suna [Thu, 2 Mar 2023 14:55:48 +0000 (15:55 +0100)]
Update dev-guide doc for H2 client
The current documentation is missing information about
the credentials and the location where the H2 database is stored.
JIRA: AAA-253
Change-Id: Ifb01e9f1ea9583520bf09ce1dcb19770107feb4c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
(cherry picked from commit
3ce70e932976cacb8457870520d57855b595bf4e)
Peter Suna [Tue, 21 Feb 2023 10:03:26 +0000 (11:03 +0100)]
Remove oauth2 example from docs
oauth2 was removed as part of AAA-173, but the documentation
was not updated. Fix that up.
JIRA: AAA-249
Change-Id: I405a2317c9ec0a4dfd0b7550afe557255b4d69cf
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
(cherry picked from commit
f2aeac6532170a66a1d4c1de41bcf117faa6c0e9)
Peter Suna [Mon, 20 Feb 2023 16:08:11 +0000 (17:08 +0100)]
Fix IdM examples in user-guide
Update idmtool and fix REST requests.
Add more REST examples with domain and grants.
JIRA: AAA-249
Change-Id: Ifbaf244769744f6fc4fd60c3e9113e0ee34a937c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
(cherry picked from commit
9353cc6bb2f8ce38238a7028dbbb9ac35f7d305d)
Peter Suna [Fri, 17 Feb 2023 13:02:28 +0000 (14:02 +0100)]
Update AAA documentation
Use only RFC8040 in RESTCONF requests.
Add missing mandatory "index" field to the policies request.
Fix wrong path for h2 database jar.
JIRA: AAA-249
Change-Id: Ief534eaa633a45321a1792cffc609f35413f0279
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
(cherry picked from commit
7c46e5941cc395448bf69b6e96c3c4c07aec425e)
Peter Suna [Thu, 16 Feb 2023 08:41:32 +0000 (09:41 +0100)]
Sort out docs that look similar at first glance
User guide and Developer guide are displayed at index page.
At the first glance it looks like a mistake with duplicate link.
JIRA: AAA-249
Change-Id: I0716ed83fc8ddef1208b5fb9a8f7de450cc99e4c
Signed-off-by: Peter Suna <peter.suna@pantheon.tech>
(cherry picked from commit
89da126cf6156da8590cd5584baf1e98a42702e2)
Robert Varga [Thu, 16 Feb 2023 12:24:22 +0000 (13:24 +0100)]
Use {Key,Trust}ManagerFactory.getDefaultAlgorithm()
Do not much with properties and magix strings -- use proper method to
acquire the algorithm.
Change-Id: I91b6a4f8fdaab1abf9bbaa665957f92d96e59663
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
ec63fac5ca8b3ab7d5674d0921f3115e8bef86b2)
Robert Varga [Wed, 12 Apr 2023 12:46:06 +0000 (14:46 +0200)]
Bump upstrems
Adopt:
- odlparent-11.0.5
- infrautils-4.0.5
- yangtools-9.0.7
- mdsal-10.0.7
- controller-6.0.8
Change-Id: I14515066211036226a32b6ae55a5b0079b9f4620
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 14 Feb 2023 09:15:40 +0000 (10:15 +0100)]
Use a switch expression to dispatch keys
This makes the code flow more obvious.
Change-Id: I112da7aa2d1950e45bad8bac3e87126c47300f86
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
0ca412d7387be08bc904fc5f2cc96c9f2001204f)
Robert Varga [Mon, 23 Jan 2023 18:54:34 +0000 (19:54 +0100)]
Bump Shiro to 1.11.0
https://shiro.apache.org/blog/2023/01/13/apache-shiro-1110-released.html
From now on we can integrate with Jakarta namespace via web-jakarta.
JIRA: AAA-247
Change-Id: I5cf22c967f82c661a5e9c91830348bf821392f1c
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
ca8ea1ece26e1a58987a3786e45a50cc7a8c0712)
Robert Varga [Tue, 3 Jan 2023 09:17:15 +0000 (10:17 +0100)]
Bump versions to 0.16.8-SNAPSHOT
This starts the next development iteration.
Change-Id: Icda35e37df06043adc76ce6935f28527b6b7fb06
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 2 Jan 2023 17:49:42 +0000 (18:49 +0100)]
Bump upstrems
Adopt:
- odlparent-11.0.4
- infrautils-4.0.4
- yangtools-9.0.6
- mdsal-10.0.6
- controller-6.0.7
Change-Id: Iddfa9be6b7f5426ae468f8949f02cc9f3c922406
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 4 Dec 2022 09:49:56 +0000 (10:49 +0100)]
Bump versions to 0.16.7-SNAPSHOT
This starts the next development iteration.
Change-Id: I1e5b639ec306d33392e5cbe669d25319f896737b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 4 Dec 2022 09:42:40 +0000 (10:42 +0100)]
Bump upstrems
Adopt:
- yangtools-9.0.5
- mdsal-10.0.5
- controller-6.0.5
Change-Id: I135971b214deee95c80246ebf4e8ff01b34a93b2
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sat, 3 Dec 2022 08:59:58 +0000 (09:59 +0100)]
Bump versions to 0.16.6-SNAPSHOT
This starts the next development iteration.
Change-Id: I25734364a4a19b13f77f512efc14d6b3ebada505
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sat, 3 Dec 2022 01:45:34 +0000 (01:45 +0000)]
Merge "Bump upstrems" into 0.16.x
Robert Varga [Sat, 3 Dec 2022 01:05:50 +0000 (02:05 +0100)]
Bump upstrems
Adopt:
- odlparent-11.0.3
- infrautils-4.0.3
- yangtools-9.0.4
- mdsal-10.0.4
- controller-6.0.4
Change-Id: I440d77f68f218c8640d3591714fc7763b43e33e7
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Stephen Kitt [Mon, 21 Nov 2022 08:26:06 +0000 (09:26 +0100)]
Bump shiro to 1.10.1
Changes:
https://shiro.apache.org/blog/2022/11/19/apache-shiro-1101-released.html
JIRA: AAA-242
Change-Id: I294d2a3e50abfff46486811bce97c2d192e9e3a7
Signed-off-by: Stephen Kitt <skitt@redhat.com>
(cherry picked from commit
4412d7fb088f8e0e46d030ebf245c522318e3297)
Robert Varga [Wed, 16 Nov 2022 17:58:35 +0000 (18:58 +0100)]
Drop an old FIXME
This FIXME has been addressed, remove it.
Change-Id: I929a0359b7f71adfa043eb0ff55831e8231b3f7b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
894ae52d04b07cb244398eb2f8a750d65129954c)
Robert Varga [Wed, 16 Nov 2022 17:28:58 +0000 (18:28 +0100)]
Drop dependency on commons-text
Fix the final SQL injection issue in GrantStore, which means we no
longer need to escape strings. This allows us to drop dependency on
common-text and fixup a warning by mentioning guava in our dependencies.
Change-Id: I3665a42fd81c7e07ea708d352c784f2bb75a86ad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
bdd04452563a1b375e02787d6821f0bf28205415)
Robert Varga [Wed, 16 Nov 2022 17:27:12 +0000 (18:27 +0100)]
Use prepareStatement() in UserStore.deleteUser()
The conversion to prepared statements has not dealt with the delete
function, leaving the ability to wipe the entire UserStore with SQL
injection. Fix this by using a proper prepared statement.
JIRA: AAA-241
Change-Id: Ie3d9a8eae815fab457809f3d2cd3577d38bd0207
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
9b912d4d433469b83f097fa76e203d7b97f44552)
Robert Varga [Wed, 16 Nov 2022 17:24:46 +0000 (18:24 +0100)]
Use prepareStatement() in DomainStore.deleteDomain()
The conversion to prepared statements has not dealt with the delete
function, leaving the ability to wipe the entire DomainStore with SQL
injection. Fix this by using a proper prepared statement.
JIRA: AAA-240
Change-Id: I4650e4561482864c90df737e964dcc5514221a15
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
11295189db80dd45fb0c460d9e9cb3598ed7f229)
Robert Varga [Wed, 16 Nov 2022 17:20:59 +0000 (18:20 +0100)]
Use prepareStatement() in RoleStore.deleteRole()
The conversion to prepared statements has not dealt with the delete
function, leaving the ability to wipe the entire RoleStore with SQL
injection. Fix this by using a proper prepared statement.
JIRA: AAA-239
Change-Id: If46a900951b4f1769239bd5f38516b299284f88b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
e0ead2109e45d770b48bb3b848d9e75185c98c4c)
Robert Varga [Sun, 6 Nov 2022 12:21:34 +0000 (13:21 +0100)]
Bump versions to 0.16.5-SNAPSHOT
This starts the next development iteration.
Change-Id: I1fa220df8aa215b4e6f930982affd766fdb1a6cb
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 4 Nov 2022 09:47:48 +0000 (10:47 +0100)]
Bump upstrems
Adopt:
- odlparent-11.0.2
- infrautils-4.0.2
- yangtools-9.0.2
- mdsal-10.0.3
- controller-6.0.3
Change-Id: Ib7a1c7d5ce19d4651b01e368559ce20238ab8c26
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 28 Oct 2022 21:30:57 +0000 (23:30 +0200)]
Bump h2database to 2.1.214
https://github.com/h2database/h2database/releases/tag/version-2.1.212
https://github.com/h2database/h2database/releases/tag/version-2.1.214
Change-Id: Ia731330d2b452868438b3b9595a2c86a7c8d6ccc
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
6074d8534d7b6eee409bc9a7644c6efa4c15daaf)
Robert Varga [Fri, 28 Oct 2022 20:16:32 +0000 (22:16 +0200)]
Bump shiro to 1.10.0
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=
12310950&version=
12351946
Change-Id: I2e11329f33a18283d941a33d29f47bee4d24bd94
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
(cherry picked from commit
56c68fd196cb599938bceff85745b69fccb3aefa)
Robert Varga [Thu, 22 Sep 2022 12:55:31 +0000 (14:55 +0200)]
Use faster lastIndexOf()
Searching for a char index is faster than searching for a string, use
the former.
Change-Id: I528499247d6361cfeadb49b9d9d05df3ac12078a
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 10:25:27 +0000 (12:25 +0200)]
Bump versions to 0.16.4-SNAPSHOT
This starts the next development iteration.
Change-Id: I9f3bdc47994bc9fa912464376798f96c354d42ea
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 11:02:46 +0000 (13:02 +0200)]
Clean up filter loading
Reduce the size of try/catch block and use Class.asSubclass() to
remove an unchecked cast.
Change-Id: Ib2c90a3df761f7a8436a56ea37078ea94feb2084
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 10:59:28 +0000 (12:59 +0200)]
Simplify FilterDTO hierarchy
Only NamedFilterDTO needs initialization parameters, make sure we clean
up the hierarchy appropriately.
Change-Id: I8d9b2af086195e2ce567fb6725e5018a96a784a9
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 10:41:58 +0000 (12:41 +0200)]
Remove unneded this. qualifier
Field references are obvious, no need to use to over-specify them.
Change-Id: I02ffcad83f801cdd7faa0d0c53a13596f517a588
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 10:41:09 +0000 (12:41 +0200)]
Flatten else/if
Use a simple else if instead of nesting.
Change-Id: I05d3b54bebee2a2f78e5bf33e10834b3f1a5e8ba
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 10:02:23 +0000 (12:02 +0200)]
Optimize getFilterInstance()
This is a purely-private method, there is no point in using a Stream
where a nullable object suffices.
Change-Id: Ibcec056f3235022ffb4f7b2814d5e5250d436eed
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 09:59:16 +0000 (11:59 +0200)]
Optimize convertCustomFilterList()
Rather than creating a temporary collection, use Streams.concat()
to acquire a combined stream. Also collect directly to an ImmutableList,
so that we do not have two objects allocated.
Change-Id: Id9fdaa2f83524cdf0c8cc133f8cab9e1767c94c0
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 09:54:49 +0000 (11:54 +0200)]
Use ImmutableList for internal tracking
We are already assuming immutability, clean up types to make things a
tad more streamlined.
Change-Id: I50c94050d4632a25c6c0dafb42fc87ec76cbc7aa
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 09:48:29 +0000 (11:48 +0200)]
Iterate over simple array
There is no point in using Arrays.asList(), as we end up only iterating
over the list anyway.
Change-Id: I7e0345ea6ae92fc61d8814a0424837c51719612c
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 09:45:47 +0000 (11:45 +0200)]
Use Iterators.asEnumeration()
There is no point in open-coding an implementation, use Guava instead.
Change-Id: I8cad2cec9501178d69916636263f116cec8f7750
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 22 Sep 2022 09:19:39 +0000 (11:19 +0200)]
Ignore HTTP Whiteboard Filters
CustomFilterAdapterConfigurationImpl is listening for all servlet
filters being published to OSGi registry. This unfortunately means
it picks up also filters destined for HTTP Whiteboard -- such as
CustomFilterAdapter, which in turn uses ConfigurationImpl to get
its list of filters -- leading to the filter referencing itself.
Exclude Filters properly marked for HTTP Whiteboard from contributing to
the list and drop a FIXME for a future enhancement.
JIRA: AAA-235
Change-Id: I80c1264889b42a105a62cd5da4238a54554839dd
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 16 Sep 2022 17:51:59 +0000 (19:51 +0200)]
Bump versions to 0.16.3-SNAPSHOT
This starts the next development iteration.
Change-Id: Ia9cddf4a1b4ee5da34249c7f16bb6d77ec22d963
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 16 Sep 2022 17:40:53 +0000 (19:40 +0200)]
Remove aaa.web.jetty.test
Unit tests should be in the same package as the classes being tested,
fix that up.
Change-Id: I83fa642f874fa8b1f383032cc0ea64c25cf1c457
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 16 Sep 2022 17:39:05 +0000 (19:39 +0200)]
Remove aaa.web.tests
Unit tests should be in the same package, fix that up.
Change-Id: I6e41daecd47065be6fd60dc2eb8c57813861e3a8
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
OleksandrZharov [Fri, 16 Sep 2022 09:18:26 +0000 (11:18 +0200)]
Ensure patterns are absolute
The contract in web-api does not spell out the requirement for patterns
to conform to servlet spec. Jetty implementation needs to ensure they
start with a '/' just like the OSGi implementation does.
JIRA: AAA-232
Change-Id: I34879163596872e4e497a13c3b60111a317feadd
Signed-off-by: OleksandrZharov <Oleksandr.Zharov@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Fri, 16 Sep 2022 08:40:10 +0000 (10:40 +0200)]
Bump upstreams
Adopt:
- mdsal-10.0.2
- controller-6.0.2
Change-Id: Ib8be205d49c6170b91bbf96bc52dd87ed27583ad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 13 Sep 2022 10:16:46 +0000 (12:16 +0200)]
Use ResourceDetails.alias() from URL patterns
We have impedance on resource registration. We need to make sure we
interpret alias as the URL pattern.
JIRA: AAA-231
Change-Id: Ib3db3ce9e42665476e5ea2a91862363f3893af42
Signed-off-by: Ivan Martiniak <ivan.martiniak@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Ivan Martiniak [Mon, 12 Sep 2022 05:20:49 +0000 (07:20 +0200)]
Fix web pattern propagation
Adding additional "contextPath" to URL patterns caused its doubling.
For instance, the pattern "apidoc/openapi3/apis/single" was represented
as "/apidoc/apidoc/openapi3/apis/single".
New whiteboard implementation adds this "contextPath" automatically,
because of its specification in the constant
HttpWhiteboardConstants.HTTP_WHITEBOARD_CONTEXT_PATH.
This is the difference against older pax-web implementation.
JIRA: AAA-230
Change-Id: I969706594f8cae10781d7a251cc689454982b83e
Signed-off-by: Ivan Martiniak <ivan.martiniak@pantheon.tech>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 18 Aug 2022 20:28:19 +0000 (22:28 +0200)]
Bump versions to 0.16.2-SNAPSHOT
This starts the next development iteration.
Change-Id: I119dfb0836aaf0fc028450873fb8eff18b052080
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Thu, 18 Aug 2022 20:10:48 +0000 (22:10 +0200)]
Bump upstreams
Adopt:
- odlparent-11.0.1
- yangtools-9.0.1
- infrautils-4.0.1
- mdsal-10.0.1
- controller-6.0.1
Change-Id: I3f493f462dc83f5ed1bde69f75e6ac9a43aab047
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 16 Aug 2022 15:52:48 +0000 (17:52 +0200)]
Inject WebEnvironment into ODLAuthenticator
With the rework done in AAA-225 we no longer inject SecurityManager into
static contexts nor the WebEnvironment into the external web server.
This leads to SecurityUtils.getSubject() not being able to allocate a
subject -- and hence not working at all.
Rather than relying on static contexts, make sure we talk to the
WebEnvironment we create and use its SecurityManager to create subjects.
JIRA: AAA-215
Change-Id: I8ccc4411e31ab6b392a4be8211621fd940516935
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 22:02:17 +0000 (00:02 +0200)]
Cleanup Arrays.copyOfRange() call
Let's keep the call on a single line to improve clarity.
Change-Id: Id57e91bf3c42a7a9cd655cfab7f2bc21649ceab4
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 22:01:29 +0000 (00:01 +0200)]
Remove PKIUtil.ECDSA_CURVES
This Map is only used to initialize a constant, remove that indirection.
Change-Id: Ifa2553dc54cd88fdaea38ac8cf25867973a5bcf0
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 21:54:53 +0000 (23:54 +0200)]
Move trailing comments
Sonarcloud does not like these, move them.
Change-Id: I6f6b6b4498b36cd6a80baff36131780bd5837779
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 21:02:24 +0000 (23:02 +0200)]
Use FrameworkUtil.asDictionary()
We do not need a Hashtable, use FrameworkUtil to give us what we need.
Change-Id: Ib85e8fcfb7511e8c78576b7d27d33af896025abe
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 20:42:32 +0000 (22:42 +0200)]
Simplify equals() methods
Sonarcloud does not like the structure here, clean it up, formatting the
code a bit.
Change-Id: I3fa7c0302a31233059de67a2eae44beaf951b0a8
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 19:13:52 +0000 (21:13 +0200)]
Fix a typo
'implementation' is spelled incorrectly.
Change-Id: I3f216b1758fff9b71ee73137f5de849f479116d0
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 19:11:08 +0000 (21:11 +0200)]
Remove OSGiH2Store
We have constructor injection, hence we can easily merge the two
implementation into one.
Change-Id: If4996612b4ffcbae9b4e5e5e377d6b042025b962
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 11 Jul 2022 19:04:40 +0000 (21:04 +0200)]
Fix a nullness warning
The result can be null, add an annotation to reflect that.
Change-Id: I6d26539bf3853bd9ed8289b896bd530ff4abb09d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 11:58:43 +0000 (13:58 +0200)]
Bump versions to 0.16.1-SNAPSHOT
This starts the next development iteration.
Change-Id: Ide7c179de310af9b585c96f29ee2e7069b457717
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 17:08:03 +0000 (19:08 +0200)]
Refactor Shiro/HTTP integration
ShiroFilter is designed to work with EnvironmentLoaderListener, both of
which are designed to work with web.xml.
We are in programmatic-land, hence the indirection through
ServletContext lifecycle is completely unnecessary and actually is
hurtful, as we cannot smuggle WebEnvironment through OSGi HTTP
Whiteboard -- it requires String properties when coupled with
ServletContextHelper.
Here we create a much more direct connection, where AAAWebEnvironment
is eagerly-initialized and it is passed directly to AAAShiroFilter. This
allows us to use AbstractShiroFilter only without having to dance around
init() methods -- and eliminate binding to to static SecurityManager
wiring as well.
JIRA: AAA-225
Change-Id: Id3990dd533b5e60f3781f9e4cdc3114163ecb931
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 16:30:01 +0000 (18:30 +0200)]
Clarify WebContext.contextParams()
ServletContext's initial parameters can include any Object, but there
are implementation indirections, which limit these to Strings. Document
this fact.
Change-Id: Ie402ea1340584d1c0a008122d67fbeccb081b790
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 16:45:31 +0000 (18:45 +0200)]
Clean up AAAIniWebEnvironment a bit
Use lambdas to invoke things with ClassLoader.
Change-Id: Ia00379349684eb485c813a237fbfe8f248d993c6
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 15:24:48 +0000 (17:24 +0200)]
Use explicit "true" String
The spec says the property needs to be a String, make sure we comply.
JIRA: AAA-225
Change-Id: Ic0793676e79e50d79b55b73f2ad6d18055afb52d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 14:55:39 +0000 (16:55 +0200)]
Bump Shiro to 1.9.1
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=
12310950&version=
12351487
JIRA: AAA-227
Change-Id: I9c8e53f0a8287755f69a309e7efea46a9d6e1aab
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 12:40:56 +0000 (14:40 +0200)]
Pull in pax-web-http-whiteboard
We need the extender to properly bridge our the HTTP Whiteboard.
JIRA: AAA-225
Change-Id: Ib3d3ff39681b5b8facf57399dd83529ba1954a7c
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
gvrangan [Sun, 27 Mar 2022 08:00:34 +0000 (13:30 +0530)]
Upgrade H2 to 2.1.210
This is a major incompatible upgrade. Release notes:
https://github.com/h2database/h2database/releases/tag/version-2.0.202
https://github.com/h2database/h2database/releases/tag/version-2.0.204
https://github.com/h2database/h2database/releases/tag/version-2.0.206
https://github.com/h2database/h2database/releases/tag/version-2.1.210
JIRA: AAA-221
Change-Id: I35487db539a24051cb8281e55527a8484d73a367
Signed-off-by: gvrangan <gvrangan@gmail.com>
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 09:17:11 +0000 (11:17 +0200)]
Rename H2 database tables
We have a potential conflict with H2 system tables, make sure we have
our own prefix. Since we are breaking compatibility, also use BOOLEAN
for ENABLED column.
JIRA: AAA-221
Change-Id: I9c84187cdc4528a71db90a8f046718b09120a7cf
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Tue, 5 Jul 2022 20:27:09 +0000 (22:27 +0200)]
Clean up H2 SQL interactions
We have a rather ugly mess around consistency of various queries. Clean
them up, so we can comfortably change things around in future. Also make
sure the tests are mocking things they should be mocking.
JIRA: AAA-221
Change-Id: Ide9ad6fb7028ba996ed8c1ed60df9cae17318999
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 6 Jul 2022 00:22:11 +0000 (02:22 +0200)]
Remove IdlLightConfig.log()
Implement a proper toString() rather than a dedicated log() method.
Change-Id: If102dd9e526e4bccd6c3617b97603932d5eb8750
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 20:17:37 +0000 (22:17 +0200)]
Use pattern match on instanceof
Java 17 gives us a nice way to prevent duplicate casts, use it to
simplify our code.
Change-Id: I5e8e0dd110bacc04affba9348c448b2ffcc7ead2
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 19:52:29 +0000 (21:52 +0200)]
Remove MapDictionary
We have OSGi R8, which has a FrameworkUtil.asDictionary(Map), hence
we do not need a custom Dictionary implementation.
Change-Id: Idada9d0fd6d7fc24079a91c34c19757cb9b4fd39
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Wed, 1 Jun 2022 01:02:09 +0000 (03:02 +0200)]
Adopt 2022.09 upstreams
Adopt:
- odlparent-11.0.0
- infrautils-4.0.0
- yangtools-9.0.0
- mdsal-10.0.0
- controller-6.0.0
Change-Id: Ic6ab892572b3ed46ea58a41b7f221482f684b902
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 15:46:28 +0000 (17:46 +0200)]
Convert web-impl-osgi to WhiteBoard
We are using OSGi R7, which has a very much workable HTTP Whiteboard
specification. Rather than mucking with pax-web-api, use HTTP Whiteboard
for WebContext implementation. This has the nice side-effect of working
with any implementation, not only with pax-web.
JIRA: AAA-225
Change-Id: I6387333b44dc9b6a40f909c3d3ceb75693193014
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 21:18:07 +0000 (23:18 +0200)]
Revert "Publish ShiroWebEnvironmentLoaderListener to HTTP whiteboard"
This reverts commit
a8e9e36a1c516a466ee90e6f58e4e902dd657ce9, as we are
keeping WebServer after all.
Change-Id: Ie1959b403d96a108116e2bf31b1e44c3fe5f4864
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 21:13:48 +0000 (23:13 +0200)]
Revert "Publish AAAShiroFilter as a proper Filter service"
This reverts commit
b4bab95a954e7600b0427b86540db1706ffcad5b, as we are
keeping web-api.
Change-Id: If108478fb88d83a3243699dce994faa54e2d13af
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 19:29:17 +0000 (21:29 +0200)]
Cleanup odl-aaa-web feature
Declare the feature so we can ditch project.version reference and make
sure odl-aaa-shiro does not pull in the osgi implementation artifact.
Also make sure the feature is mentioned in features-aaa and that in
turn uses the artifacts declaration.
Change-Id: Ibead8e8ea29e54258bbfddc80514b2655344b26d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 11:53:23 +0000 (13:53 +0200)]
Inject ServletSupport into KeystoneAuthRealm
Do not rely on jax-rs working, but rather explicitly route to the
provider.
Change-Id: I75306b14d22512984deed91e6799e77956563039
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Mon, 4 Jul 2022 07:53:19 +0000 (09:53 +0200)]
Do not use odl:type for DataBroker
Specifying odl:type has been deprecated, do not use it.
Change-Id: I684157ff8ffb9455103439ae893769ceb58f83ad
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 3 Jul 2022 19:18:35 +0000 (21:18 +0200)]
Clean up AAAShiroFilter a bit
Shorten refernces and remove unneeded @RequireHttpWhiteboard
Change-Id: I9d62b64bdb006a258d038e7ca643a68da8defd74
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 3 Jul 2022 03:40:11 +0000 (05:40 +0200)]
Eliminate ThreadLocals
We can nicely co-locate services with their users, eliminating one
instance of centralization.
Change-Id: Ibad16eb8241b5baa584782a2027ba0bd87b775ba
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 3 Jul 2022 02:25:08 +0000 (04:25 +0200)]
Migrate more ThreadLocals
Move ThreadLocal instances to their sole consumer.
Change-Id: Ie46be3801d12987ca3cb3014b5e66096379fce7b
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 3 Jul 2022 01:40:31 +0000 (03:40 +0200)]
Migrate CERT_MANAGER_TL
This thread local has a single user, make sure we encapsulate it.
Change-Id: I6463aa48d1f2d6798f9dc2a8b5e1fa2eac21790d
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 3 Jul 2022 00:53:11 +0000 (02:53 +0200)]
Inject ServletSupport into MoonRealm
We cannot quite inject Jersey in OSGi environment. Make sure we indirect
through ServletSupport, which provides the proper binding.
Change-Id: I132d55f4fa4e9d853e96cf3e299e241df730cb00
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sat, 2 Jul 2022 23:57:42 +0000 (01:57 +0200)]
Pre-instantiate a WebTarget
Rather than building single-use targets, create one when it is
configured. Also fix a potential thread safety issue.
Change-Id: I40a044ab86a63e242f0e70995f9b6624a7a3acdd
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sat, 2 Jul 2022 23:48:54 +0000 (01:48 +0200)]
Cleanup MoonRealm
Do silently ignore invalid URL and perform general cleanup. This results
in more descriptive authentication rejections.
Change-Id: I599cf13273c2baed80b38baa19619168483216bc
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Robert Varga [Sun, 3 Jul 2022 01:47:20 +0000 (03:47 +0200)]
Tolerate empty lists
Rather than throwing a NPE, treat missing lists as empty.
Change-Id: I60184026444829a47c8b26effb41463f2acb52d1
Signed-off-by: Robert Varga <robert.varga@pantheon.tech>
Code Review / aaa.git / log