AAA: Beryllium: Release Status

Contents

Features

Fourth simultaneous release of AAA.

  • Shiro Integration

  • LDAP Integration

  • RBAC Integration

  • idmtool integration for AAA Identity Management Manipulation

  • Experimental MD-SAL implementation

New Features

  • odl-aaa-shiro

  • odl-aaa-authn-mdsal-cluster [EXPERIMENTAL]

Non-Code Aspects (user docs, examples, tutorials, articles)

Added a "Tutorials & Examples" section to the wiki. New and updated content:

Also, completely reworked the user facing documentation which is under review: https://git.opendaylight.org/gerrit/#/c/34264/

Architectural Issues

odl-aaa-mdsal-cluster and odl-aaa-authz are purely experimental. They are not turned on by default!

Security Considerations

Security was greatly improved in 4 respects:

  1. Shiro code was used to replace a lot of untested home-grown code

  2. LDAP support was added to completely externalize IdM if desired

  3. passwords are encrypted with SHA256 + salt

  4. Enhanced and improved logging of user requests was added

AAA still isn't perfect, but made HUGE strides forward.

Quality Assurance (test coverage, etc)

  • The code is covered by unit tests

Beryllium release marks 34% of unit tests Coverage, up from 21% in Lithium.

  • Currently failing integration tests should be fixed soon; schema change caused many things to fail.

End-of-life (API/Features EOLed in Release)

All deprecated classes and methods have been marked with @Deprecated annotation. These include:

  • VersionHandler.java

Bugzilla (summary of bug situation)

[1] Only major or greater bug is really a known enhancement request targeted at Boron.

Standards

N/A

Schedule (initial schedule and changes over the release cycle)

Issues came up with loading MD-SAL based cluster store through the configuration subsystem, which caused us to mark this as an experimental feature. Those issues are well known, and a workaround may exist but wasn't tried due to drained resources. Fixing this functionality is targeted for the Boron release.

AAA had some changes in contriubtorship; we dealt with losing 4 contributors and a PTL change mid release. I believe the remaining members made up for this, and did a great job delivering on the release. This was all possible by great teamwork and community sponsorship.