diff options
Diffstat (limited to 'odl-aaa-moon/README.md')
| -rw-r--r-- | odl-aaa-moon/README.md | 64 |
1 files changed, 0 insertions, 64 deletions
diff --git a/odl-aaa-moon/README.md b/odl-aaa-moon/README.md deleted file mode 100644 index 71f52a63..00000000 --- a/odl-aaa-moon/README.md +++ /dev/null @@ -1,64 +0,0 @@ -## Welcome to the OPNFV/Opendaylight AAA Project! - -This project is aimed at providing a flexible, pluggable framework with out-of-the-box capabilities for: - -* *Authentication*: Means to authenticate the identity of both human and machine users (direct or federated). -* *Authorization*: Means to authorize human or machine user access to resources including RPCs, notification subscriptions, and subsets of the datatree. -* *Accounting*: Means to record and access the records of human or machine user access to resources including RPCs, notifications, and subsets of the datatree - - - -### Building - -*Prerequisite:* The followings are required for building AAA: - -- Maven 3 -- Java 7 - -Get the code: - - clone the project with git - -Build it: - - cd aaa && mvn clean install -DskipTests - -### Export Moon information - -export MOON_SERVER_ADDR=192.168.105.135 -export MOON_SERVER_PORT=5000 - - -### Installing - -AAA installs into an existing Opendaylight controller Karaf installation. If you don't have an Opendaylight installation, please refer to this [page](https://wiki.opendaylight.org/view/OpenDaylight_Controller:Installation). - -Start the controller Karaf container: - cd distribution-karaf/target/assembly/ - bin/karaf - -Install AAA AuthN features: - - feature:install odl-aaa-shiro - -### Running - -Once the installation finishes, one can authenticates with the Opendaylight controller by presenting a username/password and a domain name (scope) to be logged into: - - curl -s -d 'grant_type=password&username=admin&password=admin&scope=sdn' http://<controller>:<port>/moon/token - -Upon successful authentication, the controller returns an access token with a configurable expiration in seconds, something similar to the followings: - - {"expires_in":3600,"token_type":"Bearer","access_token":"d772d85e-34c7-3099-bea5-cfafd3c747cb"} - -The access token can then be used to access protected resources on the controller by passing it along in the standard HTTP Authorization header with the resource request. Example: - - curl -s -H 'Authorization: Bearer d772d85e-34c7-3099-bea5-cfafd3c747cb' http://<controller>:<port>/restconf/operational/opendaylight-inventory:nodes - -The operational state of access tokens cached in the MD-SAL can also be obtained after enabling the restconf feature: - - feature:install odl-aaa-all - -At the following URL - - http://controller:8181/restconf/operational/aaa-authn-model:tokencache/ |