From ba20dff39a897ff8dbd71260c42da923c9bdcf7a Mon Sep 17 00:00:00 2001
From: Trevor Bramwell <tbramwell@linuxfoundation.org>
Date: Mon, 12 Sep 2016 11:06:56 -0700
Subject: Move ODL-AAA-MOON under 'upstream' Directory

Change-Id: Ie010fbe3899e151421940908dbe8675aade54e2d
Signed-off-by: Trevor Bramwell <tbramwell@linuxfoundation.org>
(cherry picked from commit cf864337c13b4638c588badf3f589f9e39318c95)
---
 .../aaa-shiro/src/main/resources/WEB-INF/web.xml   |  48 ----------
 .../aaa/aaa-shiro/src/main/resources/shiro.ini     | 106 ---------------------
 2 files changed, 154 deletions(-)
 delete mode 100644 odl-aaa-moon/aaa/aaa-shiro/src/main/resources/WEB-INF/web.xml
 delete mode 100644 odl-aaa-moon/aaa/aaa-shiro/src/main/resources/shiro.ini

(limited to 'odl-aaa-moon/aaa/aaa-shiro/src/main/resources')

diff --git a/odl-aaa-moon/aaa/aaa-shiro/src/main/resources/WEB-INF/web.xml b/odl-aaa-moon/aaa/aaa-shiro/src/main/resources/WEB-INF/web.xml
deleted file mode 100644
index 63288c23..00000000
--- a/odl-aaa-moon/aaa/aaa-shiro/src/main/resources/WEB-INF/web.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
-    version="3.0">
-
-    <servlet>
-        <servlet-name>MOON</servlet-name>
-        <servlet-class>org.opendaylight.aaa.shiro.moon.MoonTokenEndpoint</servlet-class>
-        <load-on-startup>1</load-on-startup>
-    </servlet>
-
-    <servlet-mapping>
-        <servlet-name>MOON</servlet-name>
-        <url-pattern>/token</url-pattern>
-    </servlet-mapping>
-    <servlet-mapping>
-        <servlet-name>MOON</servlet-name>
-        <url-pattern>/revoke</url-pattern>
-    </servlet-mapping>
-    <servlet-mapping>
-        <servlet-name>MOON</servlet-name>
-        <url-pattern>/validate</url-pattern>
-    </servlet-mapping>
-    <servlet-mapping>
-        <servlet-name>MOON</servlet-name>
-        <url-pattern>/*</url-pattern>
-    </servlet-mapping>
-
-    <!-- Shiro Filter -->
-    <context-param>
-      <param-name>shiroEnvironmentClass</param-name>
-      <param-value>org.opendaylight.aaa.shiro.web.env.KarafIniWebEnvironment</param-value>
-    </context-param>
-
-    <listener>
-        <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
-    </listener>
-
-    <filter>
-        <filter-name>ShiroFilter</filter-name>
-        <filter-class>org.opendaylight.aaa.shiro.filters.AAAFilter</filter-class>
-    </filter>
-
-    <filter-mapping>
-        <filter-name>ShiroFilter</filter-name>
-        <url-pattern>/*</url-pattern>
-    </filter-mapping>
-</web-app>
\ No newline at end of file
diff --git a/odl-aaa-moon/aaa/aaa-shiro/src/main/resources/shiro.ini b/odl-aaa-moon/aaa/aaa-shiro/src/main/resources/shiro.ini
deleted file mode 100644
index b48abe96..00000000
--- a/odl-aaa-moon/aaa/aaa-shiro/src/main/resources/shiro.ini
+++ /dev/null
@@ -1,106 +0,0 @@
-#
-# Copyright (c) 2015 Brocade Communications Systems, Inc. and others.  All rights reserved.
-#
-# This program and the accompanying materials are made available under the
-# terms of the Eclipse Public License v1.0 which accompanies this distribution,
-# and is available at http://www.eclipse.org/legal/epl-v10.html
-#
-
-###############################################################################
-# shiro.ini                                                                   #
-#                                                                             #
-# Configuration of OpenDaylight's aaa-shiro feature.  Provided Realm          #
-# implementations include:                                                    #
-# - TokenAuthRealm (enabled by default)                                       #
-# - ODLJndiLdapRealm (disabled by default)                                    #
-# - ODLJndiLdapRealmAuthNOnly (disabled by default)                           #
-# Basic user configuration through shiro.ini is disabled for security         #
-# purposes.                                                                   #
-###############################################################################
-
-
-
-[main]
-###############################################################################
-# realms                                                                      #
-#                                                                             #
-# This section is dedicated to setting up realms for OpenDaylight.  Realms    #
-# are essentially different methods for providing AAA.  ODL strives to provide#
-# highly-configurable AAA by providing pluggable infrastructure.  By deafult, #
-# TokenAuthRealm is enabled out of the box (which bridges to the existing AAA #
-# mechanisms).  More than one realm can be enabled, and the realms are        #
-# tried Round-Robin until:                                                    #
-# 1) a realm successfully authenticates the incoming request                  #
-# 2) all realms are exhausted, and 401 is returned                            #
-###############################################################################
-
-# ODL provides a few LDAP implementations, which are disabled out of the box.
-# ODLJndiLdapRealm includes authorization functionality based on LDAP elements
-# extracted through and LDAP search.  This requires a bit of knowledge about
-# how your LDAP system is setup.  An example is provided below:
-#ldapRealm = org.opendaylight.aaa.shiro.realm.ODLJndiLdapRealm
-#ldapRealm.userDnTemplate = uid={0},ou=People,dc=DOMAIN,dc=TLD
-#ldapRealm.contextFactory.url = ldap://<URL>:389
-#ldapRealm.searchBase = dc=DOMAIN,dc=TLD
-#ldapRealm.ldapAttributeForComparison = objectClass
-
-# ODL also provides ODLJndiLdapRealmAuthNOnly.  Essentially, this allows
-# access through AAAFilter to any user that can authenticate against the
-# provided LDAP server.
-#ldapRealm = org.opendaylight.aaa.shiro.realm.ODLJndiLdapRealmAuthNOnly
-#ldapRealm.userDnTemplate = uid={0},ou=People,dc=DOMAIN,dc=TLD
-#ldapRealm.contextFactory.url = ldap://<URL>:389
-
-# Bridge to existing h2/idmlight/mdsal authentication/authorization mechanisms.
-# This realm is enabled by default, and utilizes h2-store by default.
-#tokenAuthRealm = org.opendaylight.aaa.shiro.realm.TokenAuthRealm
-# Defining moon realm
-moonAuthRealm = org.opendaylight.aaa.shiro.realm.MoonRealm
-
-# The CSV list of enabled realms.  In order to enable a realm, add it to the
-# list below:
-#securityManager.realms = $tokenAuthRealm
-# Configure the Shiro Security Manager to use Moon Realm
-securityManager.realms = $moonAuthRealm
-
-# adds a custom AuthenticationFilter to support OAuth2 for backwards
-# compatibility.  To disable OAuth2 access, just comment out the next line
-# and authcBasic will default to BasicHttpAuthenticationFilter, a
-# Shiro-provided class.
-authcBasic = org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter
-# OAuth2 Filer for moon token AuthN
-rest = org.opendaylight.aaa.shiro.filters.MoonOAuthFilter
-
-# add in AuthenticationListener, a Listener that records whether
-# authentication attempts are successful or unsuccessful.  This audit
-# information is disabled by default, to avoid log flooding.  To enable,
-# issue the following in karaf:
-# >log:set DEBUG org.opendaylight.aaa.shiro.filters.AuthenticationListener
-accountingListener = org.opendaylight.aaa.shiro.filters.AuthenticationListener
-securityManager.authenticator.authenticationListeners = $accountingListener
-
-
-
-[urls]
-###############################################################################
-# url authorization section                                                   #
-#                                                                             #
-# This section is dedicated to defining url-based authorization according to: #
-# http://shiro.apache.org/web.html                                            #
-###############################################################################
-
-# Restrict AAA endpoints to users w/ admin role
-/v1/users/** = authcBasic
-/v1/domains/** = authcBasic
-/v1/roles/** = authcBasic
-
-#Filter OAuth2 request$
-/token = rest
-
-# General access through AAAFilter requires valid credentials (AuthN only).
-/** = authcBasic
-
-# Access to the credential store is limited to the valid users who have the
-# admin role. The following line is only needed if the mdsal store is enabled
-#(the mdsal store is disabled by default).
-/config/aaa-authn-model** = authcBasic,roles[admin]
-- 
cgit 1.2.3-korg