Versions Compared

Old Version 13

changes.mady.by.user Martin Skorupski

Saved on

compared with

New Version Current

changes.mady.by.user Martin Skorupski

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

For Authentication ODL-AAA bundle is used. Please https://docs.opendaylight.org/en/stable-oxygen/user-guide/authentication-and-authorization-services.html#


Jira
serverONAP JIRA
columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
serverId425b2b0a-557c-3c0c-b515-579789cceedb
keySDNC-648


PlantUML Macro
formatSVG
titleSequence Diagram
@startuml
' Format
skinparam backgroundColor #fefefe
'skinparam handwritten true
skinparam roundcorner 15
skinparam databaseBorderColor #666666
skinparam databaseBackgroundColor #fefefe
skinparam databaseFontColor #666666
skinparam sequence {
    MessageAlign center
    ArrowColor #666666
    ArrowFontColor #666666
    ActorBorderColor #666666
    LifeLineBorderColor #666666
    LifeLineBackgroundColor #eeeeee
    
    ParticipantBorderColor #666666
    ParticipantBackgroundColor #ffffdd
    'ParticipantFontName Impact
    'ParticipantFontSize 17
    ParticipantFontColor #666666
    
    ActorBackgroundColor #ffffdd
    'ActorFontColor DeepSkyBlue
    'ActorFontSize 17
    'ActorFontName Aapex
}
title
  User Authentication and Authorization
end title
' Diagram
actor User
participant WebClient order 10
box " \nKaraf OpenDaylight SDN-R" #F7AA5A
  participant Jetty order 20
  participant AAFShiroRealm order 30
  participant CADIfilter order 40
end box
database Log order 50
participant AAF order 60
autonumber
group authentification
  User -> WebClient: uri:/odlux/index.html
  activate WebClient
  WebClient -> Jetty: Any request without token  
  activate Jetty
  Jetty  -> WebClient: Login view
  deactivate Jetty
  User -> WebClient: Provide credentials
  WebClient -> Jetty: uri:/oath2/token\nuser:password
  activate Jetty
  Jetty -> AAFShiroRealm
  
  activate AAFShiroRealm
  AAFShiroRealm -> AAF: authentificate
  activate AAF
  AAF -> AAFShiroRealm: authentificated:true|false
  deactivate AAF
  
  AAFShiroRealm -> Jetty
  deactivate AAFShiroRealm
  Jetty -> Log: Create log entry
  Jetty -> WebClient: 200 Ok:token |     \n401 Unauthorized
  deactivate Jetty
end
group http request
  User -> WebClient: Request some data
  WebClient -> Jetty: URI and token
  
  activate Jetty
  Jetty -> CADIfilter: verify tokenlmao
  deactivate Jetty
  
  activate AAF
  activate CADIfilter
  CADIfilter -> AAF: check access rights \nfor user and uri
  note right : To be checked: \nuser or group!
  deactivate CADIfilter
  
  AAF -> CADIfilter: true|false
  deactivate AAF
  
  activate CADIfilter
  CADIfilter -> Jetty: true|false
  deactivate CADIfilter
  
  activate Jetty
  Jetty -> WebClient: URI-response(200 Ok | \n401 Unauthorized)
  deactivate Jetty
end
deactivate WebClient
  
@enduml

...