This chapter discribes the data flow for autorization and authentification by the UX-Framework. For autorization the machanismes provided by SDNC (SDNC-485) of the Application Authorization Framework Project are used.
For Authentication ODL-AAA bundle is used. TODO: add information about the proper configuration of odl-aaa in our case.
add - jetty server, so that also the api-gateway is covered.
odl-aaa gives also the rights of the user - see shiro
authorzation
add sndc related story for sdnc-
Example
Token request:
curl -d 'grant_type=password&username=admin&password=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U&scope=sdn' http://localhost:8181/oauth2/token
Token response:
{"access_token":"34e8340a-0d2f-3bc0-90eb-369a636dd6f2","token_type":"Bearer","expires_in":36000}
Default request:
curl -v -H "Authorization: Bearer 34e8340a-0d2f-3bc0-90eb-369a636dd6f2" http://localhost:8181/restconf/operational/network-topology:network-topology/topology/topology-netconf
Please find more info: