In Frankfurt Authorization and Authentication are implemented. Accounting is not considered.

Related to: 

SDNC-880 - Getting issue details... STATUS

SDNC-897 - Getting issue details... STATUS

Components referring to disaggregated Frankurt SDNR architecture

  • SDNC/OAM/SDNR
  • SDNRDB
  • SDNRWEB

Authentication of SDNC/OAM/SDNR client with

  • SDNR → DMaaP/DCAE
  • SDNR → SDNRDB

Authorization between containers

  • password only or
  • certificated base for client side authentication 

Questions are

  • How to provide password/certs?
  • Using: Kubernetes Secrets?
  • How to handle passwords inside container
    1. Hand over Kubernetes into container 
    2. Hand over inside container to karaf/odl  
  • File or environment variable?


Server/Componentsupported auth methodcomments
SDNC(Opendaylight)

basic auth (username,password)
token based auth
ssl client cert?


SDNC-Web (nginx)basic auth
ssl client cert
SDNC-database (elasticsearch+nginx)basic auth
ssl client cert
DMaaP Message Router

basic auth (HTTP)

auth key (HTTP_AUTHKEY)


AAI

DCAE
not important for us, only for devices
  • No labels