Security - user management
OpenDaylight security is a very wide context; it includes different components and technologies. The security framework of OpenDaylight is mainly based on the Apache Shiro Java security framework. The main configuration file of AAA is located at etc/shiro.ini, which is relative to the OpenDaylight Karaf home directory.
AAA can be enabled for each SDN module or application by simply adding a specific set of parameters to the servlet web.xml file, which is an advanced topic that we will not cover in this book.
User management in OpenDaylight is provided via the same framework. OpenDaylight has multiple Realm implementations; however, the main implementation that can be used widely for modules is TokenAuthRealm.
TokenAuthRealm provides the following features:
- It is AuthorizingRealm built to bridge the Shiro-based AAA service with the h2-based AAA implementation.
- It exposes a RESTful web service to manipulate the IdM policy on a per-node basis. If identical, the AAA policy...
