[AAA-118] shiro.ini needs to die - OpenDaylight JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Resolution: Done
Affects Version/s: None
Fix Version/s: None
Component/s: General
Labels:
None
Environment:

Operating System: All
Platform: All

External issue ID:
7793

Description

shiro.ini is a poor means for configuration in our configuration-rich ODL context. Some primary concerns involve the fact that shiro.ini is not replicated nor consistent across a cluster of ODL nodes. This change will depend on the fact that proper authorization to restrict these models is installed so that not anyone can change the auth mechanisms (i.e., rogue user switches to a tautology authentication/authorization implementation). Additionally lack of proper SOA means that services can't be dynamically decided at runtime (i.e., swap out backing implementation).

Simply put, shiro.ini sucks. This was a known limitation when shiro was first integrated, but was swallowed hook line and sinker for the other advantages that the integration provided. It is time for us to change this so that shiro is configured using a more mature and robust mechanism (i.e., clustered-app-config).

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Ryan Goulding

Reporter:: Ryan Goulding

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 14/Feb/17 6:55 PM

Updated:: 21/Mar/19 11:56 AM

Resolved:: 28/Nov/17 6:31 PM