OpenDaylight JIRA https://jira.opendaylight.org This file is an XML representation of an issue en-us 8.20.10 820010 22-06-2022 [AAA-252] API to validate user access does not work https://jira.opendaylight.org/browse/AAA-252 aaa <p>There is an issue with the API used to validate user access in the DomainHandler class. When a correct request is made, the response includes this error message:</p> <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent"> <pre class="code-java"> {     <span class="code-quote">"message"</span>: <span class="code-quote">"password does not match <span class="code-keyword">for</span> username: admin"</span>,     <span class="code-quote">"details"</span>: <span class="code-keyword">null</span>,     <span class="code-quote">"code"</span>: 500 } </pre> </div></div> <p>The problem is that the code is comparing the user's password with an encrypted password. More in attached image.</p> <p> </p> <p>Steps to reproduce:</p> <p>1) Start Karaf with:<br/> feature:install odl-netconf-topology odl-restconf-nb<br/> 2) Validate default 'admin' user with request:</p> <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent"> <pre class="code-java"> curl --request POST <span class="code-quote">'http:<span class="code-comment">//localhost:8181/auth/v1/domains/sdn/users/roles'</span> \ </span>--header <span class="code-quote">'Authorization: Basic YWRtaW46YWRtaW4='</span> \ --header <span class="code-quote">'Content-Type: application/json'</span> \ --data-raw '{     <span class="code-quote">"username"</span>: <span class="code-quote">"admin"</span>,     <span class="code-quote">"userpwd"</span>: <span class="code-quote">"admin"</span> }' </pre> </div></div> <p>IMHO, providing a password for this request is unnecessary.</p> <p> </p> AAA-252 API to validate user access does not work Bug Medium Resolved Done Yaroslav Lastivka Peter Suna Wed, 22 Feb 2023 08:45:50 +0000 Tue, 20 Jun 2023 21:05:00 +0000 Tue, 20 Jun 2023 21:04:54 +0000 0.17.6 0.18.0 0 3 <p>This API is intended for admin (as configured in aaa-app-config.xml). We can simulate this functionality by listing users, roles and domains .</p> Development Rank 0|i044dj: