Package org.opendaylight.aaa.api

Class StoreBuilder

java.lang.Object

org.opendaylight.aaa.api.StoreBuilder

public class StoreBuilder
extends Object

StoreBuilder is triggered during feature installation by AAAIDMLightModule.createInstance(). StoreBuilder is responsible for initializing the IIDMStore with initial default user account information. By default, the following users are created:

1. admin
2. user

By default, the following domain is created:

1. sdn

By default, the following grants are created:

1. admin with admin role on sdn
2. admin with user role on sdn

Author:

[email protected], [email protected], Michael Vorburger.ch - some refactoring, for new CLI tool

Constructor Summary

Constructors

Constructor	Description
StoreBuilder(IIDMStore store)

Method Summary

Modifier and Type	Method	Description
String	createUser(String domainID, String userName, String password, boolean isAdmin)
String	createUser(String domainID, String userName, String password, List<String> roleIDs)	Create new user.
boolean	deleteUser(String domainID, String userName)
List<String>	getRoleIDs(String domainID, List<String> roleNames)
String	initDomainAndRolesWithoutUsers(String domainID)	Initialize IIDMStore with the default domain and the 'user' and 'admin' roles, if needed.
void	initWithDefaultUsers(String domainID)	Initialize IIDMStore with the default domain and the 'user' and 'admin' roles AND a default admin account (with default password, which is bad practice).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

StoreBuilder

public StoreBuilder(IIDMStore store)

Method Detail

initDomainAndRolesWithoutUsers

public String initDomainAndRolesWithoutUsers(String domainID)
                                      throws IDMStoreException

Initialize IIDMStore with the default domain and the 'user' and 'admin' roles, if needed. This does not create any default user entries (because they are an inherent security risk).

Parameters:

domainID - ID (same as name) of the "authentication domain"

Returns:

ID of the just newly created Domain, or null if no new one had to be created

Throws:

IDMStoreException - for issues coming from the IIDMStore

initWithDefaultUsers

public void initWithDefaultUsers(String domainID)
                          throws IDMStoreException

Initialize IIDMStore with the default domain and the 'user' and 'admin' roles AND a default admin account (with default password, which is bad practice).

Parameters:

domainID - ID (same as name) of the "authentication domain"

Throws:

IDMStoreException - for issues coming from the IIDMStore

getRoleIDs

public List<String> getRoleIDs(String domainID,
                               List<String> roleNames)
                        throws IDMStoreException

Throws:

IDMStoreException

createUser

public String createUser(String domainID,
                         String userName,
                         String password,
                         List<String> roleIDs)
                  throws IDMStoreException

Create new user.

Parameters:

domainID - ID (same as name) of the "authentication domain"

userName - new user name (without the domain prefix which gets automatically added)

password - the new user's initial password

roleIDs - list of IDs of roles to grant the new user (e.g. ["user", "admin"])

Returns:

ID of the just newly created user, useful to reference it e.g. in grants

Throws:

IDMStoreException - for issues coming from the IIDMStore

createUser

public String createUser(String domainID,
                         String userName,
                         String password,
                         boolean isAdmin)
                  throws IDMStoreException

Throws:

IDMStoreException

deleteUser

public boolean deleteUser(String domainID,
                          String userName)
                   throws IDMStoreException

Throws:

IDMStoreException