Kanagaraj, we started collecting none functional requirements for the next release here:
https://wiki.onap.org/display/DW/R2+proposals+for+Non-functional+requirements so they can be prioritized. Could you document your suggestion there? I do agree that our authentication/authorization setup needs some substantial thought to get to what is needed. I would try to address all of them with a consistent architecture so below is one part of that. Thx Oliver From: <onap-discuss-boun...@lists.onap.org> on behalf of Kanagaraj Manickam <kanagaraj.manic...@huawei.com> Date: Thursday, September 7, 2017 at 9:59 AM To: "onap-tsc@lists.onap.org" <onap-tsc@lists.onap.org> Cc: "onap-disc...@lists.onap.org" <onap-disc...@lists.onap.org> Subject: [onap-discuss] Importance of common auth service in this release Dear TSC team, This mail is regarding the importance of common auth service in this release. please find more details below. In Onap 1.0, we are using the Portal user management feature with required role in place for user authentication and the REST API for every ONAP components are not published. so for end user, portal is the only access point and there was no need of common user management across services, which portal user management took care of it. But in Onap 1.1 (amesterdam) release, we have already published REST API for every components and we have now MSB to register all the ONAP components and get discovered by user or integration components. so now, user could discover and operate every onap componenet's feature by using the REST API with deafult user credentails published for every ONAP component. But when user operate the same feature via portal, (s)he should go thru the portal user authedication and authorization. so this scenario brings the inconsistency. In this scenario, I believe that we should be providing the common user authedication and authorization service across all ONAP components, simliar to OpenStack keystone service. And we are already having AAF to address this scenario. so Should we make AAF as mandatory component in amesterdam release and every onap components get aligned with it? Thanks. Regards Kanagaraj M
_______________________________________________ ONAP-TSC mailing list ONAP-TSC@lists.onap.org https://lists.onap.org/mailman/listinfo/onap-tsc