-
Story
-
Resolution: Done
-
Medium
-
None
-
None
-
None
SOL003 Adapter and VNFM Simulator / VNFM need to communicate each other thru secure communication via HTTPs
SOL003 Adapter - OAuth2 based Authentication and authorization support between ONAP and SVNFM
- SOL003 Adapter and SVNFM supports OAuth2 and HTTP Basic Authentication.
- SOL003 Adapter communicates with the SVNFM via secured HTTPS protocol with authentication and authorization.
- SOL003 API call security needs to be conformed to OAuth2
- SOL003 Notification call security needs to be conformed to OAuith2 or HTTP Basic authorization (user/pass)
- SOL003 Adapter will leverage the AAF security mechanism (as authorization server)
- Currently, SOL003 Adapter support one-way and two-way AA.
- SVNFM will be allowed to have their own security mechanisms based on their security requirements, but is required to support OAuth2 and HTTP Basic Authentication.
- Authentication Federation between the Adapters and the SVNFM/NFVO is under discussion.
- Some vendors prefer SAML-based federation
- AAF Authentication and External Authentication Server will exchange authentication tokens, based on federation configuration. It depends on AAF.
- In the Frankfurt release, the authentication federation may not be supported.