+1 :) From: controller-dev-boun...@lists.opendaylight.org [mailto:controller-dev-boun...@lists.opendaylight.org] On Behalf Of Bijan R.Rofoee Sent: Wednesday, July 05, 2017 11:28 AM To: Ryan Goulding <ryandgould...@gmail.com> Cc: aaa-...@lists.opendaylight.org; controller-dev@lists.opendaylight.org Subject: Re: [controller-dev] 401 unauthorized error for a new proect
I would also see a case for longer EOL from the community for recent releases, migration to the newest versions is best for agile dev ecosystems whilst ODL is for operators which are not agile as such (yet) by nature and stability and longer support is what makes making business cases based on opensource more plausible. Regards Bijan On 5 July 2017 at 16:13, Ryan Goulding <ryandgould...@gmail.com<mailto:ryandgould...@gmail.com>> wrote: Ack... I agree and can sympathize with the pain behind doing major version upgrades of products. I have spent several weekends migrating this software in my lifetime :), and I am sure others on here have too. Most downstream vendors I have worked for maintain a self-supported stability branch to do releases past what is supported upstream, but I do want to point out that staying as up to date as possible is best suggested practice. Regards, Ryan Goulding On Wed, Jul 5, 2017 at 11:03 AM, Giles Heron <giles.he...@gmail.com<mailto:giles.he...@gmail.com>> wrote: Well yeah - depends on what “supported” means. Most SP customers tend to deploy on the most stable release of any given platform that they can find (of those which have the features they need), and don’t tend to upgrade for a while (where “a while” may be years). so I’d expect any vendors offering commercial ODL distros to be very much supporting Boron at this stage - even if there will never be another SR. And yes - I’d hope in the open-source world that we still answer queries and still occasionally merge into stable/boron. at any rate it’s probably time I updated all my postman collections etc. to Carbon - the key pain-point there is the deprecation of the config API for BGP in favour of OpenConfig. On 5 Jul 2017, at 15:55, Ryan Goulding <ryandgould...@gmail.com<mailto:ryandgould...@gmail.com>> wrote: Unless you just mean answering questions/inquiries, in which case I 100% agree with you! Regards, Ryan Goulding On Wed, Jul 5, 2017 at 10:51 AM, Ryan Goulding <ryandgould...@gmail.com<mailto:ryandgould...@gmail.com>> wrote: How do you propose support would be handled? There are no scheduled or planned releases for ODL Boron ever again, and anything merged to stable/boron will never be realized in an upstream release barring an emergency security release. For all intents and purposes it is cooked... Regards, Ryan Goulding On Wed, Jul 5, 2017 at 10:45 AM, Giles Heron <giles.he...@gmail.com<mailto:giles.he...@gmail.com>> wrote: Not sure I’d define “last service release” as “now unsupported” :) On 5 Jul 2017, at 15:21, Ryan Goulding <ryandgould...@gmail.com<mailto:ryandgould...@gmail.com>> wrote: The last service release occurred [0]. Not sure I agree about Carbon being less stable, but to each his own ;). Regards, Ryan Goulding [0] https://wiki.opendaylight.org/view/Simultaneous_Release:Boron_Release_Plan<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.opendaylight.org_view_Simultaneous-5FRelease-3ABoron-5FRelease-5FPlan&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=CDSyf9crDCZ3fjEMw0XKtdDLDRocAPB1QLwrMiI3vhc&e=> On Wed, Jul 5, 2017 at 10:19 AM, Giles Heron <giles.he...@gmail.com<mailto:giles.he...@gmail.com>> wrote: Is that correct re Boron being unsupported? In my experience Boron-SR3 was always pretty stable (more so than Carbon) so I’d be reluctant to move off. On 5 Jul 2017, at 15:10, Ryan Goulding <ryandgould...@gmail.com<mailto:ryandgould...@gmail.com>> wrote: In particular, we added these three changes which stabilized loading behavior in Boron-SR1: * 77ab012 2016-08-10 | Bug 6425: Move aaa-mdsal-store bundle to use blueprint [Mohamed El-Serngawy] * aa75018 2016-08-05 | Bug 6424: move aaa-idmlight to use blueprint [melserngawy] * b043d79 2016-08-04 | Move aaa-h2-store bundle to use blueprint [melserngawy] HTH. Regards, Ryan Goulding On Wed, Jul 5, 2017 at 10:00 AM, Ryan Goulding <ryandgould...@gmail.com<mailto:ryandgould...@gmail.com>> wrote: Suspecting that might be Shiro problem, I tried to disable it at etc/shiro.ini however now Im getting 503 errors. How did you try to disable? There were some known loading issues but 0.4.0.Boron is quite old. In fact Boron is no longer in support at all. I'd recommend using Carbon. Regards, Ryan Goulding On Mon, Jul 3, 2017 at 4:35 AM, Bijan R.Rofoee <bijan.r.rof...@gmail.com<mailto:bijan.r.rof...@gmail.com>> wrote: Hi all I have built a project using base architype plus netconf and bgp. The project installs and have no errors, however when trying to access any of the services I get 401 error(printed below this email). Suspecting that might be Shiro problem, I tried to disable it at etc/shiro.ini however now Im getting 503 errors. Any helps on this would be appreciated Regards 2017-07-03 09:26:56,633 | DEBUG | qtp1555942221-98 | TokenAuthRealm | 331 - org.opendaylight.aaa.shiro - 0.4.0.Boron | Unknown OAuth2 Token Access Request org.apache.shiro.authc.AuthenticationException: Could not validate the token admin at org.opendaylight.aaa.shiro.realm.TokenAuthRealm.validate(TokenAuthRealm.java:268)[331:org.opendaylight.aaa.shiro:0.4.0.Boron] at org.opendaylight.aaa.shiro.realm.TokenAuthRealm.doGetAuthenticationInfo(TokenAuthRealm.java:252)[331:org.opendaylight.aaa.shiro:0.4.0.Boron] at org.apache.shiro.realm.AuthenticatingRealm.getAuthenticationInfo(AuthenticatingRealm.java:568)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doSingleRealmAuthentication(ModularRealmAuthenticator.java:180)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.authc.pam.ModularRealmAuthenticator.doAuthenticate(ModularRealmAuthenticator.java:267)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:198)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.web.filter.au<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.apache.shiro.web.filter.au_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=lL5DWJVQl8O6irk6D4RdlPIUxnwi-6tZLjViDhNiXeg&e=>thc.AuthenticatingFilter.executeLogin(AuthenticatingFilter.java:53)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.filter.au<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.apache.shiro.web.filter.au_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=lL5DWJVQl8O6irk6D4RdlPIUxnwi-6tZLjViDhNiXeg&e=>thc.BasicHttpAuthenticationFilter.onAccessDenied(BasicHttpAuthenticationFilter.java:190)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.filter.Ac<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.apache.shiro.web.filter.ac_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=SXfdM_bYU8aycaw5qvb__NzrChYMjIFlzRO0Ft2rQgo&e=>cessControlFilter.onAccessDenied(AccessControlFilter.java:133)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.filter.Ac<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.apache.shiro.web.filter.ac_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=SXfdM_bYU8aycaw5qvb__NzrChYMjIFlzRO0Ft2rQgo&e=>cessControlFilter.onPreHandle(AccessControlFilter.java:162)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.filter.Pa<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.apache.shiro.web.filter.pa_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=c8cMHW29_QHnF99LCTXxPPunK102rIFI1MspSf1x5T8&e=>thMatchingFilter.isFilterChainContinued(PathMatchingFilter.java:203)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.filter.Pa<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.apache.shiro.web.filter.pa_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=c8cMHW29_QHnF99LCTXxPPunK102rIFI1MspSf1x5T8&e=>thMatchingFilter.preHandle(PathMatchingFilter.java:178)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:131)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:383)[332:org.apache.shiro.core:1.2.5] at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)[333:org.apache.shiro.web:1.2.5] at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)[333:org.apache.shiro.web:1.2.5] at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1478)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:69)[236:org.ops4j.pax.web.pax-web-jetty:3.2.9] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:240)[236:org.ops4j.pax.web.pax-web-jetty:3.2.9] at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:427)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:75)[236:org.ops4j.pax.web.pax-web-jetty:3.2.9] at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)[227:org.ec<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.ec_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=_tdqBPmLNObaTfTdSC7wJCoBADR0NwQL10HyR14gSLE&e=>lipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.Server.handle(Server.java:370)[227:org.eclipse.jetty.aggregate.je<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.eclipse.jetty.aggregate.je_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=QOOW23J-j9VTjK0iC49gWZ5XeW7hKOW2i1ad0IuniZ8&e=>tty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:973)[227:org.eclipse.jetty.ag<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.eclipse.jetty.ag_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=PDA5rnLoJXxdnUasxYB5fPlJ3iJ3Oj9pAMPy-vRAq_M&e=>gregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1035)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:641)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:231)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)[227:org.eclipse.jetty.aggregate.je<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.eclipse.jetty.aggregate.je_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=QOOW23J-j9VTjK0iC49gWZ5XeW7hKOW2i1ad0IuniZ8&e=>tty-all-server:8.1.19.v20160209] at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)[227:org.eclipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)[227:org.ec<https://urldefense.proofpoint.com/v2/url?u=http-3A__org.ec_&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=_tdqBPmLNObaTfTdSC7wJCoBADR0NwQL10HyR14gSLE&e=>lipse.jetty.aggregate.jetty-all-server:8.1.19.v20160209] at java.lang.Thread.run(Thread.java:745)[:1.8.0_102] 2017-07-03 09:26:56,636 | DEBUG | qtp1555942221-98 | TokenAuthRealm | 331 - org.opendaylight.aaa.shiro - 0.4.0.Boron | Authentication failed: exhausted TokenAuth resources 2017-07-03 09:26:56,637 | DEBUG | qtp1555942221-98 | AuthenticationListener | 331 - org.opendaylight.aaa.shiro - 0.4.0.Boron | Unsuccessful authentication attempt by admin from 127.0.0.1 _______________________________________________ controller-dev mailing list controller-dev@lists.opendaylight.org<mailto:controller-dev@lists.opendaylight.org> https://lists.opendaylight.org/mailman/listinfo/controller-dev<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.opendaylight.org_mailman_listinfo_controller-2Ddev&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=2qN389DgDVx7jOxhkISvSNnYvgwTXRixWPGFk10ZQqE&e=> _______________________________________________ controller-dev mailing list controller-dev@lists.opendaylight.org<mailto:controller-dev@lists.opendaylight.org> https://lists.opendaylight.org/mailman/listinfo/controller-dev<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.opendaylight.org_mailman_listinfo_controller-2Ddev&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=e3d1ehx3DI5AoMgDmi2Fzw&m=iUMAhzTXwvu5DPwocSPfzUASc6xLCy72OwNrI8U0Pvc&s=2qN389DgDVx7jOxhkISvSNnYvgwTXRixWPGFk10ZQqE&e=>
_______________________________________________ controller-dev mailing list controller-dev@lists.opendaylight.org https://lists.opendaylight.org/mailman/listinfo/controller-dev
