1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package org.onap.aaf.cadi.lur.aaf.test;
\r
25 import java.security.Principal;
\r
26 import java.util.ArrayList;
\r
27 import java.util.List;
\r
29 import org.onap.aaf.cadi.Access;
\r
30 import org.onap.aaf.cadi.Permission;
\r
31 import org.onap.aaf.cadi.PropAccess;
\r
32 import org.onap.aaf.cadi.aaf.AAFPermission;
\r
33 import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
\r
34 import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
\r
35 import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
\r
36 import org.onap.aaf.cadi.config.Config;
\r
37 import org.onap.aaf.cadi.locator.PropertyLocator;
\r
39 public class MultiThreadPermHit {
\r
40 public static void main(String args[]) {
\r
41 // Link or reuse to your Logging mechanism
\r
42 PropAccess myAccess = new PropAccess(); //
\r
46 AAFConHttp con = new AAFConHttp(myAccess,new PropertyLocator("https://mithrilcsp.sbc.com:8100"));
\r
48 // AAFLur has pool of DME clients as needed, and Caches Client lookups
\r
49 final AAFLurPerm aafLur = con.newLur();
\r
50 aafLur.setDebug("m12345@aaf.att.com");
\r
52 // Note: If you need both Authn and Authz construct the following:
\r
53 AAFAuthn<?> aafAuthn = con.newAuthn(aafLur);
\r
55 // Do not set Mech ID until after you construct AAFAuthn,
\r
56 // because we initiate "401" info to determine the Realm of
\r
57 // of the service we're after.
\r
58 final String id = myAccess.getProperty(Config.AAF_MECHID,null);
\r
59 final String pass = myAccess.decrypt(myAccess.getProperty(Config.AAF_MECHPASS,null),false);
\r
60 if(id!=null && pass!=null) {
\r
63 // Normally, you obtain Principal from Authentication System.
\r
64 // // For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
\r
65 // // If you use CADI as Authenticator, it will get you these Principals from
\r
66 // // CSP or BasicAuth mechanisms.
\r
67 // String id = "cluster_admin@gridcore.att.com";
\r
69 // // If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
\r
71 ok = aafAuthn.validate(id, pass);
\r
73 System.out.println(ok);
\r
76 List<Permission> pond = new ArrayList<Permission>();
\r
77 for(int i=0;i<20;++i) {
\r
79 aafLur.fishAll(i+id, pond);
\r
80 if(ok!=null && i%1000==0) {
\r
81 System.out.println(i + " " + ok);
\r
85 for(int i=0;i<1000000;++i) {
\r
86 ok = aafAuthn.validate( i+ id, "wrongPass");
\r
87 if(ok!=null && i%1000==0) {
\r
88 System.out.println(i + " " + ok);
\r
92 final AAFPermission perm = new AAFPermission("com.att.aaf.access","*","*");
\r
94 // Now you can ask the LUR (Local Representative of the User Repository about Authorization
\r
95 // With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object
\r
96 // instead of creating your own LUR
\r
97 for(int i=0;i<4;++i) {
\r
98 if(aafLur.fish(id, perm)) {
\r
99 System.out.println("Yes, " + id + " has permission for " + perm.getKey());
\r
101 System.out.println("No, " + id + " does not have permission for " + perm.getKey());
\r
106 // Or you can all for all the Permissions available
\r
107 List<Permission> perms = new ArrayList<Permission>();
\r
110 aafLur.fishAll(id,perms);
\r
111 System.out.println("Perms for " + id);
\r
112 for(Permission prm : perms) {
\r
113 System.out.println(prm.getKey());
\r
116 System.out.println("Press any key to continue");
\r
119 for(int j=0;j<5;++j) {
\r
120 new Thread(new Runnable() {
\r
122 public void run() {
\r
123 for(int i=0;i<20;++i) {
\r
124 if(aafLur.fish(id, perm)) {
\r
125 System.out.println("Yes, " + id + " has permission for " + perm.getKey());
\r
127 System.out.println("No, " + id + " does not have permission for " + perm.getKey());
\r
138 } else { // checked on IDs
\r
139 System.err.println(Config.AAF_MECHID + " and/or " + Config.AAF_MECHPASS + " are not set.");
\r
141 } catch (Exception e) {
\r
142 e.printStackTrace();
\r