2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.aai.logging;
23 import static java.util.Base64.getDecoder;
25 import ch.qos.logback.access.pattern.AccessConverter;
26 import ch.qos.logback.access.spi.IAccessEvent;
28 import com.att.eelf.configuration.EELFLogger;
29 import com.att.eelf.configuration.EELFManager;
31 import java.security.cert.X509Certificate;
33 import javax.security.auth.x500.X500Principal;
34 import javax.servlet.http.HttpServletRequest;
36 public class CNName extends AccessConverter {
37 private static final EELFLogger LOGGER = EELFManager.getInstance().getLogger(CNName.class);
40 * Converts access events to String response codes
42 * @param accessEvent the IAccessEvent
44 public String convert(IAccessEvent accessEvent) {
46 return "INACTIVE_HEADER_CONV";
49 String cipherSuite = (String) accessEvent.getRequest().getAttribute("javax.servlet.request.cipher_suite");
50 String authUser = null;
51 if (cipherSuite != null) {
53 X509Certificate certChain[] = (X509Certificate[]) accessEvent.getRequest()
54 .getAttribute("javax.servlet.request.X509Certificate");
55 if (certChain == null || certChain.length == 0) {
57 HttpServletRequest request = accessEvent.getRequest();
59 String authorization = request.getHeader("Authorization");
61 // Set the auth user to "-" so if the authorization header is not found
62 // Or if the decoded basic auth credentials are not found in the format required
63 // it should return "-"
64 // If the decoded string is in the right format, find the index of ":"
65 // Then get the substring of the starting point to the colon not including the colon
69 if (authorization != null && authorization.startsWith("Basic ")) {
70 String credentials = authorization.replace("Basic ", "");
71 byte[] userCredentials = getDecoder().decode(credentials.getBytes("utf-8"));
72 credentials = new String(userCredentials);
74 int codePoint = credentials.indexOf(':');
76 if (codePoint != -1) {
77 authUser = credentials.substring(0, codePoint);
85 X509Certificate clientCert = certChain[0];
86 X500Principal subjectDN = clientCert.getSubjectX500Principal();
87 authUser = subjectDN.toString();
90 } catch (Exception e) {
91 LOGGER.error(e.getMessage(), e);