2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.env;
24 import java.security.Principal;
26 import javax.servlet.ServletRequest;
27 import javax.servlet.http.HttpServletRequest;
29 import org.onap.aaf.auth.rserv.TransFilter;
30 import org.onap.aaf.cadi.CadiException;
31 import org.onap.aaf.cadi.Connector;
32 import org.onap.aaf.cadi.TrustChecker;
33 import org.onap.aaf.cadi.principal.TaggedPrincipal;
34 import org.onap.aaf.cadi.principal.TrustPrincipal;
35 import org.onap.aaf.misc.env.Env;
36 import org.onap.aaf.misc.env.LogTarget;
37 import org.onap.aaf.misc.env.Slot;
38 import org.onap.aaf.misc.env.TimeTaken;
39 import org.onap.aaf.misc.env.Trans.Metric;
41 public class AuthzTransFilter extends TransFilter<AuthzTrans> {
43 public Metric serviceMetric;
44 public static Slot transIDslot,specialLogSlot;
46 public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
47 public static final String SPECIAL_LOG_SLOT = "SPECIAL_LOG_SLOT";
49 public static final int BUCKETSIZE = 2;
51 public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {
52 super(env.access(),con, tc, additionalTafLurs);
54 serviceMetric = new Metric();
55 serviceMetric.buckets = new float[BUCKETSIZE];
56 if(transIDslot==null) {
57 transIDslot = env.slot(TRANS_ID_SLOT);
59 if(specialLogSlot==null) {
60 specialLogSlot = env.slot(SPECIAL_LOG_SLOT);
65 protected AuthzTrans newTrans() {
66 AuthzTrans at = env.newTrans();
72 protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
73 trans.set((HttpServletRequest)request);
74 return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
75 " IP: " + trans.ip() +
76 " Port: " + trans.port()
81 protected void authenticated(AuthzTrans trans, Principal p) {
82 trans.setUser((TaggedPrincipal)p); // We only work with TaggedPrincipals in Authz
86 protected void tallyHo(AuthzTrans trans) {
87 Boolean b = trans.get(specialLogSlot, false);
88 LogTarget lt = b?trans.warn():trans.info();
91 // Transaction is done, now post full Audit Trail
92 StringBuilder sb = new StringBuilder("AuditTrail\n");
93 // We'll grabAct sub-metrics for Remote Calls and JSON
94 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
95 Metric m = trans.auditTrail(lt,1, sb, Env.REMOTE,Env.JSON);
97 // Add current Metrics to total metrics
98 serviceMetric.total+= m.total;
99 for(int i=0;i<serviceMetric.buckets.length;++i) {
100 serviceMetric.buckets[i]+=m.buckets[i];
104 if((tsi=trans.get(transIDslot, null))!=null) {
105 sb.append(" TraceID=");
106 sb.append(Long.toHexString(tsi));
110 sb.append(" Total: ");
112 sb.append(" Remote: ");
113 sb.append(m.buckets[0]);
114 sb.append(" JSON: ");
115 sb.append(m.buckets[1]);
119 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
120 StringBuilder content = new StringBuilder();
121 Metric m = trans.auditTrail(lt,1, content, Env.REMOTE,Env.JSON);
122 // Add current Metrics to total metrics
123 serviceMetric.total+= m.total;
124 for(int i=0;i<serviceMetric.buckets.length;++i) {
125 serviceMetric.buckets[i]+=m.buckets[i];
128 StringBuilder sb = new StringBuilder();
130 Principal p = trans.getUserPrincipal();
134 sb.append(p.getName());
135 if(p instanceof TrustPrincipal) {
137 sb.append(((TrustPrincipal)p).personalName()); // UserChain
141 if(p instanceof TaggedPrincipal) {
142 sb.append(((TaggedPrincipal)p).tag());
144 sb.append(p.getClass().getSimpleName());
150 sb.append(trans.ip());
152 sb.append(trans.port());
153 // Current code won't ever get here... Always does a Full Audit Trail
155 // if((tsi=trans.get(transIDslot, null))!=null) {
156 // sb.append(",TraceID=");
157 // sb.append(Long.toHexString(tsi));
162 sb.append(trans.meth());
164 sb.append(trans.path());
166 if(content.length()>0) {
167 sb.append(",msg=\"");
168 int start = content.lastIndexOf(",msg=\"");
170 sb.append(content,start+6,content.length()-1);
177 trans.warn().log(sb);