1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.authz.env;
\r
26 import java.security.Principal;
\r
28 import javax.servlet.ServletRequest;
\r
29 import javax.servlet.http.HttpServletRequest;
\r
31 import com.att.cadi.CadiException;
\r
32 import com.att.cadi.Connector;
\r
33 import com.att.cadi.TrustChecker;
\r
34 import com.att.cadi.principal.BasicPrincipal;
\r
35 import com.att.cadi.principal.TrustPrincipal;
\r
36 import com.att.cadi.principal.X509Principal;
\r
37 import com.att.cssa.rserv.TransFilter;
\r
38 import com.att.inno.env.Env;
\r
39 import com.att.inno.env.Slot;
\r
40 import com.att.inno.env.TimeTaken;
\r
41 import com.att.inno.env.Trans.Metric;
\r
43 public class AuthzTransFilter extends TransFilter<AuthzTrans> {
\r
44 private AuthzEnv env;
\r
45 public Metric serviceMetric;
\r
46 public static Slot transIDslot;
\r
48 public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
\r
49 public static final int BUCKETSIZE = 2;
\r
51 public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {
\r
52 super(env,con, tc, additionalTafLurs);
\r
54 serviceMetric = new Metric();
\r
55 serviceMetric.buckets = new float[BUCKETSIZE];
\r
56 if(transIDslot==null) {
\r
57 transIDslot = env.slot(TRANS_ID_SLOT);
\r
62 protected AuthzTrans newTrans() {
\r
63 AuthzTrans at = env.newTrans();
\r
64 at.setLur(getLur());
\r
69 protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
\r
70 trans.set((HttpServletRequest)request);
\r
71 return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
\r
72 " IP: " + trans.ip() +
\r
73 " Port: " + trans.port()
\r
78 protected void authenticated(AuthzTrans trans, Principal p) {
\r
83 protected void tallyHo(AuthzTrans trans) {
\r
84 if(trans.info().isLoggable()) {
\r
85 // Transaction is done, now post
\r
86 StringBuilder sb = new StringBuilder("AuditTrail\n");
\r
87 // We'll grabAct sub-metrics for Remote Calls and JSON
\r
88 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
\r
89 Metric m = trans.auditTrail(1, sb, Env.REMOTE,Env.JSON);
\r
91 // Add current Metrics to total metrics
\r
92 serviceMetric.total+= m.total;
\r
93 for(int i=0;i<serviceMetric.buckets.length;++i) {
\r
94 serviceMetric.buckets[i]+=m.buckets[i];
\r
98 sb.append(" Total: ");
\r
100 sb.append(" Remote: ");
\r
101 sb.append(m.buckets[0]);
\r
102 sb.append(" JSON: ");
\r
103 sb.append(m.buckets[1]);
\r
104 trans.info().log(sb);
\r
106 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
\r
107 StringBuilder content = new StringBuilder();
\r
108 Metric m = trans.auditTrail(1, content, Env.REMOTE,Env.JSON);
\r
109 // Add current Metrics to total metrics
\r
110 serviceMetric.total+= m.total;
\r
111 for(int i=0;i<serviceMetric.buckets.length;++i) {
\r
112 serviceMetric.buckets[i]+=m.buckets[i];
\r
115 StringBuilder sb = new StringBuilder();
\r
116 sb.append("user=");
\r
117 Principal p = trans.getUserPrincipal();
\r
121 sb.append(p.getName());
\r
122 if(p instanceof TrustPrincipal) {
\r
124 sb.append(((TrustPrincipal)p).getOrigName());
\r
128 if(p instanceof X509Principal) {
\r
130 } else if(p instanceof BasicPrincipal) {
\r
133 sb.append(p.getClass().getSimpleName());
\r
139 sb.append(trans.ip());
\r
140 sb.append(",port=");
\r
141 sb.append(trans.port());
\r
143 sb.append(m.total);
\r
144 sb.append(",meth=");
\r
145 sb.append(trans.meth());
\r
146 sb.append(",path=");
\r
147 sb.append(trans.path());
\r
150 if((tsi=trans.get(transIDslot, null))!=null) {
\r
151 sb.append(",traceID=");
\r
152 sb.append(Long.toHexString(tsi));
\r
155 if(content.length()>0) {
\r
156 sb.append(",msg=\"");
\r
157 sb.append(content);
\r
161 trans.warn().log(sb);
\r