[aaf/authz.git] / authz-core / src / main / java / com / att / authz / env / AuthzTransFilter.java

/*******************************************************************************\r
 * ============LICENSE_START====================================================\r
 * * org.onap.aai\r
 * * ===========================================================================\r
 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
 * * Copyright © 2017 Amdocs\r
 * * ===========================================================================\r
 * * Licensed under the Apache License, Version 2.0 (the "License");\r
 * * you may not use this file except in compliance with the License.\r
 * * You may obtain a copy of the License at\r
 * * \r
 *  *      http://www.apache.org/licenses/LICENSE-2.0\r
 * * \r
 *  * Unless required by applicable law or agreed to in writing, software\r
 * * distributed under the License is distributed on an "AS IS" BASIS,\r
 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
 * * See the License for the specific language governing permissions and\r
 * * limitations under the License.\r
 * * ============LICENSE_END====================================================\r
 * *\r
 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
 * *\r
 ******************************************************************************/\r
package com.att.authz.env;\r
\r
import java.security.Principal;\r
\r
import javax.servlet.ServletRequest;\r
import javax.servlet.http.HttpServletRequest;\r
\r
import com.att.cadi.CadiException;\r
import com.att.cadi.Connector;\r
import com.att.cadi.TrustChecker;\r
import com.att.cadi.principal.BasicPrincipal;\r
import com.att.cadi.principal.TrustPrincipal;\r
import com.att.cadi.principal.X509Principal;\r
import com.att.cssa.rserv.TransFilter;\r
import com.att.inno.env.Env;\r
import com.att.inno.env.Slot;\r
import com.att.inno.env.TimeTaken;\r
import com.att.inno.env.Trans.Metric;\r
\r
public class AuthzTransFilter extends TransFilter<AuthzTrans> {\r
        private AuthzEnv env;\r
        public Metric serviceMetric;\r
        public static Slot transIDslot;\r
\r
        public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";\r
        public static final int BUCKETSIZE = 2;\r
\r
        public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {\r
                super(env,con, tc, additionalTafLurs);\r
                this.env = env;\r
                serviceMetric = new Metric();\r
                serviceMetric.buckets = new float[BUCKETSIZE];\r
                if(transIDslot==null) {\r
                        transIDslot = env.slot(TRANS_ID_SLOT);\r
                }\r
        }\r
        \r
        @Override\r
        protected AuthzTrans newTrans() {\r
                AuthzTrans at = env.newTrans();\r
                at.setLur(getLur());\r
                return at;\r
        }\r
\r
        @Override\r
        protected TimeTaken start(AuthzTrans trans, ServletRequest request) {\r
                trans.set((HttpServletRequest)request);\r
                return trans.start("Trans " + //(context==null?"n/a":context.toString()) +\r
                " IP: " + trans.ip() +\r
                " Port: " + trans.port()\r
                , Env.SUB);\r
        }\r
\r
        @Override\r
        protected void authenticated(AuthzTrans trans, Principal p) {\r
                trans.setUser(p);\r
        }\r
\r
        @Override\r
        protected void tallyHo(AuthzTrans trans) {\r
                if(trans.info().isLoggable()) {\r
                        // Transaction is done, now post\r
                        StringBuilder sb = new StringBuilder("AuditTrail\n");\r
                        // We'll grabAct sub-metrics for Remote Calls and JSON\r
                        // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!\r
                        Metric m = trans.auditTrail(1, sb, Env.REMOTE,Env.JSON);\r
\r
                        // Add current Metrics to total metrics\r
                        serviceMetric.total+= m.total;\r
                        for(int i=0;i<serviceMetric.buckets.length;++i) {\r
                                serviceMetric.buckets[i]+=m.buckets[i];\r
                        }\r
                        \r
                        // Log current info\r
                        sb.append("  Total: ");\r
                        sb.append(m.total);\r
                        sb.append(" Remote: ");\r
                        sb.append(m.buckets[0]);\r
                        sb.append(" JSON: ");\r
                        sb.append(m.buckets[1]);\r
                        trans.info().log(sb);\r
                } else {\r
                        // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!\r
                        StringBuilder content = new StringBuilder(); \r
                        Metric m = trans.auditTrail(1, content, Env.REMOTE,Env.JSON);\r
                        // Add current Metrics to total metrics\r
                        serviceMetric.total+= m.total;\r
                        for(int i=0;i<serviceMetric.buckets.length;++i) {\r
                                serviceMetric.buckets[i]+=m.buckets[i];\r
                        }\r
                        \r
                        StringBuilder sb = new StringBuilder();\r
                        sb.append("user=");\r
                        Principal p = trans.getUserPrincipal();\r
                        if(p==null) {\r
                                sb.append("n/a");\r
                        } else {\r
                                sb.append(p.getName());\r
                                if(p instanceof TrustPrincipal) {\r
                                        sb.append('(');\r
                                        sb.append(((TrustPrincipal)p).getOrigName());\r
                                        sb.append(')');\r
                                } else {\r
                                        sb.append('[');\r
                                        if(p instanceof X509Principal) {\r
                                                sb.append("x509");\r
                                        } else if(p instanceof BasicPrincipal) {\r
                                                sb.append("BAth");\r
                                        } else {\r
                                                sb.append(p.getClass().getSimpleName());\r
                                        }\r
                                        sb.append(']');\r
                                }\r
                        }\r
                        sb.append(",ip=");\r
                        sb.append(trans.ip());\r
                        sb.append(",port=");\r
                        sb.append(trans.port());\r
                        sb.append(",ms=");\r
                        sb.append(m.total);\r
                        sb.append(",meth=");\r
                        sb.append(trans.meth());\r
                        sb.append(",path=");\r
                        sb.append(trans.path());\r
\r
                        Long tsi;\r
                        if((tsi=trans.get(transIDslot, null))!=null) {\r
                                sb.append(",traceID=");\r
                                sb.append(Long.toHexString(tsi));\r
                        }\r
                                \r
                        if(content.length()>0) {\r
                                sb.append(",msg=\"");\r
                                sb.append(content);\r
                                sb.append('"');\r
                        }\r
                        \r
                        trans.warn().log(sb);\r
                }\r
        }\r
\r
}\r