1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package com.att.authz.env;
\r
25 import java.security.Principal;
\r
27 import javax.servlet.ServletRequest;
\r
28 import javax.servlet.http.HttpServletRequest;
\r
30 import com.att.cadi.CadiException;
\r
31 import com.att.cadi.Connector;
\r
32 import com.att.cadi.TrustChecker;
\r
33 import com.att.cadi.principal.BasicPrincipal;
\r
34 import com.att.cadi.principal.TrustPrincipal;
\r
35 import com.att.cadi.principal.X509Principal;
\r
36 import com.att.cssa.rserv.TransFilter;
\r
37 import com.att.inno.env.Env;
\r
38 import com.att.inno.env.Slot;
\r
39 import com.att.inno.env.TimeTaken;
\r
40 import com.att.inno.env.Trans.Metric;
\r
42 public class AuthzTransFilter extends TransFilter<AuthzTrans> {
\r
43 private AuthzEnv env;
\r
44 public Metric serviceMetric;
\r
45 public static Slot transIDslot;
\r
47 public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
\r
48 public static final int BUCKETSIZE = 2;
\r
50 public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {
\r
51 super(env,con, tc, additionalTafLurs);
\r
53 serviceMetric = new Metric();
\r
54 serviceMetric.buckets = new float[BUCKETSIZE];
\r
55 if(transIDslot==null) {
\r
56 transIDslot = env.slot(TRANS_ID_SLOT);
\r
61 protected AuthzTrans newTrans() {
\r
62 AuthzTrans at = env.newTrans();
\r
63 at.setLur(getLur());
\r
68 protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
\r
69 trans.set((HttpServletRequest)request);
\r
70 return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
\r
71 " IP: " + trans.ip() +
\r
72 " Port: " + trans.port()
\r
77 protected void authenticated(AuthzTrans trans, Principal p) {
\r
82 protected void tallyHo(AuthzTrans trans) {
\r
83 if(trans.info().isLoggable()) {
\r
84 // Transaction is done, now post
\r
85 StringBuilder sb = new StringBuilder("AuditTrail\n");
\r
86 // We'll grabAct sub-metrics for Remote Calls and JSON
\r
87 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
\r
88 Metric m = trans.auditTrail(1, sb, Env.REMOTE,Env.JSON);
\r
90 // Add current Metrics to total metrics
\r
91 serviceMetric.total+= m.total;
\r
92 for(int i=0;i<serviceMetric.buckets.length;++i) {
\r
93 serviceMetric.buckets[i]+=m.buckets[i];
\r
97 sb.append(" Total: ");
\r
99 sb.append(" Remote: ");
\r
100 sb.append(m.buckets[0]);
\r
101 sb.append(" JSON: ");
\r
102 sb.append(m.buckets[1]);
\r
103 trans.info().log(sb);
\r
105 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
\r
106 StringBuilder content = new StringBuilder();
\r
107 Metric m = trans.auditTrail(1, content, Env.REMOTE,Env.JSON);
\r
108 // Add current Metrics to total metrics
\r
109 serviceMetric.total+= m.total;
\r
110 for(int i=0;i<serviceMetric.buckets.length;++i) {
\r
111 serviceMetric.buckets[i]+=m.buckets[i];
\r
114 StringBuilder sb = new StringBuilder();
\r
115 sb.append("user=");
\r
116 Principal p = trans.getUserPrincipal();
\r
120 sb.append(p.getName());
\r
121 if(p instanceof TrustPrincipal) {
\r
123 sb.append(((TrustPrincipal)p).getOrigName());
\r
127 if(p instanceof X509Principal) {
\r
129 } else if(p instanceof BasicPrincipal) {
\r
132 sb.append(p.getClass().getSimpleName());
\r
138 sb.append(trans.ip());
\r
139 sb.append(",port=");
\r
140 sb.append(trans.port());
\r
142 sb.append(m.total);
\r
143 sb.append(",meth=");
\r
144 sb.append(trans.meth());
\r
145 sb.append(",path=");
\r
146 sb.append(trans.path());
\r
149 if((tsi=trans.get(transIDslot, null))!=null) {
\r
150 sb.append(",traceID=");
\r
151 sb.append(Long.toHexString(tsi));
\r
154 if(content.length()>0) {
\r
155 sb.append(",msg=\"");
\r
156 sb.append(content);
\r
160 trans.warn().log(sb);
\r