1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package org.onap.aaf.cadi.aaf.cass;
\r
25 import java.io.File;
\r
26 import java.io.FileInputStream;
\r
27 import java.io.InputStream;
\r
28 import java.net.URL;
\r
29 import java.util.HashSet;
\r
30 import java.util.Properties;
\r
31 import java.util.Set;
\r
33 import org.apache.cassandra.auth.DataResource;
\r
34 import org.apache.cassandra.auth.IAuthenticator;
\r
35 import org.apache.cassandra.config.DatabaseDescriptor;
\r
36 import org.apache.cassandra.exceptions.ConfigurationException;
\r
37 import org.onap.aaf.cadi.Access;
\r
38 import org.onap.aaf.cadi.Lur;
\r
39 import org.onap.aaf.cadi.SLF4JAccess;
\r
40 import org.onap.aaf.cadi.Access.Level;
\r
41 import org.onap.aaf.cadi.aaf.AAFPermission;
\r
42 import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
\r
43 import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
\r
44 import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLur;
\r
45 import org.onap.aaf.cadi.config.Config;
\r
46 import org.onap.aaf.cadi.lur.EpiLur;
\r
47 import org.onap.aaf.cadi.lur.LocalLur;
\r
49 public abstract class AAFBase {
\r
50 protected static final Set<IAuthenticator.Option> options;
\r
51 protected static final Set<DataResource> dataResource;
\r
54 options = new HashSet<IAuthenticator.Option>();
\r
55 options.add(IAuthenticator.Option.PASSWORD);
\r
57 dataResource = new HashSet<DataResource>();
\r
58 dataResource.add(DataResource.columnFamily("system_auth", "credentials"));
\r
61 protected static Access access;
\r
62 protected static LocalLur localLur;
\r
63 protected static AAFCon<?> aafcon;
\r
64 protected static AAFAuthn<?> aafAuthn;
\r
65 protected static AbsAAFLur<AAFPermission> aafLur;
\r
66 protected static String default_realm;
\r
67 protected static String cluster_name;
\r
68 protected static String perm_type;
\r
69 private static boolean props_ok = false;
\r
72 * If you use your own Access Class, this must be called before
\r
73 * "setup()" is invoked by Cassandra.
\r
75 * Otherwise, it will default to reading Properties CADI style.
\r
79 public static void setAccess(Access access) {
\r
80 AAFBase.access = access;
\r
84 public void validateConfiguration() throws ConfigurationException {
\r
87 throw new ConfigurationException("AAF not initialized");
\r
91 @SuppressWarnings("unchecked")
\r
92 public synchronized void setup() {
\r
93 if(aafAuthn == null) {
\r
96 String value = System.getProperty(Config.CADI_PROP_FILES, "cadi.properties");
\r
97 Properties initial = new Properties();
\r
98 URL cadi_props = ClassLoader.getSystemResource(value);
\r
99 if(cadi_props == null) {
\r
100 File cp = new File(value);
\r
102 InputStream is = new FileInputStream(cp);
\r
109 System.out.printf("%s does not exist as File or in Classpath\n",value);
\r
110 initial.setProperty(Config.CADI_PROP_FILES, value);
\r
113 InputStream is = cadi_props.openStream();
\r
120 access = new SLF4JAccess(initial);
\r
123 if((perm_type = Config.logProp(access, "cass_group_name",null))==null) {
\r
126 perm_type = perm_type + ".cass";
\r
129 if((cluster_name = Config.logProp(access,"cass_cluster_name",null))==null) {
\r
130 if((cluster_name = DatabaseDescriptor.getClusterName())==null) {
\r
135 if((default_realm = Config.logProp(access, Config.AAF_DEFAULT_REALM, null))==null) {
\r
139 if(props_ok==false) {
\r
143 // AAFLur has pool of DME clients as needed, and Caches Client lookups
\r
144 Lur lur = Config.configLur(access);
\r
145 // Loop through to find AAFLur out of possible Lurs, to reuse AAFCon
\r
146 if(lur instanceof EpiLur) {
\r
147 EpiLur elur = (EpiLur)lur;
\r
148 for(int i=0; (lur = elur.get(i))!=null;++i) {
\r
149 if(lur instanceof AbsAAFLur) {
\r
150 aafLur=(AbsAAFLur<AAFPermission>)lur;
\r
151 aafcon = aafLur.aaf;
\r
152 aafAuthn = aafLur.aaf.newAuthn(aafLur);
\r
154 } else if(lur instanceof LocalLur) {
\r
155 localLur = (LocalLur)lur;
\r
158 } else if(lur instanceof AbsAAFLur) {
\r
159 aafLur=(AbsAAFLur<AAFPermission>)lur;
\r
160 aafcon = aafLur.aaf;
\r
161 aafAuthn = aafLur.aaf.newAuthn(aafLur);
\r
163 if(aafAuthn==null) {
\r
164 access.log(Level.INIT,"Failed to instantiate full AAF access");
\r
167 } catch (Exception e) {
\r
169 if(access!=null)access.log(e, "Failed to initialize AAF");
\r
175 public Set<DataResource> protectedResources() {
\r
176 access.log(Level.DEBUG, "Data Resource asked for: it's",dataResource.isEmpty()?"":"not","empty");
\r
177 return dataResource;
\r
180 public Set<IAuthenticator.Option> supportedOptions() {
\r
181 access.log(Level.DEBUG, "supportedOptions() called");
\r
185 public Set<IAuthenticator.Option> alterableOptions() {
\r
186 access.log(Level.DEBUG, "alterableOptions() called");
\r
Code Review / aaf / cadi.git / blob