1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.cadi.client;
\r
26 import java.io.IOException;
\r
28 import com.att.cadi.SecuritySetter;
\r
29 import com.att.cadi.Symm;
\r
30 import com.att.cadi.config.SecurityInfoC;
\r
32 public abstract class AbsBasicAuth<CLIENT> implements SecuritySetter<CLIENT> {
\r
33 protected static final String REPEAT_OFFENDER="This call is aborted because of repeated usage of invalid Passwords";
\r
34 private static final int MAX_TEMP_COUNT = 10;
\r
35 private static final int MAX_SPAM_COUNT = 10000;
\r
36 private static final long WAIT_TIME = 1000*60*4;
\r
38 protected final String headValue;
\r
39 protected SecurityInfoC<CLIENT> securityInfo;
\r
40 protected String user;
\r
41 private long lastMiss;
\r
44 public AbsBasicAuth(String user, String pass, SecurityInfoC<CLIENT> si) throws IOException {
\r
46 headValue = "Basic " + Symm.base64.encode(user + ':' + pass);
\r
53 * @see com.att.cadi.SecuritySetter#getID()
\r
56 public String getID() {
\r
60 public boolean isDenied() {
\r
61 if(lastMiss>0 && lastMiss>System.currentTimeMillis()) {
\r
69 public synchronized int setLastResponse(int httpcode) {
\r
70 if(httpcode == 401) {
\r
72 if(lastMiss==0L && count>MAX_TEMP_COUNT) {
\r
73 lastMiss=System.currentTimeMillis()+WAIT_TIME;
\r
75 // if(count>MAX_SPAM_COUNT) {
\r
76 // System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n",
\r
78 // System.exit(401);
\r
81 System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n",
\r
82 count,MAX_SPAM_COUNT);
\r
91 public int count() {
\r