1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package org.onap.aaf.cadi.client;
\r
25 import java.io.IOException;
\r
27 import org.onap.aaf.cadi.SecuritySetter;
\r
28 import org.onap.aaf.cadi.Symm;
\r
29 import org.onap.aaf.cadi.config.SecurityInfoC;
\r
31 public abstract class AbsBasicAuth<CLIENT> implements SecuritySetter<CLIENT> {
\r
32 protected static final String REPEAT_OFFENDER="This call is aborted because of repeated usage of invalid Passwords";
\r
33 private static final int MAX_TEMP_COUNT = 10;
\r
34 private static final int MAX_SPAM_COUNT = 10000;
\r
35 private static final long WAIT_TIME = 1000*60*4;
\r
37 protected final String headValue;
\r
38 protected SecurityInfoC<CLIENT> securityInfo;
\r
39 protected String user;
\r
40 private long lastMiss;
\r
43 public AbsBasicAuth(String user, String pass, SecurityInfoC<CLIENT> si) throws IOException {
\r
45 headValue = "Basic " + Symm.base64.encode(user + ':' + pass);
\r
52 * @see com.att.cadi.SecuritySetter#getID()
\r
55 public String getID() {
\r
59 public boolean isDenied() {
\r
60 if(lastMiss>0 && lastMiss>System.currentTimeMillis()) {
\r
68 public synchronized int setLastResponse(int httpcode) {
\r
69 if(httpcode == 401) {
\r
71 if(lastMiss==0L && count>MAX_TEMP_COUNT) {
\r
72 lastMiss=System.currentTimeMillis()+WAIT_TIME;
\r
74 // if(count>MAX_SPAM_COUNT) {
\r
75 // System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n",
\r
77 // System.exit(401);
\r
80 System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n",
\r
81 count,MAX_SPAM_COUNT);
\r
90 public int count() {
\r