- TimeTaken security = trans.start("CADI Security", Env.SUB);
- TafResp resp;
- RESP r;
- CadiWrap cw = null;
- try {
- resp = cadi.validate(req,res,trans);
- switch(r=resp.isAuthenticated()) {
- case IS_AUTHENTICATED:
- cw = new CadiWrap(req,resp,cadi.getLur());
- authenticated(trans, cw.getUserPrincipal());
- break;
- default:
- break;
- }
- } finally {
- security.done();
- }
-
- if(r==RESP.IS_AUTHENTICATED) {
- trans.checkpoint(resp.desc());
- if(cadi.notCadi(cw, res)) {
- chain.doFilter(cw, response);
- }
- } else {
- //TODO this is a good place to check if too many checks recently
- // Would need Cached Counter objects that are cleaned up on
- // use
- trans.checkpoint(resp.desc(),Env.ALWAYS);
- if(resp.isFailedAttempt())
- trans.audit().log(resp.desc());
- }
- } catch(Exception e) {
- trans.error().log(e);
- trans.checkpoint("Error: " + e.getClass().getSimpleName() + ": " + e.getMessage());
- throw new ServletException(e);
- } finally {
- overall.done();
- tallyHo(trans);
- }
- }
+ TimeTaken security = trans.start("CADI Security", Env.SUB);
+ TafResp resp;
+ RESP r;
+ CadiWrap cw = null;
+ try {
+ resp = cadi.validate(req,res,trans);
+ switch(r=resp.isAuthenticated()) {
+ case IS_AUTHENTICATED:
+ cw = new CadiWrap(req,resp,cadi.getLur());
+ authenticated(trans, cw.getUserPrincipal());
+ break;
+ default:
+ break;
+ }
+ } finally {
+ security.done();
+ }
+
+ if(r==RESP.IS_AUTHENTICATED) {
+ trans.checkpoint(resp.desc());
+ if(cadi.notCadi(cw, res)) {
+ chain.doFilter(cw, response);
+ }
+ } else {
+ //TODO this is a good place to check if too many checks recently
+ // Would need Cached Counter objects that are cleaned up on
+ // use
+ trans.checkpoint(resp.desc(),Env.ALWAYS);
+ if(resp.isFailedAttempt())
+ trans.audit().log(resp.desc());
+ }
+ } catch(Exception e) {
+ trans.error().log(e);
+ trans.checkpoint("Error: " + e.getClass().getSimpleName() + ": " + e.getMessage());
+ throw new ServletException(e);
+ } finally {
+ overall.done();
+ tallyHo(trans);
+ }
+ }