* ============LICENSE_START=======================================================
* PolicyEngineUtils
* ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
-
package org.onap.policy.utils;
+import java.security.Principal;
import java.util.Properties;
import org.apache.log4j.Logger;
+import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.locator.PropertyLocator;
+import org.onap.aaf.cadi.principal.UnAuthPrincipal;
-import com.att.cadi.Access;
-import com.att.cadi.Access.Level;
-import com.att.cadi.CadiException;
-import com.att.cadi.aaf.AAFPermission;
-import com.att.cadi.aaf.v2_0.AAFAuthn;
-import com.att.cadi.aaf.v2_0.AAFCon;
-import com.att.cadi.aaf.v2_0.AAFConDME2;
-import com.att.cadi.aaf.v2_0.AAFLurPerm;
-import com.att.cadi.config.Config;
/**
private static AAFCon<?> aafCon = null;
private static AAFLurPerm aafLurPerm = null;
private static AAFAuthn<?> aafAuthn = null;
- private static Access access = null;
+ private static PropAccess access = null;
private AAFPolicyClientImpl(Properties properties) throws AAFPolicyException{
- if(instance == null){
- instance = this;
- }
setup(properties);
}
props.setProperty("AFT_LATITUDE", properties.getProperty("AFT_LATITUDE", DEFAULT_AFT_LATITUDE));
props.setProperty("AFT_LONGITUDE", properties.getProperty("AFT_LONGITUDE", DEFAULT_AFT_LONGITUDE));
String aftEnv = TEST_AFT_ENVIRONMENT;
- //props.setProperty(Config.CADI_KEYFILE,"keyfile");
props.setProperty("aaf_id",properties.getProperty("aaf_id", "aafID"));
props.setProperty("aaf_password", properties.getProperty("aaf_password", "aafPass"));
if(properties.containsKey(Config.AAF_URL)){
* @param properties Properties with CLIENT_ID, CLIENT_KEY and ENVIRONMENT
* @throws AAFPolicyException exceptions if any.
*/
+ @Override
public void updateProperties(Properties properties) throws AAFPolicyException{
setup(properties);
}
* @param action Permissions Action.
* @return
*/
+ @Override
public boolean checkAuthPerm(String mechID, String pass, String type, String instance, String action){
return checkAuth(mechID, pass) && checkPerm(mechID, pass, type, instance, action);
}
* @param pass Password.
* @return True or False.
*/
+ @Override
public boolean checkAuth(String userName, String pass){
if(aafAuthn!=null){
try {
logger.error(e.getMessage() + e);
}
}
- logger.info("Authentication failed for : " + userName + " in " + props.getProperty(Config.AAF_URL));
return false;
}
* @param action Permissions Action.
* @return True or False.
*/
+ @Override
public boolean checkPerm(String userName, String pass, String type, String instance, String action){
int i =0;
Boolean result= false;
try {
aafCon.basicAuth(userName, pass);
AAFPermission perm = new AAFPermission(type, instance, action);
- result = aafLurPerm.fish(userName, perm);
+ final Principal p = new UnAuthPrincipal(userName);
+ result = aafLurPerm.fish(p, perm);
} catch (CadiException e) {
logger.error(e.getMessage() + e);
aafLurPerm.destroy();
}
}
- logger.info("Permissions for : " + userName + " in " + props.getProperty(Config.AAF_URL) + " for " + type + "," + instance + "," + action + "\n Result is: " + result);
i++;
}while(i<2 && !result); // Try once more to check if this can be passed. AAF has some issues.
return result;
private static boolean setUpAAF(){
try {
- aafCon = new AAFConDME2(access);
- aafLurPerm = aafCon.newLur();//new AAFLurPerm(aafCon);
- aafAuthn = aafCon.newAuthn(aafLurPerm);//new AAFAuthn(aafCon, aafLurPerm);
+ aafCon = new AAFConHttp(access,new PropertyLocator("https://aaf-onap-beijing-test.osaaf.org:8100"));
+ aafLurPerm = aafCon.newLur();
+ aafAuthn = aafCon.newAuthn(aafLurPerm);
return true;
} catch (Exception e) {
logger.error("Error while setting up AAF Connection " + e.getMessage() + e);