Sonar Fixes, Formatting

[aaf/authz.git] / auth / auth-cass / src / main / java / org / onap / aaf / auth / direct / DirectAAFUserPass.java

diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
index 9d4cd05..f5b7779 100644 (file)
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -37,14 +37,14 @@ import org.onap.aaf.cadi.CredVal;
 /**
  * DirectAAFUserPass is intended to provide password Validation directly from Cassandra Database, and is only
  * intended for use in AAF itself.  The normal "AAF Taf" objects are, of course, clients.
- * 
+ *
  * @author Jonathan
  *
  */
 public class DirectAAFUserPass implements CredVal {
     private final AuthzEnv env;
     private final Question question;
-    
+
     public DirectAAFUserPass(AuthzEnv env, Question question) {
         this.env = env;
         this.question = question;
@@ -52,28 +52,37 @@ public class DirectAAFUserPass implements CredVal {
 
     @Override
     public boolean validate(String user, Type type, byte[] pass, Object state) {
+            if(user==null || type==null || pass==null) {
+                return false;
+            }
+
             try {
                 AuthzTrans trans;
-                if(state !=null) {
-                    if(state instanceof AuthzTrans) {
+                boolean transfer = false;
+                if (state !=null) {
+                    if (state instanceof AuthzTrans) {
                         trans = (AuthzTrans)state;
                     } else {
                         trans = env.newTransNoAvg();
-                        if(state instanceof HttpServletRequest) {
-                            trans.set((HttpServletRequest)state);
+                        if (state instanceof HttpServletRequest) {
+                            trans.set((HttpServletRequest)state,null);
+                            transfer=true;
                         }
                     }
                 } else {
                     trans = env.newTransNoAvg();
                 }
                 Result<Date> result = question.doesUserCredMatch(trans, user, pass);
-                trans.logAuditTrail(env.info());
+                if(transfer) {
+                    ((HttpServletRequest)state).setAttribute("CRED_TAG", trans.getTag());
+                }
+                trans.logAuditTrail(env.debug());
                 switch(result.status) {
                     case OK:
                         return true;
                     default:
-                        String ip = trans.ip()==null?"":(", ip="+trans.ip());
-                        env.warn().log(user, "failed password validation" + ip + ':',result.errorString());
+                        String ip = trans.ip()==null?"":trans.ip();
+                        env.audit().printf("user=%s,tag=%s,ip=%s,msg=\"failed password validation: %s\"",user,trans.getTag(),ip,result.errorString());
                 }
             } catch (DAOException e) {
                 env.error().log(e,"Cannot validate user/pass from cassandra");