--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aaf\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package org.onap.aaf.authz.env;\r
+\r
+import java.security.Principal;\r
+\r
+import javax.servlet.ServletRequest;\r
+import javax.servlet.http.HttpServletRequest;\r
+\r
+import org.onap.aaf.cssa.rserv.TransFilter;\r
+\r
+import org.onap.aaf.cadi.CadiException;\r
+import org.onap.aaf.cadi.Connector;\r
+import org.onap.aaf.cadi.TrustChecker;\r
+import org.onap.aaf.cadi.principal.BasicPrincipal;\r
+import org.onap.aaf.cadi.principal.TrustPrincipal;\r
+import org.onap.aaf.cadi.principal.X509Principal;\r
+import org.onap.aaf.inno.env.Env;\r
+import org.onap.aaf.inno.env.Slot;\r
+import org.onap.aaf.inno.env.TimeTaken;\r
+import org.onap.aaf.inno.env.Trans.Metric;\r
+\r
+public class AuthzTransFilter extends TransFilter<AuthzTrans> {\r
+ private AuthzEnv env;\r
+ public Metric serviceMetric;\r
+ public static Slot transIDslot;\r
+\r
+ public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";\r
+ public static final int BUCKETSIZE = 2;\r
+\r
+ public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {\r
+ super(env,con, tc, additionalTafLurs);\r
+ this.env = env;\r
+ serviceMetric = new Metric();\r
+ serviceMetric.buckets = new float[BUCKETSIZE];\r
+ if(transIDslot==null) {\r
+ transIDslot = env.slot(TRANS_ID_SLOT);\r
+ }\r
+ }\r
+ \r
+ @Override\r
+ protected AuthzTrans newTrans() {\r
+ AuthzTrans at = env.newTrans();\r
+ at.setLur(getLur());\r
+ return at;\r
+ }\r
+\r
+ @Override\r
+ protected TimeTaken start(AuthzTrans trans, ServletRequest request) {\r
+ trans.set((HttpServletRequest)request);\r
+ return trans.start("Trans " + //(context==null?"n/a":context.toString()) +\r
+ " IP: " + trans.ip() +\r
+ " Port: " + trans.port()\r
+ , Env.SUB);\r
+ }\r
+\r
+ @Override\r
+ protected void authenticated(AuthzTrans trans, Principal p) {\r
+ trans.setUser(p);\r
+ }\r
+\r
+ @Override\r
+ protected void tallyHo(AuthzTrans trans) {\r
+ if(trans.info().isLoggable()) {\r
+ // Transaction is done, now post\r
+ StringBuilder sb = new StringBuilder("AuditTrail\n");\r
+ // We'll grabAct sub-metrics for Remote Calls and JSON\r
+ // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!\r
+ Metric m = trans.auditTrail(1, sb, Env.REMOTE,Env.JSON);\r
+\r
+ // Add current Metrics to total metrics\r
+ serviceMetric.total+= m.total;\r
+ for(int i=0;i<serviceMetric.buckets.length;++i) {\r
+ serviceMetric.buckets[i]+=m.buckets[i];\r
+ }\r
+ \r
+ // Log current info\r
+ sb.append(" Total: ");\r
+ sb.append(m.total);\r
+ sb.append(" Remote: ");\r
+ sb.append(m.buckets[0]);\r
+ sb.append(" JSON: ");\r
+ sb.append(m.buckets[1]);\r
+ trans.info().log(sb);\r
+ } else {\r
+ // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!\r
+ StringBuilder content = new StringBuilder(); \r
+ Metric m = trans.auditTrail(1, content, Env.REMOTE,Env.JSON);\r
+ // Add current Metrics to total metrics\r
+ serviceMetric.total+= m.total;\r
+ for(int i=0;i<serviceMetric.buckets.length;++i) {\r
+ serviceMetric.buckets[i]+=m.buckets[i];\r
+ }\r
+ \r
+ StringBuilder sb = new StringBuilder();\r
+ sb.append("user=");\r
+ Principal p = trans.getUserPrincipal();\r
+ if(p==null) {\r
+ sb.append("n/a");\r
+ } else {\r
+ sb.append(p.getName());\r
+ if(p instanceof TrustPrincipal) {\r
+ sb.append('(');\r
+ sb.append(((TrustPrincipal)p).getOrigName());\r
+ sb.append(')');\r
+ } else {\r
+ sb.append('[');\r
+ if(p instanceof X509Principal) {\r
+ sb.append("x509");\r
+ } else if(p instanceof BasicPrincipal) {\r
+ sb.append("BAth");\r
+ } else {\r
+ sb.append(p.getClass().getSimpleName());\r
+ }\r
+ sb.append(']');\r
+ }\r
+ }\r
+ sb.append(",ip=");\r
+ sb.append(trans.ip());\r
+ sb.append(",port=");\r
+ sb.append(trans.port());\r
+ sb.append(",ms=");\r
+ sb.append(m.total);\r
+ sb.append(",meth=");\r
+ sb.append(trans.meth());\r
+ sb.append(",path=");\r
+ sb.append(trans.path());\r
+\r
+ Long tsi;\r
+ if((tsi=trans.get(transIDslot, null))!=null) {\r
+ sb.append(",traceID=");\r
+ sb.append(Long.toHexString(tsi));\r
+ }\r
+ \r
+ if(content.length()>0) {\r
+ sb.append(",msg=\"");\r
+ sb.append(content);\r
+ sb.append('"');\r
+ }\r
+ \r
+ trans.warn().log(sb);\r
+ }\r
+ }\r
+\r
+}\r
Code Review / aaf / authz.git / blobdiff