* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
import aaf.v2_0.Users.User;
public class AAFListedCertIdentity implements CertIdentity {
- //TODO should 8 hours be configurable?
- private static final long EIGHT_HOURS = 1000*60*60*8L;
-
+ //TODO should 8 hours be configurable?
+ private static final long EIGHT_HOURS = 1000*60*60*8L;
+
private static Map<ByteArrayHolder,String> certs = null;
-
+
// Did this to add other Trust Mechanisms
- // Trust mechanism set by Property:
+ // Trust mechanism set by Property:
private static final String[] authMechanisms = new String[] {"tguard","basicAuth","csp"};
private static String[] certIDs;
-
+
private static Map<String,Set<String>> trusted =null;
- public AAFListedCertIdentity(Access access, AAFCon<?> aafcon) throws APIException {
+ public AAFListedCertIdentity(Access access, AAFCon<?> aafcon) {
synchronized(AAFListedCertIdentity.class) {
if (certIDs==null) {
String cip = access.getProperty(Config.AAF_CERT_IDS, null);
public static Set<String> trusted(String authMech) {
return trusted.get(authMech);
}
-
+
public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException {
if (cert==null && certBytes==null)return null;
if (certBytes==null)certBytes = cert.getEncoded();
return Hash.compareTo(ba, b.ba);
}
}
-
+
private class CertUpdate extends TimerTask {
private AAFCon<?> aafcon;
public CertUpdate(AAFCon<?> con) {
aafcon = con;
}
-
+
@Override
public void run() {
try {
userLookup.add(s);
}
for (String authMech : authMechanisms) {
- Future<Users> fusr = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF);
+ Future<Users> fusr = aafcon.client().read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF);
if (fusr.get(5000)) {
List<User> users = fusr.value.getUser();
if (users.isEmpty()) {
} else {
aafcon.access.log(Level.WARN, "Could not get Users in Perm com.att.trust|tguard|authenticate",fusr.code(),fusr.body());
}
-
+
}
-
+
for (String u : userLookup) {
- Future<Certs> fc = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF);
+ Future<Certs> fc = aafcon.client().read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF);
XMLGregorianCalendar now = Chrono.timeStamp();
if (fc.get(5000)) {
List<Cert> certs = fc.value.getCert();
Code Review / aaf / authz.git / blobdiff