Code Review / aaf / authz.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Fix Agent and CM Issues
[aaf/authz.git] / cadi / aaf / src / main / java / org / onap / aaf / cadi / aaf / v2_0 / AAFTaf.java
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
index ea40440..c774440 100644 (file)
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -58,7 +58,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
     private AAFCon<CLIENT> aaf;
     private boolean warn;
     private MapBathConverter mapIds;
-    
+
     public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning) {
         super(con.access,con.cleanInterval,con.highCount, con.usageRefreshTriggerCount);
         aaf = con;
@@ -73,7 +73,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
         initMapBathConverter();
 
     }
-    
+
     // Note: Needed for Creation of this Object with Generics
     @SuppressWarnings("unchecked")
     public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
@@ -89,14 +89,14 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
     private void initMapBathConverter() {
         String csvFile = access.getProperty(Config.CADI_BATH_CONVERT, null);
         if(csvFile==null) {
-               mapIds=null;
+            mapIds=null;
         } else {
-               try {
-                               mapIds = new MapBathConverter(access, new CSV(csvFile));
-                               access.log(Level.INIT,"Basic Auth Conversion using",csvFile,"enabled" );
-                       } catch (IOException | CadiException e) {
-                               access.log(e,"Bath Map Conversion is not initialized (non fatal)");
-                       }
+            try {
+                mapIds = new MapBathConverter(access, new CSV(access,csvFile));
+                access.log(Level.INIT,"Basic Auth Conversion using",csvFile,"enabled" );
+            } catch (IOException | CadiException e) {
+                access.log(e,"Bath Map Conversion is not initialized (non fatal)");
+            }
         }
 
     }
@@ -106,12 +106,13 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
 
         // Note: Either Carbon or Silicon based LifeForms ok
         String authz = req.getHeader("Authorization");
+        String target = "invalid";
         if (authz != null && authz.startsWith("Basic ")) {
             if (warn&&!req.isSecure()) {
                 aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
             }
             if(mapIds != null) {
-               authz = mapIds.convert(access, authz);
+                authz = mapIds.convert(access, authz);
             }
 
             try {
@@ -131,11 +132,11 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
 
                 Miss miss = missed(bp.getName(), bp.getCred());
                 if (miss!=null && !miss.mayContinue()) {
-                    return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
-                            "User/Pass Retry limit exceeded"), 
+                    return new BasicHttpTafResp(aaf.access,bp.getName(),buildMsg(bp,req,
+                            "User/Pass Retry limit exceeded"),
                             RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
                 }
-                
+
                 return aaf.bestForUser(
                     new GetSetter() {
                         @Override
@@ -157,12 +158,12 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
                                 // Note: AddMiss checks for miss==null, and is part of logic
                                 boolean rv= addMiss(bp.getName(),bp.getCred());
                                 if (rv) {
-                                    return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
-                                            "user/pass combo invalid via AAF from " + req.getRemoteAddr()), 
+                                    return new BasicHttpTafResp(aaf.access,bp.getName(),buildMsg(bp,req,
+                                            "user/pass combo invalid via AAF from " + req.getRemoteAddr()),
                                             RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
                                 } else {
-                                    return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
-                                            "user/pass combo invalid via AAF from " + req.getRemoteAddr() + " - Retry limit exceeded"), 
+                                    return new BasicHttpTafResp(aaf.access,bp.getName(),buildMsg(bp,req,
+                                            "user/pass combo invalid via AAF from " + req.getRemoteAddr() + " - Retry limit exceeded"),
                                             RESP.FAIL,resp,aaf.getRealm(),true);
                                 }
                             }
@@ -172,7 +173,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
             } catch (IOException e) {
                 String msg = buildMsg(null,req,"Invalid Auth Token");
                 aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
-                return new BasicHttpTafResp(aaf.access,null,msg, RESP.TRY_AUTHENTICATING, resp, aaf.getRealm(),true);
+                return new BasicHttpTafResp(aaf.access,target,msg, RESP.TRY_AUTHENTICATING, resp, aaf.getRealm(),true);
             } catch (Exception e) {
                 String msg = buildMsg(null,req,"Authenticating Service unavailable");
                 try {
@@ -181,12 +182,12 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
                     aaf.access.log(e1, "Error Invalidating Client");
                 }
                 aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
-                return new BasicHttpTafResp(aaf.access,null,msg, RESP.FAIL, resp, aaf.getRealm(),false);
+                return new BasicHttpTafResp(aaf.access,target,msg, RESP.FAIL, resp, aaf.getRealm(),false);
             }
         }
-        return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
+        return new BasicHttpTafResp(aaf.access,target,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
     }
-    
+
     private String buildMsg(Principal pr, HttpServletRequest req, Object... msg) {
         StringBuilder sb = new StringBuilder();
         for (Object s : msg) {
@@ -204,7 +205,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
     }
 
 
-    
+
     public Resp revalidate(CachedPrincipal prin, Object state) {
         //  !!!! TEST THIS.. Things may not be revalidated, if not BasicPrincipal
         if (prin instanceof BasicPrincipal) {
ARCHIVED- 2022-02-15 at the request of the project