+++ /dev/null
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.cadi.aaf.cass;\r
-\r
-import java.io.File;\r
-import java.io.FileInputStream;\r
-import java.io.InputStream;\r
-import java.net.URL;\r
-import java.util.HashSet;\r
-import java.util.Properties;\r
-import java.util.Set;\r
-\r
-import org.apache.cassandra.auth.DataResource;\r
-import org.apache.cassandra.auth.IAuthenticator;\r
-import org.apache.cassandra.config.DatabaseDescriptor;\r
-import org.apache.cassandra.exceptions.ConfigurationException;\r
-import org.onap.aaf.cadi.Access;\r
-import org.onap.aaf.cadi.Lur;\r
-import org.onap.aaf.cadi.SLF4JAccess;\r
-import org.onap.aaf.cadi.Access.Level;\r
-import org.onap.aaf.cadi.aaf.AAFPermission;\r
-import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;\r
-import org.onap.aaf.cadi.aaf.v2_0.AAFCon;\r
-import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLur;\r
-import org.onap.aaf.cadi.config.Config;\r
-import org.onap.aaf.cadi.lur.EpiLur;\r
-import org.onap.aaf.cadi.lur.LocalLur;\r
-\r
-public abstract class AAFBase {\r
- protected static final Set<IAuthenticator.Option> options;\r
- protected static final Set<DataResource> dataResource;\r
-\r
- static {\r
- options = new HashSet<IAuthenticator.Option>();\r
- options.add(IAuthenticator.Option.PASSWORD);\r
- \r
- dataResource = new HashSet<DataResource>();\r
- dataResource.add(DataResource.columnFamily("system_auth", "credentials"));\r
- }\r
- \r
- protected static Access access;\r
- protected static LocalLur localLur;\r
- protected static AAFCon<?> aafcon;\r
- protected static AAFAuthn<?> aafAuthn;\r
- protected static AbsAAFLur<AAFPermission> aafLur;\r
- protected static String default_realm;\r
- protected static String cluster_name;\r
- protected static String perm_type;\r
- private static boolean props_ok = false;\r
- \r
- /**\r
- * If you use your own Access Class, this must be called before \r
- * "setup()" is invoked by Cassandra.\r
- * \r
- * Otherwise, it will default to reading Properties CADI style.\r
- * \r
- * @param access\r
- */\r
- public static void setAccess(Access access) {\r
- AAFBase.access = access;\r
- }\r
-\r
- \r
- public void validateConfiguration() throws ConfigurationException {\r
- setup();\r
- if(!props_ok) {\r
- throw new ConfigurationException("AAF not initialized");\r
- }\r
- }\r
- \r
- @SuppressWarnings("unchecked")\r
- public synchronized void setup() {\r
- if(aafAuthn == null) {\r
- try {\r
- if(access==null) {\r
- String value = System.getProperty(Config.CADI_PROP_FILES, "cadi.properties");\r
- Properties initial = new Properties();\r
- URL cadi_props = ClassLoader.getSystemResource(value);\r
- if(cadi_props == null) {\r
- File cp = new File(value);\r
- if(cp.exists()) {\r
- InputStream is = new FileInputStream(cp);\r
- try {\r
- initial.load(is);\r
- } finally {\r
- is.close();\r
- }\r
- } else {\r
- System.out.printf("%s does not exist as File or in Classpath\n",value);\r
- initial.setProperty(Config.CADI_PROP_FILES, value);\r
- }\r
- } else {\r
- InputStream is = cadi_props.openStream();\r
- try {\r
- initial.load(is);\r
- } finally {\r
- is.close();\r
- }\r
- }\r
- access = new SLF4JAccess(initial);\r
- }\r
- props_ok = true;\r
- if((perm_type = Config.logProp(access, "cass_group_name",null))==null) {\r
- props_ok=false;\r
- } else {\r
- perm_type = perm_type + ".cass";\r
- }\r
- \r
- if((cluster_name = Config.logProp(access,"cass_cluster_name",null))==null) {\r
- if((cluster_name = DatabaseDescriptor.getClusterName())==null) {\r
- props_ok=false;\r
- }\r
- }\r
-\r
- if((default_realm = Config.logProp(access, Config.AAF_DEFAULT_REALM, null))==null) {\r
- props_ok=false;\r
- }\r
- \r
- if(props_ok==false) {\r
- return;\r
- }\r
-\r
- // AAFLur has pool of DME clients as needed, and Caches Client lookups\r
- Lur lur = Config.configLur(access);\r
- // Loop through to find AAFLur out of possible Lurs, to reuse AAFCon\r
- if(lur instanceof EpiLur) {\r
- EpiLur elur = (EpiLur)lur;\r
- for(int i=0; (lur = elur.get(i))!=null;++i) {\r
- if(lur instanceof AbsAAFLur) {\r
- aafLur=(AbsAAFLur<AAFPermission>)lur;\r
- aafcon = aafLur.aaf;\r
- aafAuthn = aafLur.aaf.newAuthn(aafLur);\r
- break;\r
- } else if(lur instanceof LocalLur) {\r
- localLur = (LocalLur)lur;\r
- }\r
- }\r
- } else if(lur instanceof AbsAAFLur) {\r
- aafLur=(AbsAAFLur<AAFPermission>)lur;\r
- aafcon = aafLur.aaf;\r
- aafAuthn = aafLur.aaf.newAuthn(aafLur);\r
- }\r
- if(aafAuthn==null) {\r
- access.log(Level.INIT,"Failed to instantiate full AAF access");\r
- props_ok = false;\r
- }\r
- } catch (Exception e) {\r
- aafAuthn=null;\r
- if(access!=null)access.log(e, "Failed to initialize AAF");\r
- props_ok = false;\r
- }\r
- } \r
- }\r
-\r
- public Set<DataResource> protectedResources() {\r
- access.log(Level.DEBUG, "Data Resource asked for: it's",dataResource.isEmpty()?"":"not","empty");\r
- return dataResource;\r
- }\r
- \r
- public Set<IAuthenticator.Option> supportedOptions() {\r
- access.log(Level.DEBUG, "supportedOptions() called");\r
- return options;\r
- }\r
- \r
- public Set<IAuthenticator.Option> alterableOptions() {\r
- access.log(Level.DEBUG, "alterableOptions() called");\r
- return options;\r
- }\r
-\r
-\r
-}\r