+++ /dev/null
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.cadi.client;\r
-\r
-import java.io.IOException;\r
-\r
-import org.onap.aaf.cadi.SecuritySetter;\r
-import org.onap.aaf.cadi.Symm;\r
-import org.onap.aaf.cadi.config.SecurityInfoC;\r
-\r
-public abstract class AbsBasicAuth<CLIENT> implements SecuritySetter<CLIENT> {\r
- protected static final String REPEAT_OFFENDER="This call is aborted because of repeated usage of invalid Passwords";\r
- private static final int MAX_TEMP_COUNT = 10;\r
- private static final int MAX_SPAM_COUNT = 10000;\r
- private static final long WAIT_TIME = 1000*60*4;\r
- \r
- protected final String headValue;\r
- protected SecurityInfoC<CLIENT> securityInfo;\r
- protected String user;\r
- private long lastMiss;\r
- private int count;\r
-\r
- public AbsBasicAuth(String user, String pass, SecurityInfoC<CLIENT> si) throws IOException {\r
- this.user = user;\r
- headValue = "Basic " + Symm.base64.encode(user + ':' + pass);\r
- securityInfo = si;\r
- lastMiss=0L;\r
- count=0;\r
- }\r
-\r
- /* (non-Javadoc)\r
- * @see com.att.cadi.SecuritySetter#getID()\r
- */\r
- @Override\r
- public String getID() {\r
- return user;\r
- }\r
- \r
- public boolean isDenied() {\r
- if(lastMiss>0 && lastMiss>System.currentTimeMillis()) {\r
- return true;\r
- } else {\r
- lastMiss=0L;\r
- return false;\r
- }\r
- }\r
- \r
- public synchronized int setLastResponse(int httpcode) {\r
- if(httpcode == 401) {\r
- ++count;\r
- if(lastMiss==0L && count>MAX_TEMP_COUNT) {\r
- lastMiss=System.currentTimeMillis()+WAIT_TIME;\r
- }\r
-// if(count>MAX_SPAM_COUNT) {\r
-// System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n",\r
-// count);\r
-// System.exit(401);\r
-// }\r
- if(count%1000==0) {\r
- System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n",\r
- count,MAX_SPAM_COUNT);\r
- }\r
-\r
- } else {\r
- lastMiss=0;\r
- }\r
- return count;\r
- }\r
- \r
- public int count() {\r
- return count;\r
- }\r
-}\r