import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
-import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.Hash;
public class AAFAuthenticationInfo implements AuthenticationInfo {
private static final long serialVersionUID = -1502704556864321020L;
- final static Logger logger = Logger.getLogger(AAFAuthenticationInfo.class);
-
// We assume that Shiro is doing Memory Only, and this salt is not needed cross process
private final static int salt = new SecureRandom().nextInt();
apc = new AAFPrincipalCollection(username);
hash = getSaltedCred(password);
}
+
@Override
- public byte[] getCredentials() {
- logger.debug("AAFAuthenticationInfo.getCredentials");
+ public byte[] getCredentials() {
+ access.log(Level.DEBUG, "AAFAuthenticationInfo.getCredentials");
return hash;
}
@Override
public PrincipalCollection getPrincipals() {
- logger.debug( "AAFAuthenticationInfo.getPrincipals");
+ access.log(Level.DEBUG, "AAFAuthenticationInfo.getPrincipals");
return apc;
}
UsernamePasswordToken upt = (UsernamePasswordToken)atoken;
if(apc.getPrimaryPrincipal().getName().equals(upt.getPrincipal())) {
byte[] newhash = getSaltedCred(new String(upt.getPassword()));
+ access.printf(Level.INFO,"Successful authentication attempt by %s",upt.getPrincipal());
if(newhash.length==hash.length) {
for(int i=0;i<hash.length;++i) {
if(hash[i]!=newhash[i]) {
return true;
}
}
+ } else {
+ access.printf(Level.ERROR, "AAFAuthenticationInfo received non-AAF token %s (%s)",atoken.getPrincipal(),atoken.getClass().getName());
}
return false;
}