import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Hash;
import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.cadi.Hash;
public class AAFAuthenticationInfo implements AuthenticationInfo {
private static final long serialVersionUID = -1502704556864321020L;
+
// We assume that Shiro is doing Memory Only, and this salt is not needed cross process
private final static int salt = new SecureRandom().nextInt();
apc = new AAFPrincipalCollection(username);
hash = getSaltedCred(password);
}
+
@Override
- public byte[] getCredentials() {
+ public byte[] getCredentials() {
access.log(Level.DEBUG, "AAFAuthenticationInfo.getCredentials");
return hash;
}
UsernamePasswordToken upt = (UsernamePasswordToken)atoken;
if(apc.getPrimaryPrincipal().getName().equals(upt.getPrincipal())) {
byte[] newhash = getSaltedCred(new String(upt.getPassword()));
+ access.printf(Level.INFO,"Successful authentication attempt by %s",upt.getPrincipal());
if(newhash.length==hash.length) {
for(int i=0;i<hash.length;++i) {
if(hash[i]!=newhash[i]) {
return true;
}
}
+ } else {
+ access.printf(Level.ERROR, "AAFAuthenticationInfo received non-AAF token %s (%s)",atoken.getPrincipal(),atoken.getClass().getName());
}
return false;
}