Add Multi-Realm class handling

[aaf/cadi.git] / shiro / src / main / java / org / onap / aaf / cadi / shiro / AAFAuthenticationInfo.java

diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java
index a1d304b..99e387d 100644 (file)
--- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java
+++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java
@@ -29,11 +29,12 @@ import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Hash;
 import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.cadi.Hash;
 
 public class AAFAuthenticationInfo implements AuthenticationInfo {
        private static final long serialVersionUID = -1502704556864321020L;
+       
        // We assume that Shiro is doing Memory Only, and this salt is not needed cross process
        private final static int salt = new SecureRandom().nextInt(); 
 
@@ -46,8 +47,9 @@ public class AAFAuthenticationInfo implements AuthenticationInfo {
                apc = new AAFPrincipalCollection(username);
                hash = getSaltedCred(password);
        }
+       
        @Override
-       public byte[] getCredentials() {
+       public byte[] getCredentials() {        
                access.log(Level.DEBUG, "AAFAuthenticationInfo.getCredentials");
                return hash;
        }
@@ -63,6 +65,7 @@ public class AAFAuthenticationInfo implements AuthenticationInfo {
                        UsernamePasswordToken upt = (UsernamePasswordToken)atoken;
                        if(apc.getPrimaryPrincipal().getName().equals(upt.getPrincipal())) {
                                byte[] newhash = getSaltedCred(new String(upt.getPassword()));
+                               access.printf(Level.INFO,"Successful authentication attempt by %s",upt.getPrincipal());
                                if(newhash.length==hash.length) {
                                        for(int i=0;i<hash.length;++i) {
                                                if(hash[i]!=newhash[i]) {
@@ -72,6 +75,8 @@ public class AAFAuthenticationInfo implements AuthenticationInfo {
                                        return true;
                                }
                        }
+               } else {
+                       access.printf(Level.ERROR, "AAFAuthenticationInfo received non-AAF token %s (%s)",atoken.getPrincipal(),atoken.getClass().getName());
                }
                return false;
        }