X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;ds=sidebyside;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fclamp%2Fclds%2FClampServlet.java;h=90d0693d1288dec6e88106f30aa0a06552cc1797;hb=785b17789adc4817e129fcd389d91046b195044a;hp=008a9c743fc29e2573cfa7c62c3c0bcbc9e70fd8;hpb=116703e35d4426dfd644246e17a40d4cab5cf641;p=clamp.git diff --git a/src/main/java/org/onap/clamp/clds/ClampServlet.java b/src/main/java/org/onap/clamp/clds/ClampServlet.java index 008a9c74..90d0693d 100644 --- a/src/main/java/org/onap/clamp/clds/ClampServlet.java +++ b/src/main/java/org/onap/clamp/clds/ClampServlet.java @@ -5,6 +5,8 @@ * Copyright (C) 2018 AT&T Intellectual Property. All rights * reserved. * ================================================================================ + * Modifications Copyright (c) 2019 Samsung + * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -25,16 +27,6 @@ package org.onap.clamp.clds; import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; - -import java.io.IOException; -import java.security.Principal; -import java.util.ArrayList; -import java.util.List; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.apache.camel.component.servlet.CamelHttpTransportServlet; import org.onap.clamp.clds.service.SecureServicePermission; import org.springframework.context.ApplicationContext; @@ -47,31 +39,42 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; import org.springframework.web.context.support.WebApplicationContextUtils; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.security.Principal; +import java.util.ArrayList; +import java.util.List; + public class ClampServlet extends CamelHttpTransportServlet { /** - * + * The serial version ID. */ private static final long serialVersionUID = -4198841134910211542L; - protected static final EELFLogger logger = EELFManager.getInstance().getLogger(ClampServlet.class); - public static final String PERM_INSTANCE = "clamp.config.security.permission.instance"; - public static final String PERM_CL = "clamp.config.security.permission.type.cl"; - public static final String PERM_TEMPLATE = "clamp.config.security.permission.type.template"; - public static final String PERM_VF = "clamp.config.security.permission.type.filter.vf"; - public static final String PERM_MANAGE = "clamp.config.security.permission.type.cl.manage"; - public static final String PERM_TOSCA = "clamp.config.security.permission.type.tosca"; - public static final String AUTHENTICATION_CLASS = "clamp.config.security.authentication.class"; + private static final EELFLogger logger = EELFManager.getInstance().getLogger(ClampServlet.class); + private static final String PERM_INSTANCE = "clamp.config.security.permission.instance"; + private static final String PERM_CL = "clamp.config.security.permission.type.cl"; + private static final String PERM_TEMPLATE = "clamp.config.security.permission.type.template"; + private static final String PERM_VF = "clamp.config.security.permission.type.filter.vf"; + private static final String PERM_MANAGE = "clamp.config.security.permission.type.cl.manage"; + private static final String PERM_TOSCA = "clamp.config.security.permission.type.tosca"; + private static final String AUTHENTICATION_CLASS = "clamp.config.security.authentication.class"; + private static final String READ = "read"; + private static final String UPDATE = "update"; + private static List permissionList; private synchronized Class loadDynamicAuthenticationClass() { try { String authenticationObject = WebApplicationContextUtils.getWebApplicationContext(getServletContext()) - .getEnvironment().getProperty(AUTHENTICATION_CLASS); + .getEnvironment().getProperty(AUTHENTICATION_CLASS); return Class.forName(authenticationObject); } catch (ClassNotFoundException e) { logger.error( - "Exception caught when attempting to create associated class of config:" + AUTHENTICATION_CLASS, e); + "Exception caught when attempting to create associated class of config:" + AUTHENTICATION_CLASS, e); return Object.class; } } @@ -80,24 +83,24 @@ public class ClampServlet extends CamelHttpTransportServlet { if (permissionList == null) { permissionList = new ArrayList<>(); ApplicationContext applicationContext = WebApplicationContextUtils - .getWebApplicationContext(getServletContext()); + .getWebApplicationContext(getServletContext()); String cldsPermissionInstance = applicationContext.getEnvironment().getProperty(PERM_INSTANCE); permissionList.add(SecureServicePermission.create(applicationContext.getEnvironment().getProperty(PERM_CL), - cldsPermissionInstance, "read")); + cldsPermissionInstance, READ)); permissionList.add(SecureServicePermission.create(applicationContext.getEnvironment().getProperty(PERM_CL), - cldsPermissionInstance, "update")); + cldsPermissionInstance, UPDATE)); permissionList.add(SecureServicePermission.create( - applicationContext.getEnvironment().getProperty(PERM_TEMPLATE), cldsPermissionInstance, "read")); + applicationContext.getEnvironment().getProperty(PERM_TEMPLATE), cldsPermissionInstance, READ)); permissionList.add(SecureServicePermission.create( - applicationContext.getEnvironment().getProperty(PERM_TEMPLATE), cldsPermissionInstance, "update")); + applicationContext.getEnvironment().getProperty(PERM_TEMPLATE), cldsPermissionInstance, UPDATE)); permissionList.add(SecureServicePermission.create(applicationContext.getEnvironment().getProperty(PERM_VF), - cldsPermissionInstance, "*")); + cldsPermissionInstance, "*")); permissionList.add(SecureServicePermission - .create(applicationContext.getEnvironment().getProperty(PERM_MANAGE), cldsPermissionInstance, "*")); + .create(applicationContext.getEnvironment().getProperty(PERM_MANAGE), cldsPermissionInstance, "*")); permissionList.add(SecureServicePermission - .create(applicationContext.getEnvironment().getProperty(PERM_TOSCA), cldsPermissionInstance, "read")); + .create(applicationContext.getEnvironment().getProperty(PERM_TOSCA), cldsPermissionInstance, READ)); permissionList.add(SecureServicePermission - .create(applicationContext.getEnvironment().getProperty(PERM_TOSCA), cldsPermissionInstance, "update")); + .create(applicationContext.getEnvironment().getProperty(PERM_TOSCA), cldsPermissionInstance, UPDATE)); } return permissionList; } @@ -107,10 +110,9 @@ public class ClampServlet extends CamelHttpTransportServlet { * to isUserInRole will invoke a http call to AAF server. */ @Override - protected void doService(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { - Principal p = request.getUserPrincipal(); - if (loadDynamicAuthenticationClass().isInstance(p)) { + protected void doService(HttpServletRequest request, HttpServletResponse response) { + Principal principal = request.getUserPrincipal(); + if (loadDynamicAuthenticationClass().isInstance(principal)) { // When AAF is enabled, there is a need to provision the permissions to Spring // system List grantedAuths = new ArrayList<>(); @@ -120,8 +122,8 @@ public class ClampServlet extends CamelHttpTransportServlet { grantedAuths.add(new SimpleGrantedAuthority(permString)); } } - Authentication auth = new UsernamePasswordAuthenticationToken(new User(p.getName(), "", grantedAuths), "", - grantedAuths); + Authentication auth = new UsernamePasswordAuthenticationToken(new User(principal.getName(), "", grantedAuths), "", + grantedAuths); SecurityContextHolder.getContext().setAuthentication(auth); } try { @@ -134,6 +136,5 @@ public class ClampServlet extends CamelHttpTransportServlet { logger.error("Exception caught when executing HTTP sendError in servlet", e); } } - } } \ No newline at end of file