X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-cass%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fdao%2Fhl%2FQuestion.java;h=535484235d90405e820f0d4f507dacd45aa77a8f;hb=f85f0889b3b0e5e9694afab4dd01a4a97a155188;hp=3634af97b5e897d3fa997d35fddd6132ce37e5d3;hpb=d86dd644e1543743cfcbc83b230bd4f2cb2e5d4e;p=aaf%2Fauthz.git diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 3634af97..53548423 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -50,6 +50,7 @@ import org.onap.aaf.auth.dao.cass.ApprovalDAO; import org.onap.aaf.auth.dao.cass.CacheInfoDAO; import org.onap.aaf.auth.dao.cass.CertDAO; import org.onap.aaf.auth.dao.cass.CredDAO; +import org.onap.aaf.auth.dao.cass.CredDAO.Data; import org.onap.aaf.auth.dao.cass.DelegateDAO; import org.onap.aaf.auth.dao.cass.FutureDAO; import org.onap.aaf.auth.dao.cass.HistoryDAO; @@ -61,10 +62,9 @@ import org.onap.aaf.auth.dao.cass.PermDAO; import org.onap.aaf.auth.dao.cass.RoleDAO; import org.onap.aaf.auth.dao.cass.Status; import org.onap.aaf.auth.dao.cass.UserRoleDAO; -import org.onap.aaf.auth.dao.cass.CredDAO.Data; import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.env.AuthzTransFilter; import org.onap.aaf.auth.env.AuthzTrans.REQD_TYPE; +import org.onap.aaf.auth.env.AuthzTransFilter; import org.onap.aaf.auth.layer.Result; import org.onap.aaf.auth.org.Organization; import org.onap.aaf.cadi.Hash; @@ -235,7 +235,7 @@ public class Question { nss = null; } else { // Setup a TreeSet to check on Namespaces to - nss = new TreeSet(); + nss = new TreeSet<>(); PermLookup fUser = PermLookup.get(trans, this, forUser); Result> forUpn = fUser.getPermNames(); if(forUpn.notOK()) { @@ -252,7 +252,7 @@ public class Question { } } - List rlpUser = new ArrayList(); + List rlpUser = new ArrayList<>(); Result rpdd; PermDAO.Data pdd; for(String pn : plPermNames.value) { @@ -298,7 +298,7 @@ public class Question { return Result.err(rlrd); } // Using Set to avoid duplicates - Set permNames = new HashSet(); + Set permNames = new HashSet<>(); if (rlrd.isOKhasData()) { for (RoleDAO.Data drr : rlrd.value) { permNames.addAll(drr.perms(false)); @@ -307,7 +307,7 @@ public class Question { // Note: It should be ok for a Valid user to have no permissions - // Jonathan 8/12/2013 - List perms = new ArrayList(); + List perms = new ArrayList<>(); for (String perm : permNames) { Result pr = PermDAO.Data.decode(trans, this, perm); if (pr.notOK()) { @@ -351,9 +351,9 @@ public class Question { * * Given a Child Namespace, figure out what the best Namespace parent is. * - * For instance, if in the NS table, the parent "com.att" exists, but not + * For instance, if in the NS table, the parent "org.osaaf" exists, but not * "org.osaaf.child" or "org.osaaf.a.b.c", then passing in either - * "org.osaaf.child" or "org.osaaf.a.b.c" will return "com.att" + * "org.osaaf.child" or "org.osaaf.a.b.c" will return "org.osaaf" * * Uses recursive search on Cached DAO data * @@ -744,7 +744,7 @@ public class Question { // Bug noticed 6/22. Sorting on the result can cause Concurrency Issues. List cddl; if(result.value.size() > 1) { - cddl = new ArrayList(result.value.size()); + cddl = new ArrayList<>(result.value.size()); for(CredDAO.Data old : result.value) { if(old.type==CredDAO.BASIC_AUTH || old.type==CredDAO.BASIC_AUTH_SHA256) { cddl.add(old); @@ -780,7 +780,7 @@ public class Question { checkLessThanDays(trans,7,now,cdd); return Result.ok(cdd.expires); } else if (debug!=null) { - load(debug, cdd,dbcred); + load(debug, cdd); } break; case CredDAO.BASIC_AUTH_SHA256: @@ -793,7 +793,7 @@ public class Question { checkLessThanDays(trans,7,now,cdd); return Result.ok(cdd.expires); } else if (debug!=null) { - load(debug, cdd, dbcred); + load(debug, cdd); } break; default: @@ -809,14 +809,10 @@ public class Question { } } // end for each if(debug==null) { - debug=new StringBuilder(); + trans.audit().printf("No cred matches ip=%s, user=%s\n",trans.ip(),user); } else { - debug.append(", "); + trans.audit().printf("No cred matches ip=%s, user=%s %s\n",trans.ip(),user,debug.toString()); } - - debug.append("cred="); - debug.append(new String(cred)); - trans.audit().printf("No cred matches ip=%s, user=%s, %s\n",trans.ip(),user,trans.encryptor().encrypt(debug.toString())); if(expired!=null) { // Note: this is only returned if there are no good Credentials rv = Result.err(Status.ERR_Security, @@ -830,13 +826,11 @@ public class Question { } - private void load(StringBuilder debug, Data cdd, byte[] dbcred) { + private void load(StringBuilder debug, Data cdd) { debug.append("DB Entry: user="); debug.append(cdd.id); debug.append(",type="); debug.append(cdd.type); - debug.append(",cred="); - debug.append(Hash.toHex(dbcred)); debug.append(",expires="); debug.append(Chrono.dateTime(cdd.expires)); debug.append('\n'); @@ -1045,7 +1039,7 @@ public class Question { public static synchronized boolean specialLogOn(AuthzTrans trans, String id) { if (specialLog == null) { - specialLog = new HashSet(); + specialLog = new HashSet<>(); } boolean rc = specialLog.add(id); if(rc) {