X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-cass%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fdirect%2FDirectAAFUserPass.java;h=62e1592f9712f4e22289dd4b832b2e0739eab9f3;hb=a77e3d6e9180c1722a9d18f7717034bb0650a130;hp=9d4cd05f798243f1c366c5d0ad010518703f8554;hpb=4b5a7d721d994a49057e9bfb403c7bff1b376660;p=aaf%2Fauthz.git

diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
index 9d4cd05f..62e1592f 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
@@ -52,28 +52,37 @@ public class DirectAAFUserPass implements CredVal {
 
     @Override
     public boolean validate(String user, Type type, byte[] pass, Object state) {
+    		if(user==null || type==null || pass==null) {
+    			return false;
+    		}
+    	
             try {
                 AuthzTrans trans;
-                if(state !=null) {
-                    if(state instanceof AuthzTrans) {
+                boolean transfer = false;
+                if (state !=null) {
+                    if (state instanceof AuthzTrans) {
                         trans = (AuthzTrans)state;
                     } else {
                         trans = env.newTransNoAvg();
-                        if(state instanceof HttpServletRequest) {
+                        if (state instanceof HttpServletRequest) {
                             trans.set((HttpServletRequest)state);
+                            transfer=true;
                         }
                     }
                 } else {
                     trans = env.newTransNoAvg();
                 }
                 Result<Date> result = question.doesUserCredMatch(trans, user, pass);
-                trans.logAuditTrail(env.info());
+                if(transfer) {
+                	((HttpServletRequest)state).setAttribute("CRED_TAG", trans.getTag());
+                }
+                trans.logAuditTrail(env.debug());
                 switch(result.status) {
                     case OK:
                         return true;
                     default:
-                        String ip = trans.ip()==null?"":(", ip="+trans.ip());
-                        env.warn().log(user, "failed password validation" + ip + ':',result.errorString());
+                        String ip = trans.ip()==null?"":trans.ip();
+                        env.audit().printf("user=%s,tag=%s,ip=%s,msg=\"failed password validation: %s\"",user,trans.getTag(),ip,result.errorString());
                 }
             } catch (DAOException e) {
                 env.error().log(e,"Cannot validate user/pass from cassandra");