X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Faaf%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Faaf%2Fv2_0%2FAAFTaf.java;h=83b66a08c48bedf1384d0c20b24190167ec057a3;hb=de1238abf9c120a1ed2dd07e3bd46d6878c4d6b3;hp=d4d11bbbe1e2438e2be333e147f45362f8a6d49b;hpb=7e5ccdd25e377cfa2dd5850ac3c2c1428c40b078;p=aaf%2Fauthz.git diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java index d4d11bbb..83b66a08 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java @@ -23,8 +23,10 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.io.IOException; import java.security.Principal; + import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; + import org.onap.aaf.cadi.AbsUserCache; import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.CachedPrincipal; @@ -42,28 +44,34 @@ import org.onap.aaf.cadi.client.Future; import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.filter.MapBathConverter; import org.onap.aaf.cadi.principal.BasicPrincipal; import org.onap.aaf.cadi.principal.CachedBasicPrincipal; import org.onap.aaf.cadi.taf.HttpTaf; import org.onap.aaf.cadi.taf.TafResp; import org.onap.aaf.cadi.taf.TafResp.RESP; import org.onap.aaf.cadi.taf.basic.BasicHttpTafResp; +import org.onap.aaf.cadi.util.CSV; import org.onap.aaf.misc.env.APIException; public class AAFTaf extends AbsUserCache implements HttpTaf { private AAFCon aaf; private boolean warn; - + private MapBathConverter mapIds; + public AAFTaf(AAFCon con, boolean turnOnWarning) { super(con.access,con.cleanInterval,con.highCount, con.usageRefreshTriggerCount); aaf = con; warn = turnOnWarning; + initMapBathConverter(); } public AAFTaf(AAFCon con, boolean turnOnWarning, AbsUserCache other) { super(other); aaf = con; warn = turnOnWarning; + initMapBathConverter(); + } // Note: Needed for Creation of this Object with Generics @@ -78,6 +86,19 @@ public class AAFTaf extends AbsUserCache implements HttpT this((AAFCon)mustBeAAFCon,turnOnWarning); } + private void initMapBathConverter() { + String csvFile = access.getProperty(Config.CADI_BATH_CONVERT, null); + if(csvFile==null) { + mapIds=null; + } else { + try { + mapIds = new MapBathConverter(access, new CSV(csvFile)); + } catch (IOException | CadiException e) { + access.log(e,"Bath Map Conversion is not initialzed (non fatal)"); + } + } + + } public TafResp validate(final LifeForm reading, final HttpServletRequest req, final HttpServletResponse resp) { //TODO Do we allow just anybody to validate? @@ -88,6 +109,10 @@ public class AAFTaf extends AbsUserCache implements HttpT if (warn&&!req.isSecure()) { aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel"); } + if(mapIds != null) { + authz = mapIds.convert(access, authz); + } + try { final CachedBasicPrincipal bp; if (req.getUserPrincipal() instanceof CachedBasicPrincipal) {