X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Fcore%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Ffilter%2FCadiApiEnforcementFilter.java;h=292f8e1cd4f23aed77afe47625a1fb56507b51fd;hb=refs%2Fchanges%2F38%2F92938%2F1;hp=e32b30d057c0704432b36a0d9470fa1f678b0749;hpb=321dce367d74092a0ba09930c3aa526abdbd5da8;p=aaf%2Fauthz.git diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java index e32b30d0..292f8e1c 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java @@ -45,92 +45,92 @@ import org.onap.aaf.cadi.util.Split; * @author Instrumental(Jonathan) */ public class CadiApiEnforcementFilter implements Filter { - private String type; - private Map> publicPaths; - private Access access; - - - public CadiApiEnforcementFilter(Access access, String enforce) throws ServletException { - this.access = access; - init(enforce); - } + private String type; + private Map> publicPaths; + private Access access; + + + public CadiApiEnforcementFilter(Access access, String enforce) throws ServletException { + this.access = access; + init(enforce); + } - @Override - public void init(FilterConfig fc) throws ServletException { - init(fc.getInitParameter(Config.CADI_API_ENFORCEMENT)); + @Override + public void init(FilterConfig fc) throws ServletException { + init(fc.getInitParameter(Config.CADI_API_ENFORCEMENT)); // need the Context for Logging, instantiating ClassLoader, etc ServletContextAccess sca=new ServletContextAccess(fc); if (access==null) { access = sca; } - } - - private void init(final String ptypes) throws ServletException { - if(ptypes==null) { - throw new ServletException("CadiApiEnforcement requires " + Config.CADI_API_ENFORCEMENT + " property"); - } - String[] full = Split.splitTrim(';', ptypes); - if(full.length==0) { - throw new ServletException(Config.CADI_API_ENFORCEMENT + " property is empty"); - } - if(full.length>0) { - type=full[0]; - } - publicPaths = new TreeMap>(); - if(full.length>1) { - for(int i=1;i ls = publicPaths.get(pubArray[0]); - if(ls==null) { - ls = new ArrayList(); - publicPaths.put(pubArray[0], ls); - } - ls.add(pubArray[1]); - } - } - } - } + } + + private void init(final String ptypes) throws ServletException { + if(ptypes==null) { + throw new ServletException("CadiApiEnforcement requires " + Config.CADI_API_ENFORCEMENT + " property"); + } + String[] full = Split.splitTrim(';', ptypes); + if(full.length==0) { + throw new ServletException(Config.CADI_API_ENFORCEMENT + " property is empty"); + } + if(full.length>0) { + type=full[0]; + } + publicPaths = new TreeMap>(); + if(full.length>1) { + for(int i=1;i ls = publicPaths.get(pubArray[0]); + if(ls==null) { + ls = new ArrayList(); + publicPaths.put(pubArray[0], ls); + } + ls.add(pubArray[1]); + } + } + } + } - @Override - public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException { - HttpServletRequest hreq = (HttpServletRequest)req; - final String meth = hreq.getMethod(); - String path = hreq.getContextPath()+hreq.getPathInfo(); - - if(path == null || path.isEmpty() || "null".equals(path)) - path = hreq.getRequestURI().substring(hreq.getContextPath().length()); - - List list = publicPaths.get(meth); - if(list!=null) { - for( String p : publicPaths.get(meth)) { - if(path.startsWith(p)) { - access.printf(Level.INFO, "%s accessed public API %s %s\n", - hreq.getUserPrincipal().getName(), - meth, - path); - fc.doFilter(req, resp); - return; - } - } - } - if(hreq.isUserInRole(type + '|'+path+'|'+meth)) { - access.printf(Level.INFO, "%s is allowed access to %s %s\n", - hreq.getUserPrincipal().getName(), - meth, - path); - fc.doFilter(req, resp); - } else { - access.printf(Level.AUDIT, "%s is denied access to %s %s\n", - hreq.getUserPrincipal().getName(), - meth, - path); - } - } + @Override + public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException { + HttpServletRequest hreq = (HttpServletRequest)req; + final String meth = hreq.getMethod(); + String path = hreq.getContextPath()+hreq.getPathInfo(); + + if(path == null || path.isEmpty() || "null".equals(path)) + path = hreq.getRequestURI().substring(hreq.getContextPath().length()); + + List list = publicPaths.get(meth); + if(list!=null) { + for( String p : publicPaths.get(meth)) { + if(path.startsWith(p)) { + access.printf(Level.INFO, "%s accessed public API %s %s\n", + hreq.getUserPrincipal().getName(), + meth, + path); + fc.doFilter(req, resp); + return; + } + } + } + if(hreq.isUserInRole(type + '|'+path+'|'+meth)) { + access.printf(Level.INFO, "%s is allowed access to %s %s\n", + hreq.getUserPrincipal().getName(), + meth, + path); + fc.doFilter(req, resp); + } else { + access.printf(Level.AUDIT, "%s is denied access to %s %s\n", + hreq.getUserPrincipal().getName(), + meth, + path); + } + } - @Override - public void destroy() { - } + @Override + public void destroy() { + } }