X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=cadi%2Fcore%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Ftaf%2Fbasic%2FBasicHttpTaf.java;h=d5f6b032e359266a817fa2e4c0896079b2549db0;hb=7e966914050e66219689001ff4ab601a49eef0ac;hp=21830b01d38af1baf3924dd58378875a771f2ad1;hpb=ead32f193586e39b59bb366bddf70e665173a52d;p=aaf%2Fauthz.git

diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
index 21830b01..d5f6b032 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
@@ -85,23 +85,23 @@ public class BasicHttpTaf implements HttpTaf {
      */
     public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
         // See if Request implements BasicCred (aka CadiWrap or other), and if User/Pass has already been set separately
-        if(req instanceof BasicCred) {
+        if (req instanceof BasicCred) {
             BasicCred bc = (BasicCred)req;
-            if(bc.getUser()!=null) { // CadiWrap, if set, makes sure User & Password are both valid, or both null
-                if(DenialOfServiceTaf.isDeniedID(bc.getUser())!=null) {
+            if (bc.getUser()!=null) { // CadiWrap, if set, makes sure User & Password are both valid, or both null
+                if (DenialOfServiceTaf.isDeniedID(bc.getUser())!=null) {
                     return DenialOfServiceTaf.respDenyID(access,bc.getUser());
                 }
                 CachedBasicPrincipal bp = new CachedBasicPrincipal(this,bc,realm,timeToLive);
                 
                 // Be able to do Organizational specific lookups by Domain
                 CredVal cv = rbacs.get(bp.getDomain());
-                if(cv==null) {
+                if (cv==null) {
                     cv = rbac;
                 }
                 
                 // ONLY FOR Last Ditch DEBUGGING... 
                 // access.log(Level.WARN,bp.getName() + ":" + new String(bp.getCred()));
-                if(cv.validate(bp.getName(),Type.PASSWORD,bp.getCred(),req)) {
+                if (cv.validate(bp.getName(),Type.PASSWORD,bp.getCred(),req)) {
                     return new BasicHttpTafResp(access,bp,bp.getName()+" authenticated by password",RESP.IS_AUTHENTICATED,resp,realm,false);
                 } else {
                     //TODO may need timed retries in a given time period
@@ -112,25 +112,25 @@ public class BasicHttpTaf implements HttpTaf {
         }
         // Get User/Password from Authorization Header value
         String authz = req.getHeader("Authorization");
-        if(authz != null && authz.startsWith("Basic ")) {
-            if(warn&&!req.isSecure()) {
+        if (authz != null && authz.startsWith("Basic ")) {
+            if (warn&&!req.isSecure()) {
                 access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
             }
             try {
                 CachedBasicPrincipal ba = new CachedBasicPrincipal(this,authz,realm,timeToLive);
-                if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
+                if (DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
                     return DenialOfServiceTaf.respDenyID(access,ba.getName());
                 }
                 
                 final int at = ba.getName().indexOf('@');
                 CredVal cv = rbacs.get(ba.getName().substring(at+1));
-                if(cv==null) { 
+                if (cv==null) { 
                     cv = rbac; // default
                 }
 
                 // ONLY FOR Last Ditch DEBUGGING... 
                 // access.log(Level.WARN,ba.getName() + ":" + new String(ba.getCred()));
-                if(cv.validate(ba.getName(), Type.PASSWORD, ba.getCred(), req)) {
+                if (cv.validate(ba.getName(), Type.PASSWORD, ba.getCred(), req)) {
                     return new BasicHttpTafResp(access,ba, ba.getName()+" authenticated by BasicAuth password",RESP.IS_AUTHENTICATED,resp,realm,false);
                 } else {
                     //TODO may need timed retries in a given time period
@@ -148,7 +148,7 @@ public class BasicHttpTaf implements HttpTaf {
     
     protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
         StringBuilder sb = new StringBuilder();
-        if(pr!=null) {
+        if (pr!=null) {
             sb.append("user=");
             sb.append(pr.getName());
             sb.append(',');
@@ -157,9 +157,9 @@ public class BasicHttpTaf implements HttpTaf {
         sb.append(req.getRemoteAddr());
         sb.append(",port=");
         sb.append(req.getRemotePort());
-        if(msg.length>0) {
+        if (msg.length>0) {
             sb.append(",msg=\"");
-            for(Object s : msg) {
+            for (Object s : msg) {
                 sb.append(s.toString());
             }
             sb.append('"');
@@ -173,7 +173,7 @@ public class BasicHttpTaf implements HttpTaf {
 
     public CredVal getCredVal(String key) {
         CredVal cv = rbacs.get(key);
-        if(cv==null) {
+        if (cv==null) {
             cv = rbac;
         }
         return cv;
@@ -181,9 +181,9 @@ public class BasicHttpTaf implements HttpTaf {
     
     @Override
     public Resp revalidate(CachedPrincipal prin, Object state) {
-        if(prin instanceof BasicPrincipal) {
+        if (prin instanceof BasicPrincipal) {
             BasicPrincipal ba = (BasicPrincipal)prin;
-            if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
+            if (DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
                 return Resp.UNVALIDATED;
             }
             return rbac.validate(ba.getName(), Type.PASSWORD, ba.getCred(), state)?Resp.REVALIDATED:Resp.UNVALIDATED;