X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=shiro%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fcadi%2Fshiro%2FAAFRealm.java;h=0fc962f6db39572f15ace1641880afaa1bd199eb;hb=ac7cd3ac1cd79eff3a8e20e23e5a550fb68b8af2;hp=05b4d784dabe258832a726945b7a14f6268f9066;hpb=b59c1784147d4ecd7d1a1b9b185ea62641b2ba31;p=aaf%2Fcadi.git

diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java
index 05b4d78..0fc962f 100644
--- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java
+++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java
@@ -21,6 +21,7 @@
 package org.onap.aaf.cadi.shiro;
 
 import java.io.IOException;
+import java.io.PrintStream;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.HashSet;
@@ -29,6 +30,8 @@ import java.util.Map;
 import java.util.Map.Entry;
 import java.util.TreeMap;
 
+
+import org.apache.log4j.PropertyConfigurator;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
@@ -48,8 +51,13 @@ import org.onap.aaf.cadi.config.Config;
 import org.onap.aaf.cadi.filter.MapBathConverter;
 import org.onap.aaf.cadi.util.CSV;
 import org.onap.aaf.misc.env.APIException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public class AAFRealm extends AuthorizingRealm {
+	
+	final static  Logger logger =  LoggerFactory.getLogger(AAFRealm.class);
+	
 	public static final String AAF_REALM = "AAFRealm";
 	
 	private PropAccess access;
@@ -73,7 +81,7 @@ public class AAFRealm extends AuthorizingRealm {
 		String cadi_prop_files = access.getProperty(Config.CADI_PROP_FILES);
 		if(cadi_prop_files==null) {
 			String msg = Config.CADI_PROP_FILES + " in VM Args is required to initialize AAFRealm.";
-			access.log(Level.INIT,msg);
+			logger.info(msg);
 			throw new RuntimeException(msg);
 		} else {
 			try {
@@ -85,7 +93,7 @@ public class AAFRealm extends AuthorizingRealm {
 				if(csv!=null) {
 					try {
 						mbc = new MapBathConverter(access, new CSV(csv));
-						access.printf(Level.INIT, "MapBathConversion enabled with file %s\n",csv);
+						logger.info("MapBathConversion enabled with file "+csv);
 						idMap = new TreeMap<String,String>();
 						// Load 
 						for(Entry<String, String> es : mbc.map().entrySet()) {
@@ -106,14 +114,15 @@ public class AAFRealm extends AuthorizingRealm {
 								}
 							}
 							idMap.put(oldID,newID);
+							
 						}
 					} catch (IOException e) {
-						access.log(e);
+						logger.info(e.getMessage(), e);
 					}
 				}
 			} catch (APIException | CadiException | LocatorException e) {
 				String msg = "Cannot initiate AAFRealm";
-				access.log(Level.INIT,msg,e.getMessage());
+				logger.info(msg + " "+ e.getMessage(), e);
 				throw new RuntimeException(msg,e);
 			}
 		}
@@ -123,8 +132,7 @@ public class AAFRealm extends AuthorizingRealm {
 
 	@Override
 	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
-		access.log(Level.DEBUG, "AAFRealm.doGetAuthenticationInfo",token);
-		
+		logger.info("AAFRealm.doGetAuthenticationInfo :"+token);
 		final UsernamePasswordToken upt = (UsernamePasswordToken)token;
 		final String user = upt.getUsername();
 		String authUser = user; 
@@ -139,11 +147,13 @@ public class AAFRealm extends AuthorizingRealm {
 					int colon = bath.indexOf(':');
 					if(colon>=0) {
 						authUser = bath.substring(0, colon);
-						authPassword = bath.substring(colon+1);
+						authPassword = bath.substring(colon+1);	
 					}
 				}
 			} catch (IOException e) {
-				access.log(e);
+
+				logger.info(e.getMessage(), e);
+
 			} 
 		}
 		String err;
@@ -151,11 +161,11 @@ public class AAFRealm extends AuthorizingRealm {
 			err = authn.validate(authUser,authPassword);
 		} catch (IOException e) {
 			err = "Credential cannot be validated";
-			access.log(e, err);
+			logger.info(e.getMessage(), e);
 		}
 		
 		if(err != null) {
-			access.log(Level.DEBUG, err);
+			logger.info(err);
 			throw new AuthenticationException(err);
 		}
 
@@ -168,23 +178,29 @@ public class AAFRealm extends AuthorizingRealm {
 
 	@Override
 	protected void assertCredentialsMatch(AuthenticationToken atoken, AuthenticationInfo ai)throws AuthenticationException {
+		
 		if(ai instanceof AAFAuthenticationInfo) {
 			if(!((AAFAuthenticationInfo)ai).matches(atoken)) {
 				throw new AuthenticationException("Credentials do not match");
+
 			}
+			
 		} else {
 			throw new AuthenticationException("AuthenticationInfo is not an AAFAuthenticationInfo");
+		
 		}
 	}
 
 
+
+
 	@Override
 	protected AAFAuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-		access.log(Level.DEBUG, "AAFRealm.doGetAuthenthorizationInfo");
 		Principal bait = (Principal)principals.getPrimaryPrincipal();
 		Principal newBait = bait;
 		if(idMap!=null) {
 			final String newID = idMap.get(bait.getName());
+			logger.info("Successful authentication attempt by " +bait.getName()); 
 			if(newID!=null) {
 				newBait = new Principal() {
 					@Override
@@ -196,7 +212,6 @@ public class AAFRealm extends AuthorizingRealm {
 		}
 		List<Permission> pond = new ArrayList<>();
 		authz.fishAll(newBait,pond);
-		
 		return new AAFAuthorizationInfo(access,bait,pond);
        
 	}