2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.env;
24 import java.security.Principal;
26 import javax.servlet.ServletRequest;
27 import javax.servlet.http.HttpServletRequest;
29 import org.onap.aaf.auth.rserv.TransFilter;
30 import org.onap.aaf.cadi.CadiException;
31 import org.onap.aaf.cadi.Connector;
32 import org.onap.aaf.cadi.TrustChecker;
33 import org.onap.aaf.cadi.principal.TaggedPrincipal;
34 import org.onap.aaf.cadi.principal.TrustPrincipal;
35 import org.onap.aaf.misc.env.Env;
36 import org.onap.aaf.misc.env.LogTarget;
37 import org.onap.aaf.misc.env.Slot;
38 import org.onap.aaf.misc.env.TimeTaken;
39 import org.onap.aaf.misc.env.Trans.Metric;
41 public class AuthzTransFilter extends TransFilter<AuthzTrans> {
43 public Metric serviceMetric;
44 public static Slot transIDslot,specialLogSlot;
46 public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
47 public static final String SPECIAL_LOG_SLOT = "SPECIAL_LOG_SLOT";
49 public static final int BUCKETSIZE = 2;
51 public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException {
52 super(env.access(),con, tc, additionalTafLurs);
54 serviceMetric = new Metric();
55 serviceMetric.buckets = new float[BUCKETSIZE];
56 if(transIDslot==null) {
57 transIDslot = env.slot(TRANS_ID_SLOT);
59 if(specialLogSlot==null) {
60 specialLogSlot = env.slot(SPECIAL_LOG_SLOT);
65 protected AuthzTrans newTrans(HttpServletRequest req) {
66 AuthzTrans at = env.newTrans();
73 protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
74 trans.set((HttpServletRequest)request);
75 return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
76 " IP: " + trans.ip() +
77 " Port: " + trans.port()
82 protected void authenticated(AuthzTrans trans, Principal p) {
83 trans.setUser((TaggedPrincipal)p); // We only work with TaggedPrincipals in Authz
87 protected void tallyHo(AuthzTrans trans) {
88 Boolean b = trans.get(specialLogSlot, false);
89 LogTarget lt = b?trans.warn():trans.info();
92 // Transaction is done, now post full Audit Trail
93 StringBuilder sb = new StringBuilder("AuditTrail\n");
94 // We'll grabAct sub-metrics for Remote Calls and JSON
95 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
96 Metric m = trans.auditTrail(lt,1, sb, Env.REMOTE,Env.JSON);
98 // Add current Metrics to total metrics
99 serviceMetric.total+= m.total;
100 for(int i=0;i<serviceMetric.buckets.length;++i) {
101 serviceMetric.buckets[i]+=m.buckets[i];
105 if((tsi=trans.get(transIDslot, null))!=null) {
106 sb.append(" TraceID=");
107 sb.append(Long.toHexString(tsi));
111 sb.append(" Total: ");
113 sb.append(" Remote: ");
114 sb.append(m.buckets[0]);
115 sb.append(" JSON: ");
116 sb.append(m.buckets[1]);
120 // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
121 StringBuilder content = new StringBuilder();
122 Metric m = trans.auditTrail(lt,1, content, Env.REMOTE,Env.JSON);
123 // Add current Metrics to total metrics
124 serviceMetric.total+= m.total;
125 for(int i=0;i<serviceMetric.buckets.length;++i) {
126 serviceMetric.buckets[i]+=m.buckets[i];
129 StringBuilder sb = new StringBuilder();
131 Principal p = trans.getUserPrincipal();
135 sb.append(p.getName());
136 if(p instanceof TrustPrincipal) {
138 sb.append(((TrustPrincipal)p).personalName()); // UserChain
142 if(p instanceof TaggedPrincipal) {
143 sb.append(((TaggedPrincipal)p).tag());
145 sb.append(p.getClass().getSimpleName());
151 sb.append(trans.ip());
153 sb.append(trans.port());
154 // Current code won't ever get here... Always does a Full Audit Trail
156 // if((tsi=trans.get(transIDslot, null))!=null) {
157 // sb.append(",TraceID=");
158 // sb.append(Long.toHexString(tsi));
163 sb.append(trans.meth());
165 sb.append(trans.path());
167 if(content.length()>0) {
168 sb.append(",msg=\"");
169 int start = content.lastIndexOf(",msg=\"");
171 sb.append(content,start+6,content.length()-1);
178 trans.warn().log(sb);