mapIds=null;
} else {
try {
- mapIds = new MapBathConverter(access, new CSV(csvFile));
+ mapIds = new MapBathConverter(access, new CSV(access,csvFile));
+ access.log(Level.INIT,"Basic Auth Conversion using",csvFile,"enabled" );
} catch (IOException | CadiException e) {
- access.log(e,"Bath Map Conversion is not initialzed (non fatal)");
+ access.log(e,"Bath Map Conversion is not initialized (non fatal)");
}
}
// Note: Either Carbon or Silicon based LifeForms ok
String authz = req.getHeader("Authorization");
+ String target = "invalid";
if (authz != null && authz.startsWith("Basic ")) {
if (warn&&!req.isSecure()) {
aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
Miss miss = missed(bp.getName(), bp.getCred());
if (miss!=null && !miss.mayContinue()) {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
+ return new BasicHttpTafResp(aaf.access,bp.getName(),buildMsg(bp,req,
"User/Pass Retry limit exceeded"),
RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
}
// Note: AddMiss checks for miss==null, and is part of logic
boolean rv= addMiss(bp.getName(),bp.getCred());
if (rv) {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
+ return new BasicHttpTafResp(aaf.access,bp.getName(),buildMsg(bp,req,
"user/pass combo invalid via AAF from " + req.getRemoteAddr()),
RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
} else {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
+ return new BasicHttpTafResp(aaf.access,bp.getName(),buildMsg(bp,req,
"user/pass combo invalid via AAF from " + req.getRemoteAddr() + " - Retry limit exceeded"),
RESP.FAIL,resp,aaf.getRealm(),true);
}
} catch (IOException e) {
String msg = buildMsg(null,req,"Invalid Auth Token");
aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
- return new BasicHttpTafResp(aaf.access,null,msg, RESP.TRY_AUTHENTICATING, resp, aaf.getRealm(),true);
+ return new BasicHttpTafResp(aaf.access,target,msg, RESP.TRY_AUTHENTICATING, resp, aaf.getRealm(),true);
} catch (Exception e) {
String msg = buildMsg(null,req,"Authenticating Service unavailable");
try {
aaf.access.log(e1, "Error Invalidating Client");
}
aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
- return new BasicHttpTafResp(aaf.access,null,msg, RESP.FAIL, resp, aaf.getRealm(),false);
+ return new BasicHttpTafResp(aaf.access,target,msg, RESP.FAIL, resp, aaf.getRealm(),false);
}
}
- return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
+ return new BasicHttpTafResp(aaf.access,target,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
}
private String buildMsg(Principal pr, HttpServletRequest req, Object... msg) {
if (prin instanceof BasicPrincipal) {
Future<String> fp;
try {
- Rcli<CLIENT> userAAF = aaf.client(Config.AAF_DEFAULT_VERSION).forUser(aaf.transferSS((BasicPrincipal)prin));
+ Rcli<CLIENT> userAAF = aaf.client().forUser(aaf.transferSS((BasicPrincipal)prin));
fp = userAAF.read("/authn/basicAuth", "text/plain");
return fp.get(aaf.timeout)?Resp.REVALIDATED:Resp.UNVALIDATED;
} catch (Exception e) {
Code Review / aaf / authz.git / blobdiff