Fix Bath config issue

author Instrumental <jcgmisc@stl.gathman.org>

Thu, 26 Apr 2018 15:40:44 +0000 (10:40 -0500)

committer Instrumental <jcgmisc@stl.gathman.org>

Thu, 26 Apr 2018 15:40:48 +0000 (10:40 -0500)
author Instrumental <jcgmisc@stl.gathman.org>
Thu, 26 Apr 2018 15:40:44 +0000 (10:40 -0500)
committer Instrumental <jcgmisc@stl.gathman.org>
Thu, 26 Apr 2018 15:40:48 +0000 (10:40 -0500)
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java

index 3634af9..4c03f31 100644 (file)
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
@@ -50,6 +50,7 @@ import org.onap.aaf.auth.dao.cass.ApprovalDAO;
  import org.onap.aaf.auth.dao.cass.CacheInfoDAO;
  import org.onap.aaf.auth.dao.cass.CertDAO;
  import org.onap.aaf.auth.dao.cass.CredDAO;
+import org.onap.aaf.auth.dao.cass.CredDAO.Data;
  import org.onap.aaf.auth.dao.cass.DelegateDAO;
  import org.onap.aaf.auth.dao.cass.FutureDAO;
  import org.onap.aaf.auth.dao.cass.HistoryDAO;
@@ -61,10 +62,9 @@ import org.onap.aaf.auth.dao.cass.PermDAO;
  import org.onap.aaf.auth.dao.cass.RoleDAO;
  import org.onap.aaf.auth.dao.cass.Status;
  import org.onap.aaf.auth.dao.cass.UserRoleDAO;
-import org.onap.aaf.auth.dao.cass.CredDAO.Data;
  import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.env.AuthzTransFilter;
  import org.onap.aaf.auth.env.AuthzTrans.REQD_TYPE;
+import org.onap.aaf.auth.env.AuthzTransFilter;
  import org.onap.aaf.auth.layer.Result;
  import org.onap.aaf.auth.org.Organization;
  import org.onap.aaf.cadi.Hash;
@@ -780,7 +780,7 @@ public class Question {
                                                                                 checkLessThanDays(trans,7,now,cdd);
                                                                                 return Result.ok(cdd.expires);
                                                                         } else if (debug!=null) {
-                                                                               load(debug, cdd,dbcred);
+                                                                               load(debug, cdd);
                                                                         }
                                                                         break;
                                                                 case CredDAO.BASIC_AUTH_SHA256:
@@ -793,7 +793,7 @@ public class Question {
                                                                                 checkLessThanDays(trans,7,now,cdd);
                                                                                 return Result.ok(cdd.expires);
                                                                         } else if (debug!=null) {
-                                                                               load(debug, cdd, dbcred);
+                                                                               load(debug, cdd);
                                                                         }
                                                                         break;
                                                                 default:
@@ -809,14 +809,10 @@ public class Question {
                                         }
                                 } // end for each
                                 if(debug==null) {
-                                       debug=new StringBuilder();
+                                       trans.audit().printf("No cred matches ip=%s, user=%s\n",trans.ip(),user);
                                 } else {
-                                       debug.append(", ");
+                                       trans.audit().printf("No cred matches ip=%s, user=%s %s\n",trans.ip(),user,debug.toString());
                                 }
-                               
-                               debug.append("cred=");
-                               debug.append(new String(cred));
-                               trans.audit().printf("No cred matches ip=%s, user=%s, %s\n",trans.ip(),user,trans.encryptor().encrypt(debug.toString()));
                                 if(expired!=null) {
                                         // Note: this is only returned if there are no good Credentials
                                         rv = Result.err(Status.ERR_Security,
@@ -830,13 +826,11 @@ public class Question {
         }
  
  
-       private void load(StringBuilder debug, Data cdd, byte[] dbcred) {
+       private void load(StringBuilder debug, Data cdd) {
                 debug.append("DB Entry: user=");
                 debug.append(cdd.id);
                 debug.append(",type=");
                 debug.append(cdd.type);
-               debug.append(",cred=");
-               debug.append(Hash.toHex(dbcred));
                 debug.append(",expires=");
                 debug.append(Chrono.dateTime(cdd.expires));
                 debug.append('\n');
diff --git a/auth/auth-hello/pom.xml b/auth/auth-hello/pom.xml

index ddaebff..c465f81 100644 (file)
--- a/auth/auth-hello/pom.xml
+++ b/auth/auth-hello/pom.xml
@@ -49,13 +49,11 @@
                 <dependency>
                         <groupId>org.onap.aaf.authz</groupId>
                         <artifactId>aaf-auth-core</artifactId>
-                       <version>${project.version}</version>
                 </dependency>
  
                 <dependency>
                         <groupId>org.onap.aaf.authz</groupId>
                         <artifactId>aaf-cadi-aaf</artifactId>
-                       <version>${project.version}</version>
                 </dependency>
  
         </dependencies>
@@ -101,7 +99,6 @@
                         <plugin>
                                 <groupId>org.sonatype.plugins</groupId>
                                 <artifactId>nexus-staging-maven-plugin</artifactId>
-                               <version>1.6.7</version>
                                 <extensions>true</extensions>
                                 <configuration>
                                         <nexusUrl>${nexusproxy}</nexusUrl>
@@ -112,7 +109,6 @@
                         <plugin>
                                 <groupId>org.jacoco</groupId>
                                 <artifactId>jacoco-maven-plugin</artifactId>
-                               <version>${jacoco.version}</version>
                                 <configuration>
                                         <excludes>
                                                 <exclude>**/gen/**</exclude>
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java

index 7eb9fd7..b68b445 100644 (file)
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
@@ -52,7 +52,7 @@ public class API_Mgmt {
         private final static String PERM_DB_POOL_CLEAR=Define.ROOT_NS()+".db|pool|clear";
         private final static String PERM_DENY_IP = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|ip";
         private final static String PERM_DENY_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id";
-       private final static String PERM_LOG_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id";
+       private final static String PERM_LOG_ID = Define.ROOT_NS()+".log|" + Define.ROOT_COMPANY() + "|id";
  
         /**
          * Normal Init level APIs
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java

index be1e739..cf5c92d 100644 (file)
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -154,7 +154,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
                 }
                 Miss miss = missMap.get(mkey);
                 if(miss==null) {
-                       missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval));
+                       missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval,key));
                         return true;
                 }
                 return miss.mayContinue(); 
@@ -376,12 +376,17 @@ public abstract class AbsUserCache<PERM extends Permission> {
                                         keys.addAll(missMap.keySet());
                                         for(String key : keys) {
                                                 Miss m = missMap.get(key);
-                                               if(m!=null && m.timestamp<System.currentTimeMillis()) {
-                                                       synchronized(missMap) {
-                                                               missMap.remove(key);
+                                               if(m!=null) {
+                                                       long timeLeft = m.timestamp - System.currentTimeMillis();
+                                                       if(timeLeft<0) {
+                                                               synchronized(missMap) {
+                                                                       missMap.remove(key);
+                                                               }
+                                                               access.log(Level.INFO, m.name, " has been removed from Missed Credential Map (" + m.tries + " invalid tries)");
+                                                               ++miss;
+                                                       } else {
+                                                               access.log(Level.INFO, m.name, " remains in Missed Credential Map (" + m.tries + " invalid tries) for " + (timeLeft/1000) + " more seconds");
                                                         }
-                                                       access.log(Level.INFO, key, "has been removed from Missed Credential Map (" + m.tries + " invalid tries)");
-                                                       ++miss;
                                                 }
                                         }
                                 }
@@ -419,11 +424,14 @@ public abstract class AbsUserCache<PERM extends Permission> {
                 private long timetolive;
  
                 private long tries;
+
+               private final String name;
                 
-               public Miss(byte[] first, long timeInterval) {
+               public Miss(final byte[] first, final long timeInterval, final String name) {
                         timestamp = System.currentTimeMillis() + timeInterval;
                         this.timetolive = timeInterval;
                         tries = 0L;
+                       this.name = name;
                 }
                 
                 
@@ -437,6 +445,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
                         }
                         return true;
                 }
+               
         }
         
         /**
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java

index 26ad758..c4634cf 100644 (file)
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -142,7 +142,7 @@ public class Config {
         public static final String AAF_APPPASS = "aaf_password";
         public static final String AAF_LUR_CLASS = "aaf_lur_class";
         public static final String AAF_TAF_CLASS = "aaf_taf_class";
-       public static final String AAF_TAF_CLASS_DEF = "org.osaaf.cadi.aaf.v2_0.AAFTaf";
+       public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
         public static final String AAF_CONNECTOR_CLASS = "aaf_connector_class";
         public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
         public static final String AAF_CONN_TIMEOUT = "aaf_conn_timeout";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java

index 6a49401..22ba702 100644 (file)
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
@@ -121,6 +121,6 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred {
  
         @Override
         public String personalName() {
-               return null;  // personalName not available with Basic Auth
+               return name;  // personalName not available with Basic Auth
         }
  }
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java

index dee7fc2..1fafe2e 100644 (file)
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
@@ -103,7 +103,7 @@ public class JU_BasicPrincipal {
                 assertTrue(Math.abs(bp.created() - created) < 10);
                 assertThat(bp.toString(), is(expected));
                 assertThat(bp.tag(), is("BAth"));
-               assertThat(bp.personalName(), is(nullValue()));
+               assertThat(bp.personalName(), is(bp.getName()));
  
                 // This test hits the abstract class BearerPrincipal
                 assertThat(bp.getBearer(), is(bearer));
author	Instrumental <jcgmisc@stl.gathman.org>
	Thu, 26 Apr 2018 15:40:44 +0000 (10:40 -0500)
committer	Instrumental <jcgmisc@stl.gathman.org>
	Thu, 26 Apr 2018 15:40:48 +0000 (10:40 -0500)
auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java		patch \| blob \| history
auth/auth-hello/pom.xml		patch \| blob \| history
auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java		patch \| blob \| history
cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java		patch \| blob \| history
cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java		patch \| blob \| history
cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java		patch \| blob \| history
cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java		patch \| blob \| history