+++ /dev/null
-Source for "cadi" has been consolidated into "authz" repo as of the Beijing release
+<?xml version="1.0" encoding="UTF-8"?>
<!--
- ============LICENSE_START====================================================
- * org.onap.aaf
- * ===========================================================================
- * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * ===========================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END====================================================
- *
- * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- *
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.onap.aaf.cadi</groupId>
- <artifactId>parent</artifactId>
- <name>aaf-cadi</name>
- <version>1.0.0-SNAPSHOT</version>
- <inceptionYear>2015-07-20</inceptionYear>
+ <artifactId>cadimiscparent</artifactId>
+ <version>2.1.2-SNAPSHOT</version>
+ <name>CADI Misc Modules</name>
<packaging>pom</packaging>
- <url>https://github.com/att/AAF</url>
- <description>CADI</description>
- <licenses>
- <license>
- <name>BSD License</name>
- <url> </url>
- </license>
- </licenses>
- <developers>
- <developer>
- <name>Jonathan Gathman</name>
- <email></email>
- <organization>ATT</organization>
- <organizationUrl></organizationUrl>
- </developer>
- </developers>
-
- <parent>
- <groupId>org.onap.oparent</groupId>
- <artifactId>oparent</artifactId>
- <version>1.1.0</version>
- </parent>
+
+ <parent>
+ <groupId>org.onap.oparent</groupId>
+ <artifactId>oparent</artifactId>
+ <version>1.1.0</version>
+ </parent>
<properties>
- <skipSigning>true</skipSigning>
+ <!-- <sonar.skip>true</sonar.skip> -->
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.innoVersion>1.0.0-SNAPSHOT</project.innoVersion>
- <project.authClientVersion>1.0.0-SNAPSHOT</project.authClientVersion>
- <project.dme2Version>3.1.200</project.dme2Version>
- <!-- version>2.8.5.8</version -->
- <!-- version>2.6.20</version -->
- <!-- version>2.6.29</version -->
- <!-- version>2.8.1</version -->
- <!-- version>2.8.2.5</version -->
- <!-- jetty-version>8.1.7.v20120910</jetty-version -->
- <!-- jetty-version>7.2.0.v20101020</jetty-version -->
- <!-- project.jettyVersion>9.0.3.v20130506</project.jettyVersion -->
- <project.cadiVersion>1.0.0-SNAPSHOT</project.cadiVersion>
-
+ <project.jettyVersion>9.3.9.v20160517</project.jettyVersion>
+ <powermock.version>1.5.1</powermock.version>
<!-- SONAR -->
<jacoco.version>0.7.7.201606060606</jacoco.version>
<sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
<sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
<!-- Default Sonar configuration -->
- <sonar.jacoco.reportPath>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPath>
- <sonar.jacoco.itReportPath>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPath>
+ <sonar.jacoco.reportPaths>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPaths>
+ <sonar.jacoco.itReportPaths>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPaths>
<!-- Note: This list should match jacoco-maven-plugin's exclusion list below -->
<sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions>
<nexusproxy>https://nexus.onap.org</nexusproxy>
<stagingNexusPath>/content/repositories/staging/</stagingNexusPath>
<sitePath>/content/sites/site/org/onap/aaf/cadi/${project.artifactId}/${project.version}</sitePath>
</properties>
+
<!-- ============================================================== -->
<!-- Define the major contributors and developers of CADI -->
<!-- ============================================================== -->
- <contributors>
- <contributor>
+ <developers>
+ <developer>
<name>Jonathan Gathman</name>
- <email></email>
- <timezone>CST</timezone>
- </contributor>
- </contributors>
+ <email>jonathan.gathman@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Architect</role>
+ <role>Lead Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Gabe Maurer</name>
+ <email>gabe.maurer@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Ian Howell</name>
+ <email>ian.howell@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Sai Gandham</name>
+ <email>sai.gandham@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ </developers>
+
<dependencies>
+ <dependency>
+ <groupId>org.mockito</groupId>
+ <artifactId>mockito-all</artifactId>
+ <version>1.9.5</version>
+ <scope>test</scope>
+ </dependency>
+
+ <dependency>
+ <groupId>org.powermock</groupId>
+ <artifactId>powermock-module-junit4</artifactId>
+ <version>${powermock.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.powermock</groupId>
+ <artifactId>powermock-api-mockito</artifactId>
+ <version>${powermock.version}</version>
+ <scope>test</scope>
+ </dependency>
+
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<!-- Define sub-projects (modules) -->
<!-- ============================================================== -->
<modules>
+ <module>shiro</module>
+ <module>shiro-osgi-bundle</module>
</modules>
<!-- ============================================================== -->
<!-- ============================================================== -->
<dependencyManagement>
<dependencies>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-all</artifactId>
- <version>1.9.5</version>
- <scope>test</scope>
+ <dependency>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-auth-client</artifactId>
+ <version>${project.version}</version>
</dependency>
+
<dependency>
<groupId>org.onap.aaf.authz</groupId>
- <artifactId>authz-client</artifactId>
- <version>${project.authClientVersion}</version>
+ <artifactId>aaf-cadi-core</artifactId>
+ <version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-core</artifactId>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-oauth</artifactId>
<version>${project.version}</version>
</dependency>
+
+ <!-- Prevent Cycles in Testing -->
<dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-core</artifactId>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-core</artifactId>
<version>${project.version}</version>
<classifier>tests</classifier>
</dependency>
<dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-cass</artifactId>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-jetty</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-aaf</artifactId>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-cass</artifactId>
<version>${project.version}</version>
- </dependency>
+ </dependency>
- <dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-aaf</artifactId>
+ <dependency>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-aaf</artifactId>
<version>${project.version}</version>
- <classifier>full</classifier>
</dependency>
<dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-client</artifactId>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-aaf</artifactId>
<version>${project.version}</version>
+ <classifier>full</classifier>
</dependency>
<dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-tomcat</artifactId>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-client</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.onap.aaf.cadi</groupId>
- <artifactId>cadi-tguard</artifactId>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-misc-env</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.onap.aaf.inno</groupId>
- <artifactId>env</artifactId>
- <version>${project.innoVersion}</version>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-misc-rosetta</artifactId>
+ <version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.onap.aaf.inno</groupId>
- <artifactId>rosetta</artifactId>
- <version>${project.innoVersion}</version>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-misc-log4j</artifactId>
+ <version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-servlet</artifactId>
- <version>9.0.3.v20130506</version>
+ <version>${project.jettyVersion}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-io</artifactId>
+ <version>${project.jettyVersion}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-security</artifactId>
+ <version>${project.jettyVersion}</version>
</dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-webapp</artifactId>
- <version>9.0.3.v20130506</version>
+ <artifactId>jetty-http</artifactId>
+ <version>${project.jettyVersion}</version>
</dependency>
<dependency>
- <groupId>org.eclipse.jetty.aggregate</groupId>
- <artifactId>jetty-all</artifactId>
- <version>9.0.3.v20130506</version>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-util</artifactId>
+ <version>${project.jettyVersion}</version>
</dependency>
<dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- <version>2.5</version>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-server</artifactId>
+ <version>${project.jettyVersion}</version>
</dependency>
<dependency>
- <groupId>com.att.aft</groupId>
- <artifactId>dme2</artifactId>
- <version>${project.dme2Version}</version>
- <exclusions>
- <exclusion>
- <groupId>org.slf4j</groupId>
- <artifactId>slf4j-log4j12</artifactId>
- </exclusion>
- <exclusion>
- <groupId>log4j</groupId>
- <artifactId>log4j</artifactId>
- </exclusion>
- <exclusion>
- <groupId>com.att.javax.servlet</groupId>
- <artifactId>servlet-api</artifactId>
- </exclusion>
- <exclusion>
- <groupId>javax.mail</groupId>
- <artifactId>mail</artifactId>
- </exclusion>
-
- </exclusions>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <version>3.0.1</version>
</dependency>
<dependency>
<build>
<testSourceDirectory>src/test/java</testSourceDirectory>
<plugins>
-
+ </plugins>
+ <pluginManagement>
+ <plugins>
<plugin>
<inherited>true</inherited>
<groupId>org.apache.maven.plugins</groupId>
<target>1.7</target>
</configuration>
</plugin>
-
+
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<version>2.4</version>
</archive>
</configuration>
</plugin>
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <version>2.17</version>
- <configuration>
- <skipTests>false</skipTests>
- <includes>
- <include>**/JU*.java</include>
- </includes>
- <excludes>
- <!-- <exclude>**/JU_LocalLur.java</exclude> -->
- <!-- <exclude>**/JU_BufferedServletInputStream.java</exclude> -->
- <!--<exclude>**/JU_Passcode.java</exclude> -->
- <!--<exclude>**/JU_XReader.java</exclude> -->
- <exclude>**/JU_CASS.java</exclude>
- <exclude>**/JU_PropertyLocator.java</exclude>
- <exclude>**/JU_PermEval.java</exclude>
- <exclude>**/JU_JMeter.java</exclude>
- <exclude>**/JU_Lur2_0Call.java</exclude>
- </excludes>
- </configuration>
- </plugin>
+ <!-- Define the javadoc plugin -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jarsigner-plugin</artifactId>
- <version>1.2</version>
- <executions>
- <execution>
- <id>sign</id>
- <goals>
- <goal>sign</goal>
- </goals>
- <configuration>
- <!-- skip>${skipSigning}</skip -->
- <archive>target/${project.artifactId}-${project.version}.jar</archive>
- </configuration>
- </execution>
- <execution>
- <id>verify</id>
- <goals>
- <goal>verify</goal>
- </goals>
- <configuration>
- <archive>target/${project.artifactId}-${project.version}.jar</archive>
- </configuration>
- </execution>
- </executions>
+ <artifactId>maven-javadoc-plugin</artifactId>
+ <version>2.10</version>
<configuration>
- <skip>true</skip>
- <alias>cadi</alias>
- <keystore>/Volumes/Data/src/cadi/keys/aaf_cadi.jks</keystore>
- <storepass>Surprise!</storepass>
- <keypass>Surprise!</keypass>
- <verbose>true</verbose>
- <certs>true</certs>
+ <excludePackageNames>org.opendaylight.*</excludePackageNames>
</configuration>
</plugin>
-
-
+
<plugin>
<artifactId>maven-release-plugin</artifactId>
<version>2.5.2</version>
<goals>-s ${mvn.settings} deploy</goals>
</configuration>
</plugin>
-
+
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<version>2.5.5</version>
</plugin>
-
+
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<skip>false</skip>
</configuration>
-
+
</plugin>
-
+
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>2.10</version>
</plugin>
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-javadoc-plugin</artifactId>
- <version>2.10.4</version>
- <configuration>
- <failOnError>false</failOnError>
- </configuration>
- <executions>
- <execution>
- <id>attach-javadocs</id>
- <goals>
- <goal>jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
-
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-source-plugin</artifactId>
- <version>2.2.1</version>
- <executions>
- <execution>
- <id>attach-sources</id>
- <goals>
- <goal>jar-no-fork</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
-
-
-
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>cobertura-maven-plugin</artifactId>
- <version>2.7</version>
- <configuration>
- <formats>
- <format>html</format>
- <format>xml</format>
- </formats>
- </configuration>
- </plugin>
-
- <!--This plugin's configuration is used to store Eclipse m2e settings
+
+ <!-- Maven surefire plugin for testing -->
+ <plugin>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>2.17</version>
+ <configuration>
+ <skipTests>false</skipTests>
+ <includes>
+ <include>**/JU*.java</include>
+ </includes>
+ <excludes>
+ </excludes>
+ </configuration>
+ </plugin>
+
+ <!--This plugin's configuration is used to store Eclipse m2e settings
only. It has no influence on the Maven build itself. -->
<plugin>
<groupId>org.eclipse.m2e</groupId>
</lifecycleMappingMetadata>
</configuration>
</plugin>
- <plugin>
- <groupId>org.sonatype.plugins</groupId>
- <artifactId>nexus-staging-maven-plugin</artifactId>
- <version>1.6.7</version>
- <extensions>true</extensions>
- <configuration>
- <nexusUrl>${nexusproxy}</nexusUrl>
- <stagingProfileId>176c31dfe190a</stagingProfileId>
- <serverId>ecomp-staging</serverId>
- </configuration>
- </plugin>
-
- <plugin>
- <groupId>org.jacoco</groupId>
- <artifactId>jacoco-maven-plugin</artifactId>
- <version>${jacoco.version}</version>
- <configuration>
- <excludes>
- <exclude>**/gen/**</exclude>
- <exclude>**/generated-sources/**</exclude>
- <exclude>**/yang-gen/**</exclude>
- <exclude>**/pax/**</exclude>
- </excludes>
- </configuration>
- <executions>
-
- <execution>
- <id>pre-unit-test</id>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile>
- <propertyName>surefireArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-unit-test</id>
- <phase>test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
- </configuration>
- </execution>
- <execution>
- <id>pre-integration-test</id>
- <phase>pre-integration-test</phase>
- <goals>
- <goal>prepare-agent</goal>
- </goals>
- <configuration>
- <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile>
-
- <propertyName>failsafeArgLine</propertyName>
- </configuration>
- </execution>
-
-
- <execution>
- <id>post-integration-test</id>
- <phase>post-integration-test</phase>
- <goals>
- <goal>report</goal>
- </goals>
- <configuration>
- <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile>
- <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
- </plugins>
+ <plugin>
+ <groupId>org.sonatype.plugins</groupId>
+ <artifactId>nexus-staging-maven-plugin</artifactId>
+ <version>1.6.7</version>
+ <extensions>true</extensions>
+ <configuration>
+ <nexusUrl>${nexusproxy}</nexusUrl>
+ <stagingProfileId>176c31dfe190a</stagingProfileId>
+ <serverId>ecomp-staging</serverId>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.jacoco</groupId>
+ <artifactId>jacoco-maven-plugin</artifactId>
+ <version>${jacoco.version}</version>
+ <configuration>
+ <excludes>
+ <exclude>**/gen/**</exclude>
+ <exclude>**/generated-sources/**</exclude>
+ <exclude>**/yang-gen/**</exclude>
+ <exclude>**/pax/**</exclude>
+ </excludes>
+ </configuration>
+ <executions>
+ <execution>
+ <id>pre-unit-test</id>
+ <goals>
+ <goal>prepare-agent</goal>
+ </goals>
+ <configuration>
+ <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile>
+ <propertyName>surefireArgLine</propertyName>
+ </configuration>
+ </execution>
+ <execution>
+ <id>post-unit-test</id>
+ <phase>test</phase>
+ <goals>
+ <goal>report</goal>
+ </goals>
+ <configuration>
+ <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile>
+ <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
+ </configuration>
+ </execution>
+ <execution>
+ <id>pre-integration-test</id>
+ <phase>pre-integration-test</phase>
+ <goals>
+ <goal>prepare-agent</goal>
+ </goals>
+ <configuration>
+ <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile>
+ <propertyName>failsafeArgLine</propertyName>
+ </configuration>
+ </execution>
+ <execution>
+ <id>post-integration-test</id>
+ <phase>post-integration-test</phase>
+ <goals>
+ <goal>report</goal>
+ </goals>
+ <configuration>
+ <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile>
+ <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </pluginManagement>
</build>
+
<distributionManagement>
<repository>
<id>ecomp-releases</id>
<url>dav:${nexusproxy}${sitePath}</url>
</site>
</distributionManagement>
+
</project>
--- /dev/null
+/target
+/bin/
+/.classpath
+/.settings
+/.project
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <parent>
+ <groupId>org.onap.aaf.cadi</groupId>
+ <artifactId>cadimiscparent</artifactId>
+ <version>2.1.2-SNAPSHOT</version>
+ <relativePath>..</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+
+ <name>AAF Shiro CADI Plugin</name>
+ <artifactId>aaf-shiro-aafrealm-osgi-bundle</artifactId>
+ <packaging>bundle</packaging>
+
+ <properties>
+ <sonar.skip>true</sonar.skip>
+ <cadi.shiro.version>2.1.0</cadi.shiro.version>
+ </properties>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ <version>2.5.4</version>
+ <extensions>true</extensions>
+ <configuration>
+ <instructions>
+ <Bundle-SymbolicName>${project.artifactId}</Bundle-SymbolicName>
+ <Bundle-Version>${project.version}</Bundle-Version>
+ <Export-Package>
+ org.onap.aaf.cadi.shiro*;version=${cadi.shiro.version}
+ </Export-Package>
+ <Import-Package>
+ javax.servlet,
+ javax.servlet.http,
+ org.osgi.service.blueprint;version="[1.0.0,2.0.0)",
+ javax.net.ssl,
+ javax.crypto,
+ javax.crypto.spec,
+ javax.xml.bind.annotation,
+ javax.xml.bind,
+ javax.xml.transform,
+ javax.xml.datatype,
+ javax.management,
+ javax.security.auth,
+ javax.security.auth.login,
+ javax.security.auth.callback,
+ javax.xml.soap,
+ javax.xml.parsers,
+ javax.xml.namespace,
+ org.w3c.dom,
+ org.xml.sax,
+ javax.xml.transform.stream
+ </Import-Package>
+ <Embed-Dependency>*;scope=compile|runtime;inline=false</Embed-Dependency>
+ <!-- <Embed-Dependency>*;scope=compile|runtime;artifactId=!shiro-core;inline=false</Embed-Dependency> -->
+ <Embed-Transitive>true</Embed-Transitive>
+ <Fragment-Host>org.apache.shiro.core</Fragment-Host>
+ </instructions>
+ </configuration>
+ </plugin>
+ </plugins>
+
+
+ </build>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-shiro</artifactId>
+ <version>2.1.0</version>
+ </dependency>
+ </dependencies>
+</project>
\ No newline at end of file
--- /dev/null
+/.classpath
+/.settings/
+/target/
+/.project
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <parent>
+ <groupId>org.onap.aaf.cadi</groupId>
+ <artifactId>cadimiscparent</artifactId>
+ <version>2.1.2-SNAPSHOT</version>
+ <relativePath>..</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <name>AAF CADI Shiro Plugin</name>
+ <packaging>jar</packaging>
+ <artifactId>aaf-cadi-shiro</artifactId>
+
+ <properties>
+ <!-- SONAR -->
+ <sonar.skip>true</sonar.skip>
+ <jacoco.version>0.7.7.201606060606</jacoco.version>
+ <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
+ <sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
+ <!-- Default Sonar configuration -->
+ <sonar.jacoco.reportPaths>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPaths>
+ <sonar.jacoco.itReportPaths>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPaths>
+ <!-- Note: This list should match jacoco-maven-plugin's exclusion list below -->
+ <sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions>
+ <nexusproxy>https://nexus.onap.org</nexusproxy>
+ <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath>
+ <releaseNexusPath>/content/repositories/releases/</releaseNexusPath>
+ <stagingNexusPath>/content/repositories/staging/</stagingNexusPath>
+ <sitePath>/content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version}</sitePath>
+ </properties>
+
+ <developers>
+ <developer>
+ <name>Jonathan Gathman</name>
+ <email>jonathan.gathman@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Architect</role>
+ <role>Lead Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Gabe Maurer</name>
+ <email>gabe.maurer@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Ian Howell</name>
+ <email>ian.howell@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Sai Gandham</name>
+ <email>sai.gandham@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ </developers>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>aaf-cadi-aaf</artifactId>
+ </dependency>
+ <!--<dependency>
+ <groupId>org.apache.shiro</groupId>
+ <artifactId>shiro-core</artifactId>
+ <version>1.4.0</version>
+ </dependency> -->
+
+ <dependency>
+ <groupId>org.apache.shiro</groupId>
+ <artifactId>shiro-core</artifactId>
+ <version>1.3.2</version>
+ </dependency>
+
+ </dependencies>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.sonatype.plugins</groupId>
+ <artifactId>nexus-staging-maven-plugin</artifactId>
+ <extensions>true</extensions>
+ <configuration>
+ <nexusUrl>${nexusproxy}</nexusUrl>
+ <stagingProfileId>176c31dfe190a</stagingProfileId>
+ <serverId>ecomp-staging</serverId>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-deploy-plugin</artifactId>
+ <configuration>
+ <skip>false</skip>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.jacoco</groupId>
+ <artifactId>jacoco-maven-plugin</artifactId>
+ <configuration>
+ <excludes>
+ <exclude>**/gen/**</exclude>
+ <exclude>**/generated-sources/**</exclude>
+ <exclude>**/yang-gen/**</exclude>
+ <exclude>**/pax/**</exclude>
+ </excludes>
+ </configuration>
+ <executions>
+ <execution>
+ <id>pre-unit-test</id>
+ <goals>
+ <goal>prepare-agent</goal>
+ </goals>
+ <configuration>
+ <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile>
+ <propertyName>surefireArgLine</propertyName>
+ </configuration>
+ </execution>
+ <execution>
+ <id>post-unit-test</id>
+ <phase>test</phase>
+ <goals>
+ <goal>report</goal>
+ </goals>
+ <configuration>
+ <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile>
+ <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory>
+ </configuration>
+ </execution>
+ <execution>
+ <id>pre-integration-test</id>
+ <phase>pre-integration-test</phase>
+ <goals>
+ <goal>prepare-agent</goal>
+ </goals>
+ <configuration>
+ <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile>
+ <propertyName>failsafeArgLine</propertyName>
+ </configuration>
+ </execution>
+ <execution>
+ <id>post-integration-test</id>
+ <phase>post-integration-test</phase>
+ <goals>
+ <goal>report</goal>
+ </goals>
+ <configuration>
+ <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile>
+ <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+
+ </build>
+
+ <distributionManagement>
+ <repository>
+ <id>ecomp-releases</id>
+ <name>AAF Release Repository</name>
+ <url>${nexusproxy}${releaseNexusPath}</url>
+ </repository>
+ <snapshotRepository>
+ <id>ecomp-snapshots</id>
+ <name>AAF Snapshot Repository</name>
+ <url>${nexusproxy}${snapshotNexusPath}</url>
+ </snapshotRepository>
+ <site>
+ <id>ecomp-site</id>
+ <url>dav:${nexusproxy}${sitePath}</url>
+ </site>
+ </distributionManagement>
+</project>
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.cadi.shiro;
+
+import java.nio.ByteBuffer;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.Hash;
+import org.onap.aaf.cadi.Access.Level;
+
+public class AAFAuthenticationInfo implements AuthenticationInfo {
+ private static final long serialVersionUID = -1502704556864321020L;
+ // We assume that Shiro is doing Memory Only, and this salt is not needed cross process
+ private final static int salt = new SecureRandom().nextInt();
+
+ private final AAFPrincipalCollection apc;
+ private final byte[] hash;
+ private Access access;
+
+ public AAFAuthenticationInfo(Access access, String username, String password) {
+ this.access = access;
+ apc = new AAFPrincipalCollection(username);
+ hash = getSaltedCred(password);
+ }
+ @Override
+ public byte[] getCredentials() {
+ access.log(Level.DEBUG, "AAFAuthenticationInfo.getCredentials");
+ return hash;
+ }
+
+ @Override
+ public PrincipalCollection getPrincipals() {
+ access.log(Level.DEBUG, "AAFAuthenticationInfo.getPrincipals");
+ return apc;
+ }
+
+ public boolean matches(AuthenticationToken atoken) {
+ if(atoken instanceof UsernamePasswordToken) {
+ UsernamePasswordToken upt = (UsernamePasswordToken)atoken;
+ if(apc.getPrimaryPrincipal().getName().equals(upt.getPrincipal())) {
+ byte[] newhash = getSaltedCred(new String(upt.getPassword()));
+ if(newhash.length==hash.length) {
+ for(int i=0;i<hash.length;++i) {
+ if(hash[i]!=newhash[i]) {
+ return false;
+ }
+ }
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ private byte[] getSaltedCred(String password) {
+ byte[] pbytes = password.getBytes();
+ ByteBuffer bb = ByteBuffer.allocate(pbytes.length+Integer.SIZE/8);
+ bb.asIntBuffer().put(salt);
+ bb.put(password.getBytes());
+ try {
+ return Hash.hashSHA256(bb.array());
+ } catch (NoSuchAlgorithmException e) {
+ return new byte[0]; // should never get here
+ }
+ }
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.cadi.shiro;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.Permission;
+import org.onap.aaf.cadi.Access;
+import org.onap.aaf.cadi.Access.Level;
+
+/**
+ * We treat "roles" and "permissions" in a similar way for first pass.
+ *
+ * @author JonathanGathman
+ *
+ */
+public class AAFAuthorizationInfo implements AuthorizationInfo {
+ private static final long serialVersionUID = -4805388954462426018L;
+ private Access access;
+ private Principal bait;
+ private List<org.onap.aaf.cadi.Permission> pond;
+ private ArrayList<String> sPerms;
+ private ArrayList<Permission> oPerms;
+
+ public AAFAuthorizationInfo(Access access, Principal bait, List<org.onap.aaf.cadi.Permission> pond) {
+ this.access = access;
+ this.bait = bait;
+ this.pond = pond;
+ sPerms=null;
+ oPerms=null;
+ }
+
+ public Principal principal() {
+ return bait;
+ }
+
+ @Override
+ public Collection<Permission> getObjectPermissions() {
+ access.log(Level.DEBUG, "AAFAuthorizationInfo.getObjectPermissions");
+ synchronized(bait) {
+ if(oPerms == null) {
+ oPerms = new ArrayList<Permission>();
+ for(final org.onap.aaf.cadi.Permission p : pond) {
+ oPerms.add(new AAFShiroPermission(p));
+ }
+ }
+ }
+ return oPerms;
+ }
+
+ @Override
+ public Collection<String> getRoles() {
+ access.log(Level.DEBUG, "AAFAuthorizationInfo.getRoles");
+ // Until we decide to make Roles available, tie into String based permissions.
+ return getStringPermissions();
+ }
+
+ @Override
+ public Collection<String> getStringPermissions() {
+ access.log(Level.DEBUG, "AAFAuthorizationInfo.getStringPermissions");
+ synchronized(bait) {
+ if(sPerms == null) {
+ sPerms = new ArrayList<String>();
+ for(org.onap.aaf.cadi.Permission p : pond) {
+ sPerms.add(p.getKey());
+ }
+ }
+ }
+ return sPerms;
+ }
+
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.cadi.shiro;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import org.apache.shiro.subject.PrincipalCollection;
+
+public class AAFPrincipalCollection implements PrincipalCollection {
+ private static final long serialVersionUID = 558246013419818831L;
+ private static final Set<String> realmSet;
+ private final Principal principal;
+ private List<Principal> list=null;
+ private Set<Principal> set=null;
+
+ static {
+ realmSet = new HashSet<String>();
+ realmSet.add(AAFRealm.AAF_REALM);
+ }
+
+ public AAFPrincipalCollection(Principal p) {
+ principal = p;
+ }
+
+ public AAFPrincipalCollection(final String principalName) {
+ principal = new Principal() {
+ private final String name = principalName;
+ @Override
+ public String getName() {
+ return name;
+ }
+ };
+ }
+
+ @Override
+ public Iterator<Principal> iterator() {
+ return null;
+ }
+
+ @Override
+ public List<Principal> asList() {
+ if(list==null) {
+ list = new ArrayList<Principal>();
+ }
+ list.add(principal);
+ return list;
+ }
+
+ @Override
+ public Set<Principal> asSet() {
+ if(set==null) {
+ set = new HashSet<Principal>();
+ }
+ set.add(principal);
+ return set;
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public <T> Collection<T> byType(Class<T> cls) {
+ Collection<T> coll = new ArrayList<T>();
+ if(cls.isAssignableFrom(Principal.class)) {
+ coll.add((T)principal);
+ }
+ return coll;
+ }
+
+ @Override
+ public Collection<Principal> fromRealm(String realm) {
+ if(AAFRealm.AAF_REALM.equals(realm)) {
+ return asList();
+ } else {
+ return new ArrayList<Principal>();
+ }
+ }
+
+ @Override
+ public Principal getPrimaryPrincipal() {
+ return principal;
+ }
+
+ @Override
+ public Set<String> getRealmNames() {
+ return realmSet;
+ }
+
+ @Override
+ public boolean isEmpty() {
+ return principal==null;
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public <T> T oneByType(Class<T> cls) {
+ if(cls.isAssignableFrom(Principal.class)) {
+ return (T)principal;
+ }
+ return null;
+ }
+
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.cadi.shiro;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.onap.aaf.cadi.Access.Level;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.misc.env.APIException;
+
+public class AAFRealm extends AuthorizingRealm {
+ public static final String AAF_REALM = "AAFRealm";
+
+ private PropAccess access;
+ private AAFCon<?> acon;
+ private AAFAuthn<?> authn;
+ private HashSet<Class<? extends AuthenticationToken>> supports;
+ private AAFLurPerm authz;
+
+
+ /**
+ *
+ * There appears to be no configuration objects or references available for CADI to start with.
+ *
+ */
+ public AAFRealm () {
+ access = new PropAccess(); // pick up cadi_prop_files from VM_Args
+ String cadi_prop_files = access.getProperty(Config.CADI_PROP_FILES);
+ if(cadi_prop_files==null) {
+ String msg = Config.CADI_PROP_FILES + " in VM Args is required to initialize AAFRealm.";
+ access.log(Level.INIT,msg);
+ throw new RuntimeException(msg);
+ } else {
+ try {
+ acon = AAFCon.newInstance(access);
+ authn = acon.newAuthn();
+ authz = acon.newLur(authn);
+ } catch (APIException | CadiException | LocatorException e) {
+ String msg = "Cannot initiate AAFRealm";
+ access.log(Level.INIT,msg,e.getMessage());
+ throw new RuntimeException(msg,e);
+ }
+ }
+ supports = new HashSet<Class<? extends AuthenticationToken>>();
+ supports.add(UsernamePasswordToken.class);
+ }
+
+ @Override
+ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+ access.log(Level.DEBUG, "AAFRealm.doGetAuthenticationInfo",token);
+
+ final UsernamePasswordToken upt = (UsernamePasswordToken)token;
+ String password=new String(upt.getPassword());
+ String err;
+ try {
+ err = authn.validate(upt.getUsername(),password);
+ } catch (IOException|CadiException e) {
+ err = "Credential cannot be validated";
+ access.log(e, err);
+ }
+
+ if(err != null) {
+ access.log(Level.DEBUG, err);
+ throw new AuthenticationException(err);
+ }
+
+ return new AAFAuthenticationInfo(
+ access,
+ upt.getUsername(),
+ password
+ );
+ }
+
+ @Override
+ protected void assertCredentialsMatch(AuthenticationToken atoken, AuthenticationInfo ai)throws AuthenticationException {
+ if(ai instanceof AAFAuthenticationInfo) {
+ if(!((AAFAuthenticationInfo)ai).matches(atoken)) {
+ throw new AuthenticationException("Credentials do not match");
+ }
+ } else {
+ throw new AuthenticationException("AuthenticationInfo is not an AAFAuthenticationInfo");
+ }
+ }
+
+
+ @Override
+ protected AAFAuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+ access.log(Level.DEBUG, "AAFRealm.doGetAuthenthorizationInfo");
+ Principal bait = (Principal)principals.getPrimaryPrincipal();
+ List<Permission> pond = new ArrayList<Permission>();
+ authz.fishAll(bait,pond);
+
+ return new AAFAuthorizationInfo(access,bait,pond);
+
+ }
+
+ @Override
+ public boolean supports(AuthenticationToken token) {
+ return supports.contains(token.getClass());
+ }
+
+ @Override
+ public String getName() {
+ return AAF_REALM;
+ }
+
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.cadi.shiro;
+
+import org.apache.shiro.authz.Permission;
+
+public class AAFShiroPermission implements Permission {
+ private org.onap.aaf.cadi.Permission perm;
+ public AAFShiroPermission(org.onap.aaf.cadi.Permission perm) {
+ this.perm = perm;
+ }
+ @Override
+ public boolean implies(Permission sp) {
+ if(sp instanceof AAFShiroPermission) {
+ if(perm.match(((AAFShiroPermission)sp).perm)){
+ return true;
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public String toString() {
+ return perm.toString();
+ }
+
+}
--- /dev/null
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+package org.onap.aaf.cadi.shiro.test;
+
+import java.util.ArrayList;
+
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.Permission;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.junit.Test;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.config.Config;
+import org.onap.aaf.cadi.shiro.AAFRealm;
+import org.onap.aaf.cadi.shiro.AAFShiroPermission;
+
+import junit.framework.Assert;
+
+public class JU_AAFRealm {
+
+ // TODO: Ian - fix this test
+ // @Test
+ // public void test() {
+ // // NOTE This is a live test. This JUnit needs to be built with "Mock"
+ // try {
+ // System.setProperty(Config.CADI_PROP_FILES, "/opt/app/osaaf/etc/org.osaaf.common.props");
+ // TestAAFRealm ar = new TestAAFRealm();
+
+ // UsernamePasswordToken upt = new UsernamePasswordToken("jonathan@people.osaaf.org", "new2You!");
+ // AuthenticationInfo ani = ar.authn(upt);
+
+ // AuthorizationInfo azi = ar.authz(ani.getPrincipals());
+ // // Change this to something YOU have, Sai...
+
+ // testAPerm(true,azi,"org.access","something","*");
+ // testAPerm(false,azi,"org.accessX","something","*");
+ // } catch (Throwable t) {
+ // t.printStackTrace();
+ // Assert.fail();
+ // }
+ // }
+
+ private void testAPerm(boolean expect,AuthorizationInfo azi, String type, String instance, String action) {
+
+ AAFShiroPermission testPerm = new AAFShiroPermission(new AAFPermission(type,instance,action,new ArrayList<String>()));
+
+ boolean any = false;
+ for(Permission p : azi.getObjectPermissions()) {
+ if(p.implies(testPerm)) {
+ any = true;
+ }
+ }
+ if(expect) {
+ Assert.assertTrue(any);
+ } else {
+ Assert.assertFalse(any);
+ }
+
+
+ }
+
+ /**
+ * Note, have to create a derived class, because "doGet"... are protected
+ */
+ private class TestAAFRealm extends AAFRealm {
+ public AuthenticationInfo authn(UsernamePasswordToken upt) {
+ return doGetAuthenticationInfo(upt);
+ }
+ public AuthorizationInfo authz(PrincipalCollection pc) {
+ return doGetAuthorizationInfo(pc);
+ }
+
+ }
+}
# Note that these variables cannot be structured (e.g. : version.release or version.snapshot etc... )\r
# because they are used in Jenkins, whose plug-in doesn't support\r
\r
-major=1\r
-minor=0\r
-patch=0\r
+major=2\r
+minor=1\r
+patch=2\r
\r
base_version=${major}.${minor}.${patch}\r
\r
Code Review / aaf / cadi.git / commitdiff