import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
+import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.Hash;
-import org.onap.aaf.cadi.Access.Level;
public class AAFAuthenticationInfo implements AuthenticationInfo {
private static final long serialVersionUID = -1502704556864321020L;
+
+ final static Logger logger = Logger.getLogger(AAFAuthenticationInfo.class);
+
// We assume that Shiro is doing Memory Only, and this salt is not needed cross process
private final static int salt = new SecureRandom().nextInt();
}
@Override
public byte[] getCredentials() {
- access.log(Level.DEBUG, "AAFAuthenticationInfo.getCredentials");
+ logger.debug("AAFAuthenticationInfo.getCredentials");
return hash;
}
@Override
public PrincipalCollection getPrincipals() {
- access.log(Level.DEBUG, "AAFAuthenticationInfo.getPrincipals");
+ logger.debug( "AAFAuthenticationInfo.getPrincipals");
return apc;
}
import java.util.Collection;
import java.util.List;
+import org.apache.log4j.Logger;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Access.Level;
/**
* We treat "roles" and "permissions" in a similar way for first pass.
*
*/
public class AAFAuthorizationInfo implements AuthorizationInfo {
+
+ final static Logger logger = Logger.getLogger(AuthorizationInfo.class);
+
private static final long serialVersionUID = -4805388954462426018L;
private Access access;
private Principal bait;
@Override
public Collection<Permission> getObjectPermissions() {
- access.log(Level.DEBUG, "AAFAuthorizationInfo.getObjectPermissions");
+ logger.debug("AAFAuthorizationInfo.getObjectPermissions");
synchronized(bait) {
if(oPerms == null) {
oPerms = new ArrayList<Permission>();
@Override
public Collection<String> getRoles() {
- access.log(Level.DEBUG, "AAFAuthorizationInfo.getRoles");
+ logger.debug("AAFAuthorizationInfo.getRoles");
// Until we decide to make Roles available, tie into String based permissions.
return getStringPermissions();
}
@Override
public Collection<String> getStringPermissions() {
- access.log(Level.DEBUG, "AAFAuthorizationInfo.getStringPermissions");
+ logger.debug("AAFAuthorizationInfo.getStringPermissions");
synchronized(bait) {
if(sPerms == null) {
sPerms = new ArrayList<String>();
package org.onap.aaf.cadi.shiro;
import java.io.IOException;
+import java.io.PrintStream;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Map.Entry;
import java.util.TreeMap;
+import org.apache.log4j.Logger;
+import org.apache.log4j.PropertyConfigurator;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.onap.aaf.cadi.filter.MapBathConverter;
import org.onap.aaf.cadi.util.CSV;
import org.onap.aaf.misc.env.APIException;
-
public class AAFRealm extends AuthorizingRealm {
+
+ final static Logger logger = Logger.getLogger(AAFRealm.class);
+
public static final String AAF_REALM = "AAFRealm";
private PropAccess access;
access.log(Level.INIT,msg);
throw new RuntimeException(msg);
} else {
+ try {
+ String log4jConfigFile = "./etc/org.onap.cadi.logging.cfg";
+ PropertyConfigurator.configure(log4jConfigFile);
+ System.setOut(createLoggingProxy(System.out));
+ System.setErr(createLoggingProxy(System.err));
+ } catch(Exception e) {
+ e.printStackTrace();
+ }
+ //System.out.println("Configuration done");
try {
acon = AAFCon.newInstance(access);
authn = acon.newAuthn();
if(csv!=null) {
try {
mbc = new MapBathConverter(access, new CSV(csv));
- access.printf(Level.INIT, "MapBathConversion enabled with file %s\n",csv);
+ logger.info("MapBathConversion enabled with file "+csv);
idMap = new TreeMap<String,String>();
// Load
for(Entry<String, String> es : mbc.map().entrySet()) {
idMap.put(oldID,newID);
}
} catch (IOException e) {
- access.log(e);
+ logger.error(e.getMessage(), e);
}
}
} catch (APIException | CadiException | LocatorException e) {
String msg = "Cannot initiate AAFRealm";
- access.log(Level.INIT,msg,e.getMessage());
+ logger.info(msg + " "+ e.getMessage(), e);
throw new RuntimeException(msg,e);
}
}
supports = new HashSet<Class<? extends AuthenticationToken>>();
supports.add(UsernamePasswordToken.class);
}
+ public static PrintStream createLoggingProxy(final PrintStream realPrintStream) {
+ return new PrintStream(realPrintStream) {
+ public void print(final String string) {
+ realPrintStream.print(string);
+ logger.info(string);
+ }
+ };
+ }
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
- access.log(Level.DEBUG, "AAFRealm.doGetAuthenticationInfo",token);
+ logger.debug("AAFRealm.doGetAuthenticationInfo :"+token);
final UsernamePasswordToken upt = (UsernamePasswordToken)token;
final String user = upt.getUsername();
}
}
} catch (IOException e) {
- access.log(e);
+ logger.error(e.getMessage(), e);
}
}
String err;
err = authn.validate(authUser,authPassword);
} catch (IOException e) {
err = "Credential cannot be validated";
- access.log(e, err);
+ logger.error(err, e);
}
if(err != null) {
- access.log(Level.DEBUG, err);
+ logger.debug(err);
throw new AuthenticationException(err);
}
@Override
protected AAFAuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
- access.log(Level.DEBUG, "AAFRealm.doGetAuthenthorizationInfo");
+ logger.debug("AAFRealm.doGetAuthenthorizationInfo");
Principal bait = (Principal)principals.getPrimaryPrincipal();
Principal newBait = bait;
if(idMap!=null) {