- /*
- * Security check for authentication and authorizations.
- */
- public static boolean checkPermissions(String clientEncoding, String requestID,
- String resource) {
- try{
- String[] userNamePass = PolicyUtils.decodeBasicEncoding(clientEncoding);
- if(userNamePass==null || userNamePass.length==0){
- String usernameAndPassword = null;
- byte[] decodedBytes = Base64.getDecoder().decode(clientEncoding);
- usernameAndPassword = new String(decodedBytes, "UTF-8");
- StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
- String username = tokenizer.nextToken();
- String password = tokenizer.nextToken();
- userNamePass= new String[]{username, password};
- }
- LOGGER.info("User " + userNamePass[0] + " is Accessing Policy Engine API.");
- Boolean result = false;
- // Check Backward Compatibility.
- try{
- result = clientAuth(userNamePass);
- }catch(Exception e){
- LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e);
- }
- if(!result){
- String aafPolicyNameSpace = XACMLProperties.getProperty("policy.aaf.namespace");
- String aafResource = XACMLProperties.getProperty("policy.aaf.resource");
- if(!userNamePass[0].contains("@") && aafPolicyNameSpace!= null){
- userNamePass[0] = userNamePass[0] + "@" + aafPolicyNameSpace;
- }else{
- LOGGER.info("No AAF NameSpace specified in properties");
- }
- if(aafResource != null){
- resource = aafResource + resource;
- }else{
- LOGGER.info("No AAF Resource specified in properties");
- }
- LOGGER.info("Contacting AAF in : " + environment);
- result = aafClient.checkAuthPerm(userNamePass[0], userNamePass[1], resource, environment, ".*");
- }
- return result;
- }catch(Exception e){
- LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e);
- return false;
- }
- }
+ /*
+ * Security check for authentication and authorizations.
+ */
+ public static boolean checkPermissions(String clientEncoding, String requestID,
+ String resource) {
+ try{
+ String[] userNamePass = PolicyUtils.decodeBasicEncoding(clientEncoding);
+ if(userNamePass==null || userNamePass.length==0){
+ String usernameAndPassword = null;
+ byte[] decodedBytes = Base64.getDecoder().decode(clientEncoding);
+ usernameAndPassword = new String(decodedBytes, "UTF-8");
+ StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
+ String username = tokenizer.nextToken();
+ String password = tokenizer.nextToken();
+ userNamePass= new String[]{username, password};
+ }
+ LOGGER.info("User " + userNamePass[0] + " is Accessing Policy Engine API.");
+ Boolean result = false;
+ // Check Backward Compatibility.
+ try{
+ result = clientAuth(userNamePass);
+ }catch(Exception e){
+ LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e);
+ }
+ if(!result){
+ String aafPolicyNameSpace = XACMLProperties.getProperty("policy.aaf.namespace");
+ String aafResource = XACMLProperties.getProperty("policy.aaf.root.permission");
+ String type = null;
+ if(!userNamePass[0].contains("@") && aafPolicyNameSpace!= null){
+ userNamePass[0] = userNamePass[0] + "@" + reverseNamespace(aafPolicyNameSpace);
+ }else{
+ LOGGER.info("No AAF NameSpace specified in properties");
+ }
+ if(aafResource != null){
+ type = aafResource + "." + resource;
+ }else{
+ LOGGER.warn("No AAF Resource specified in properties");
+ return false;
+ }
+ LOGGER.info("Contacting AAF in : " + environment);
+ result = aafClient.checkAuthPerm(userNamePass[0], userNamePass[1], type, environment, "*");
+ }
+ return result;
+ }catch(Exception e){
+ LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e);
+ return false;
+ }
+ }