diff options
Diffstat (limited to 'auth/auth-core')
6 files changed, 51 insertions, 10 deletions
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java index 0256c1bf..920f330f 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java @@ -39,8 +39,8 @@ public interface AuthzTrans extends TransStore { REQD_TYPE(int bit) { this.bit = bit; } - }; - + } + public abstract AuthzTrans set(HttpServletRequest req); public abstract HttpServletRequest hreq(); @@ -76,5 +76,9 @@ public interface AuthzTrans extends TransStore { public abstract void logAuditTrail(LogTarget lt); public abstract Date now(); + + public abstract void setTag(String tag); + + public abstract String getTag(); }
\ No newline at end of file diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java index b08e0240..ec5e70de 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java @@ -85,9 +85,9 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> { } @Override - protected void tallyHo(AuthzTrans trans) { + protected void tallyHo(AuthzTrans trans, String target) { Boolean b = trans.get(specialLogSlot, false); - LogTarget lt = b?trans.warn():trans.info(); + LogTarget lt = b?trans.warn():trans.debug(); if (lt.isLoggable()) { // Transaction is done, now post full Audit Trail @@ -131,8 +131,11 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> { sb.append("user="); Principal p = trans.getUserPrincipal(); if (p==null) { - sb.append("n/a"); + lt=trans.warn(); + sb.append(target); + sb.append("[None]"); } else { + lt=trans.info(); sb.append(p.getName()); if (p instanceof TrustPrincipal) { sb.append('('); @@ -148,6 +151,11 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> { sb.append(']'); } } + String tag = trans.getTag(); + if(tag!=null) { + sb.append(",tag="); + sb.append(tag); + } sb.append(",ip="); sb.append(trans.ip()); sb.append(",port="); @@ -176,7 +184,7 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> { sb.append('"'); } - trans.warn().log(sb); + lt.log(sb); } } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java index ce947be9..a7bb24a5 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java @@ -42,10 +42,12 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans { private Organization org; private int mask; private Date now; + private String tag; public AuthzTransImpl(AuthzEnv env) { super(env); org=null; mask=0; + tag=null; } /** @@ -213,4 +215,18 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans { } return now; } + + /* + * (non-Javadoc) + * @see org.onap.aaf.auth.env.AuthzTrans#setTag(java.lang.String) + */ + @Override + public void setTag(String tag) { + this.tag = tag; + } + + @Override + public String getTag() { + return tag; + } } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java index 94a6aad5..54a8f484 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java @@ -236,5 +236,12 @@ public class NullTrans implements AuthzTrans { } return now; } + @Override + public void setTag(String tag) { + } + @Override + public String getTag() { + return null; + } } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java index d0fc1a3f..92c0fc24 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java @@ -33,6 +33,7 @@ import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.CadiWrap; @@ -88,7 +89,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter { protected abstract TRANS newTrans(HttpServletRequest request); protected abstract TimeTaken start(TRANS trans, ServletRequest request); protected abstract void authenticated(TRANS trans, Principal p); - protected abstract void tallyHo(TRANS trans); + protected abstract void tallyHo(TRANS trans, String target); @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { @@ -98,6 +99,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter { TRANS trans = newTrans(req); TimeTaken overall = start(trans,request); + String target = "n/a"; try { request.setAttribute(TRANS_TAG, trans); @@ -116,6 +118,10 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter { CadiWrap cw = null; try { resp = cadi.validate(req,res,trans); + Object tag = req.getAttribute("CRED_TAG"); + if(tag!=null) { + ((AuthzTrans)trans).setTag(tag.toString()); + } switch(r=resp.isAuthenticated()) { case IS_AUTHENTICATED: cw = new CadiWrap(req,resp,cadi.getLur()); @@ -139,7 +145,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter { // use trans.checkpoint(resp.desc(),Env.ALWAYS); if (resp.isFailedAttempt()) { - trans.audit().log(resp.desc()); + target = resp.getTarget(); } } } catch (Exception e) { @@ -148,7 +154,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter { throw new ServletException(e); } finally { overall.done(); - tallyHo(trans); + tallyHo(trans,target); } } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java index 56eea435..23240cf1 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java @@ -97,7 +97,7 @@ public abstract class AbsServiceStarter<ENV extends RosettaEnv, TRANS extends Tr if(System.getProperty("ECLIPSE", null)!=null) { Thread.sleep(2000); System.out.println("Service Started in Eclipse: "); - System.out.print(" Hit <enter> to end:"); + System.out.print(" Hit <enter> to end\n:"); try { System.in.read(); System.exit(0); |