summaryrefslogtreecommitdiffstats
path: root/auth/auth-core
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-core')
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java8
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java16
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java16
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java7
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java12
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java2
6 files changed, 51 insertions, 10 deletions
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
index 0256c1bf..920f330f 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
@@ -39,8 +39,8 @@ public interface AuthzTrans extends TransStore {
REQD_TYPE(int bit) {
this.bit = bit;
}
- };
-
+ }
+
public abstract AuthzTrans set(HttpServletRequest req);
public abstract HttpServletRequest hreq();
@@ -76,5 +76,9 @@ public interface AuthzTrans extends TransStore {
public abstract void logAuditTrail(LogTarget lt);
public abstract Date now();
+
+ public abstract void setTag(String tag);
+
+ public abstract String getTag();
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
index b08e0240..ec5e70de 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
@@ -85,9 +85,9 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> {
}
@Override
- protected void tallyHo(AuthzTrans trans) {
+ protected void tallyHo(AuthzTrans trans, String target) {
Boolean b = trans.get(specialLogSlot, false);
- LogTarget lt = b?trans.warn():trans.info();
+ LogTarget lt = b?trans.warn():trans.debug();
if (lt.isLoggable()) {
// Transaction is done, now post full Audit Trail
@@ -131,8 +131,11 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> {
sb.append("user=");
Principal p = trans.getUserPrincipal();
if (p==null) {
- sb.append("n/a");
+ lt=trans.warn();
+ sb.append(target);
+ sb.append("[None]");
} else {
+ lt=trans.info();
sb.append(p.getName());
if (p instanceof TrustPrincipal) {
sb.append('(');
@@ -148,6 +151,11 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> {
sb.append(']');
}
}
+ String tag = trans.getTag();
+ if(tag!=null) {
+ sb.append(",tag=");
+ sb.append(tag);
+ }
sb.append(",ip=");
sb.append(trans.ip());
sb.append(",port=");
@@ -176,7 +184,7 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> {
sb.append('"');
}
- trans.warn().log(sb);
+ lt.log(sb);
}
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
index ce947be9..a7bb24a5 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
@@ -42,10 +42,12 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
private Organization org;
private int mask;
private Date now;
+ private String tag;
public AuthzTransImpl(AuthzEnv env) {
super(env);
org=null;
mask=0;
+ tag=null;
}
/**
@@ -213,4 +215,18 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
}
return now;
}
+
+ /*
+ * (non-Javadoc)
+ * @see org.onap.aaf.auth.env.AuthzTrans#setTag(java.lang.String)
+ */
+ @Override
+ public void setTag(String tag) {
+ this.tag = tag;
+ }
+
+ @Override
+ public String getTag() {
+ return tag;
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
index 94a6aad5..54a8f484 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
@@ -236,5 +236,12 @@ public class NullTrans implements AuthzTrans {
}
return now;
}
+ @Override
+ public void setTag(String tag) {
+ }
+ @Override
+ public String getTag() {
+ return null;
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
index d0fc1a3f..92c0fc24 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
@@ -33,6 +33,7 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.CadiWrap;
@@ -88,7 +89,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter {
protected abstract TRANS newTrans(HttpServletRequest request);
protected abstract TimeTaken start(TRANS trans, ServletRequest request);
protected abstract void authenticated(TRANS trans, Principal p);
- protected abstract void tallyHo(TRANS trans);
+ protected abstract void tallyHo(TRANS trans, String target);
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
@@ -98,6 +99,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter {
TRANS trans = newTrans(req);
TimeTaken overall = start(trans,request);
+ String target = "n/a";
try {
request.setAttribute(TRANS_TAG, trans);
@@ -116,6 +118,10 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter {
CadiWrap cw = null;
try {
resp = cadi.validate(req,res,trans);
+ Object tag = req.getAttribute("CRED_TAG");
+ if(tag!=null) {
+ ((AuthzTrans)trans).setTag(tag.toString());
+ }
switch(r=resp.isAuthenticated()) {
case IS_AUTHENTICATED:
cw = new CadiWrap(req,resp,cadi.getLur());
@@ -139,7 +145,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter {
// use
trans.checkpoint(resp.desc(),Env.ALWAYS);
if (resp.isFailedAttempt()) {
- trans.audit().log(resp.desc());
+ target = resp.getTarget();
}
}
} catch (Exception e) {
@@ -148,7 +154,7 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter {
throw new ServletException(e);
} finally {
overall.done();
- tallyHo(trans);
+ tallyHo(trans,target);
}
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
index 56eea435..23240cf1 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
@@ -97,7 +97,7 @@ public abstract class AbsServiceStarter<ENV extends RosettaEnv, TRANS extends Tr
if(System.getProperty("ECLIPSE", null)!=null) {
Thread.sleep(2000);
System.out.println("Service Started in Eclipse: ");
- System.out.print(" Hit <enter> to end:");
+ System.out.print(" Hit <enter> to end\n:");
try {
System.in.read();
System.exit(0);