diff options
Diffstat (limited to 'auth')
3 files changed, 8 insertions, 18 deletions
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 3634af97..4c03f313 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -50,6 +50,7 @@ import org.onap.aaf.auth.dao.cass.ApprovalDAO; import org.onap.aaf.auth.dao.cass.CacheInfoDAO; import org.onap.aaf.auth.dao.cass.CertDAO; import org.onap.aaf.auth.dao.cass.CredDAO; +import org.onap.aaf.auth.dao.cass.CredDAO.Data; import org.onap.aaf.auth.dao.cass.DelegateDAO; import org.onap.aaf.auth.dao.cass.FutureDAO; import org.onap.aaf.auth.dao.cass.HistoryDAO; @@ -61,10 +62,9 @@ import org.onap.aaf.auth.dao.cass.PermDAO; import org.onap.aaf.auth.dao.cass.RoleDAO; import org.onap.aaf.auth.dao.cass.Status; import org.onap.aaf.auth.dao.cass.UserRoleDAO; -import org.onap.aaf.auth.dao.cass.CredDAO.Data; import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.env.AuthzTransFilter; import org.onap.aaf.auth.env.AuthzTrans.REQD_TYPE; +import org.onap.aaf.auth.env.AuthzTransFilter; import org.onap.aaf.auth.layer.Result; import org.onap.aaf.auth.org.Organization; import org.onap.aaf.cadi.Hash; @@ -780,7 +780,7 @@ public class Question { checkLessThanDays(trans,7,now,cdd); return Result.ok(cdd.expires); } else if (debug!=null) { - load(debug, cdd,dbcred); + load(debug, cdd); } break; case CredDAO.BASIC_AUTH_SHA256: @@ -793,7 +793,7 @@ public class Question { checkLessThanDays(trans,7,now,cdd); return Result.ok(cdd.expires); } else if (debug!=null) { - load(debug, cdd, dbcred); + load(debug, cdd); } break; default: @@ -809,14 +809,10 @@ public class Question { } } // end for each if(debug==null) { - debug=new StringBuilder(); + trans.audit().printf("No cred matches ip=%s, user=%s\n",trans.ip(),user); } else { - debug.append(", "); + trans.audit().printf("No cred matches ip=%s, user=%s %s\n",trans.ip(),user,debug.toString()); } - - debug.append("cred="); - debug.append(new String(cred)); - trans.audit().printf("No cred matches ip=%s, user=%s, %s\n",trans.ip(),user,trans.encryptor().encrypt(debug.toString())); if(expired!=null) { // Note: this is only returned if there are no good Credentials rv = Result.err(Status.ERR_Security, @@ -830,13 +826,11 @@ public class Question { } - private void load(StringBuilder debug, Data cdd, byte[] dbcred) { + private void load(StringBuilder debug, Data cdd) { debug.append("DB Entry: user="); debug.append(cdd.id); debug.append(",type="); debug.append(cdd.type); - debug.append(",cred="); - debug.append(Hash.toHex(dbcred)); debug.append(",expires="); debug.append(Chrono.dateTime(cdd.expires)); debug.append('\n'); diff --git a/auth/auth-hello/pom.xml b/auth/auth-hello/pom.xml index ddaebff3..c465f818 100644 --- a/auth/auth-hello/pom.xml +++ b/auth/auth-hello/pom.xml @@ -49,13 +49,11 @@ <dependency> <groupId>org.onap.aaf.authz</groupId> <artifactId>aaf-auth-core</artifactId> - <version>${project.version}</version> </dependency> <dependency> <groupId>org.onap.aaf.authz</groupId> <artifactId>aaf-cadi-aaf</artifactId> - <version>${project.version}</version> </dependency> </dependencies> @@ -101,7 +99,6 @@ <plugin> <groupId>org.sonatype.plugins</groupId> <artifactId>nexus-staging-maven-plugin</artifactId> - <version>1.6.7</version> <extensions>true</extensions> <configuration> <nexusUrl>${nexusproxy}</nexusUrl> @@ -112,7 +109,6 @@ <plugin> <groupId>org.jacoco</groupId> <artifactId>jacoco-maven-plugin</artifactId> - <version>${jacoco.version}</version> <configuration> <excludes> <exclude>**/gen/**</exclude> diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java index 7eb9fd7b..b68b445c 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java @@ -52,7 +52,7 @@ public class API_Mgmt { private final static String PERM_DB_POOL_CLEAR=Define.ROOT_NS()+".db|pool|clear"; private final static String PERM_DENY_IP = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|ip"; private final static String PERM_DENY_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id"; - private final static String PERM_LOG_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id"; + private final static String PERM_LOG_ID = Define.ROOT_NS()+".log|" + Define.ROOT_COMPANY() + "|id"; /** * Normal Init level APIs |