summaryrefslogtreecommitdiffstats
path: root/shiro/src/main/java/org
diff options
context:
space:
mode:
Diffstat (limited to 'shiro/src/main/java/org')
-rw-r--r--shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java9
-rw-r--r--shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java11
-rw-r--r--shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java40
3 files changed, 44 insertions, 16 deletions
diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java
index a1d304b..4e5d59b 100644
--- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java
+++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java
@@ -24,16 +24,19 @@ import java.nio.ByteBuffer;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
+import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.Hash;
-import org.onap.aaf.cadi.Access.Level;
public class AAFAuthenticationInfo implements AuthenticationInfo {
private static final long serialVersionUID = -1502704556864321020L;
+
+ final static Logger logger = Logger.getLogger(AAFAuthenticationInfo.class);
+
// We assume that Shiro is doing Memory Only, and this salt is not needed cross process
private final static int salt = new SecureRandom().nextInt();
@@ -48,13 +51,13 @@ public class AAFAuthenticationInfo implements AuthenticationInfo {
}
@Override
public byte[] getCredentials() {
- access.log(Level.DEBUG, "AAFAuthenticationInfo.getCredentials");
+ logger.debug("AAFAuthenticationInfo.getCredentials");
return hash;
}
@Override
public PrincipalCollection getPrincipals() {
- access.log(Level.DEBUG, "AAFAuthenticationInfo.getPrincipals");
+ logger.debug( "AAFAuthenticationInfo.getPrincipals");
return apc;
}
diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java
index 0a9dab9..60ea11f 100644
--- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java
+++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java
@@ -25,10 +25,10 @@ import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
+import org.apache.log4j.Logger;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.onap.aaf.cadi.Access;
-import org.onap.aaf.cadi.Access.Level;
/**
* We treat "roles" and "permissions" in a similar way for first pass.
@@ -37,6 +37,9 @@ import org.onap.aaf.cadi.Access.Level;
*
*/
public class AAFAuthorizationInfo implements AuthorizationInfo {
+
+ final static Logger logger = Logger.getLogger(AuthorizationInfo.class);
+
private static final long serialVersionUID = -4805388954462426018L;
private Access access;
private Principal bait;
@@ -58,7 +61,7 @@ public class AAFAuthorizationInfo implements AuthorizationInfo {
@Override
public Collection<Permission> getObjectPermissions() {
- access.log(Level.DEBUG, "AAFAuthorizationInfo.getObjectPermissions");
+ logger.debug("AAFAuthorizationInfo.getObjectPermissions");
synchronized(bait) {
if(oPerms == null) {
oPerms = new ArrayList<Permission>();
@@ -72,14 +75,14 @@ public class AAFAuthorizationInfo implements AuthorizationInfo {
@Override
public Collection<String> getRoles() {
- access.log(Level.DEBUG, "AAFAuthorizationInfo.getRoles");
+ logger.debug("AAFAuthorizationInfo.getRoles");
// Until we decide to make Roles available, tie into String based permissions.
return getStringPermissions();
}
@Override
public Collection<String> getStringPermissions() {
- access.log(Level.DEBUG, "AAFAuthorizationInfo.getStringPermissions");
+ logger.debug("AAFAuthorizationInfo.getStringPermissions");
synchronized(bait) {
if(sPerms == null) {
sPerms = new ArrayList<String>();
diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java
index 05b4d78..b7f0c29 100644
--- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java
+++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java
@@ -21,6 +21,7 @@
package org.onap.aaf.cadi.shiro;
import java.io.IOException;
+import java.io.PrintStream;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashSet;
@@ -29,6 +30,8 @@ import java.util.Map;
import java.util.Map.Entry;
import java.util.TreeMap;
+import org.apache.log4j.Logger;
+import org.apache.log4j.PropertyConfigurator;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
@@ -48,8 +51,10 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.filter.MapBathConverter;
import org.onap.aaf.cadi.util.CSV;
import org.onap.aaf.misc.env.APIException;
-
public class AAFRealm extends AuthorizingRealm {
+
+ final static Logger logger = Logger.getLogger(AAFRealm.class);
+
public static final String AAF_REALM = "AAFRealm";
private PropAccess access;
@@ -77,6 +82,15 @@ public class AAFRealm extends AuthorizingRealm {
throw new RuntimeException(msg);
} else {
try {
+ String log4jConfigFile = "./etc/org.onap.cadi.logging.cfg";
+ PropertyConfigurator.configure(log4jConfigFile);
+ System.setOut(createLoggingProxy(System.out));
+ System.setErr(createLoggingProxy(System.err));
+ } catch(Exception e) {
+ e.printStackTrace();
+ }
+ //System.out.println("Configuration done");
+ try {
acon = AAFCon.newInstance(access);
authn = acon.newAuthn();
authz = acon.newLur(authn);
@@ -85,7 +99,7 @@ public class AAFRealm extends AuthorizingRealm {
if(csv!=null) {
try {
mbc = new MapBathConverter(access, new CSV(csv));
- access.printf(Level.INIT, "MapBathConversion enabled with file %s\n",csv);
+ logger.info("MapBathConversion enabled with file "+csv);
idMap = new TreeMap<String,String>();
// Load
for(Entry<String, String> es : mbc.map().entrySet()) {
@@ -108,22 +122,30 @@ public class AAFRealm extends AuthorizingRealm {
idMap.put(oldID,newID);
}
} catch (IOException e) {
- access.log(e);
+ logger.error(e.getMessage(), e);
}
}
} catch (APIException | CadiException | LocatorException e) {
String msg = "Cannot initiate AAFRealm";
- access.log(Level.INIT,msg,e.getMessage());
+ logger.info(msg + " "+ e.getMessage(), e);
throw new RuntimeException(msg,e);
}
}
supports = new HashSet<Class<? extends AuthenticationToken>>();
supports.add(UsernamePasswordToken.class);
}
+ public static PrintStream createLoggingProxy(final PrintStream realPrintStream) {
+ return new PrintStream(realPrintStream) {
+ public void print(final String string) {
+ realPrintStream.print(string);
+ logger.info(string);
+ }
+ };
+ }
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
- access.log(Level.DEBUG, "AAFRealm.doGetAuthenticationInfo",token);
+ logger.debug("AAFRealm.doGetAuthenticationInfo :"+token);
final UsernamePasswordToken upt = (UsernamePasswordToken)token;
final String user = upt.getUsername();
@@ -143,7 +165,7 @@ public class AAFRealm extends AuthorizingRealm {
}
}
} catch (IOException e) {
- access.log(e);
+ logger.error(e.getMessage(), e);
}
}
String err;
@@ -151,11 +173,11 @@ public class AAFRealm extends AuthorizingRealm {
err = authn.validate(authUser,authPassword);
} catch (IOException e) {
err = "Credential cannot be validated";
- access.log(e, err);
+ logger.error(err, e);
}
if(err != null) {
- access.log(Level.DEBUG, err);
+ logger.debug(err);
throw new AuthenticationException(err);
}
@@ -180,7 +202,7 @@ public class AAFRealm extends AuthorizingRealm {
@Override
protected AAFAuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
- access.log(Level.DEBUG, "AAFRealm.doGetAuthenthorizationInfo");
+ logger.debug("AAFRealm.doGetAuthenthorizationInfo");
Principal bait = (Principal)principals.getPrimaryPrincipal();
Principal newBait = bait;
if(idMap!=null) {