From 004851a114cc06933368ffe55fd58f0d010debb0 Mon Sep 17 00:00:00 2001 From: Instrumental Date: Fri, 22 Feb 2019 16:19:44 -0600 Subject: Choose better Concurrency Object Issue-ID: AAF-771: Change-Id: I112120d380f34a86890b83889880337199e21f57 Signed-off-by: Instrumental --- .../onap/aaf/cadi/shiro/AAFAuthenticationInfo.java | 3 ++- .../org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java | 6 +++--- .../main/java/org/onap/aaf/cadi/shiro/AAFRealm.java | 19 +++++++++---------- .../org/onap/aaf/cadi/shiro/test/JU_AAFRealm.java | 5 ++++- 4 files changed, 18 insertions(+), 15 deletions(-) diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java index 99e387d..d936794 100644 --- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java @@ -65,19 +65,20 @@ public class AAFAuthenticationInfo implements AuthenticationInfo { UsernamePasswordToken upt = (UsernamePasswordToken)atoken; if(apc.getPrimaryPrincipal().getName().equals(upt.getPrincipal())) { byte[] newhash = getSaltedCred(new String(upt.getPassword())); - access.printf(Level.INFO,"Successful authentication attempt by %s",upt.getPrincipal()); if(newhash.length==hash.length) { for(int i=0;i getRoles() { - access.log(Level.INFO,"AAFAuthorizationInfo.getRoles"); + access.log(Level.DEBUG,"AAFAuthorizationInfo.getRoles"); // Until we decide to make Roles available, tie into String based permissions. return getStringPermissions(); } @Override public Collection getStringPermissions() { - access.log(Level.INFO,"AAFAuthorizationInfo.getStringPermissions"); + access.log(Level.DEBUG,"AAFAuthorizationInfo.getStringPermissions"); synchronized(bait) { if(sPerms == null) { sPerms = new ArrayList(); for(org.onap.aaf.cadi.Permission p : pond) { sPerms.add(p.getKey().replace("|",":")); - access.printf(Level.INFO,"the user has %s",p.getKey()); + access.printf(Level.INFO,"%s has %s",bait.getName(),p.getKey()); } } } diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java index 52bf354..dbc57d7 100644 --- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java @@ -23,12 +23,13 @@ package org.onap.aaf.cadi.shiro; import java.io.IOException; import java.security.Principal; import java.util.ArrayList; +import java.util.Collections; +import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Map.Entry; import java.util.Set; -import java.util.concurrent.ConcurrentHashMap; -import java.util.concurrent.ConcurrentSkipListSet; +import java.util.TreeMap; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; @@ -83,7 +84,7 @@ public class AAFRealm extends AuthorizingRealm { try { mbc = new MapBathConverter(access, new CSV(csv)); access.log(Level.INFO, "MapBathConversion enabled with file ",csv); - idMap = new ConcurrentHashMap(); + idMap = Collections.synchronizedMap(new TreeMap()); // Load for(Entry es : mbc.map().entrySet()) { String oldID = es.getKey(); @@ -115,7 +116,7 @@ public class AAFRealm extends AuthorizingRealm { throw new RuntimeException(msg,e); } } - supports = new ConcurrentSkipListSet<>(); + supports = Collections.synchronizedSet(new HashSet<>()); supports.add(UsernamePasswordToken.class); } @@ -146,7 +147,7 @@ public class AAFRealm extends AuthorizingRealm { logger.debug(str); break; case ERROR: - logger.warn(str); + logger.error(str); break; case INFO: case INIT: @@ -174,7 +175,7 @@ public class AAFRealm extends AuthorizingRealm { logger.debug(str); break; case ERROR: - logger.warn(str); + logger.error(str); break; case INFO: case INIT: @@ -193,6 +194,7 @@ public class AAFRealm extends AuthorizingRealm { public boolean willLog(Level level) { if(super.willLog(level)) { switch(level) { + case WARN: case AUDIT: return logger.isWarnEnabled(); case DEBUG: @@ -206,9 +208,6 @@ public class AAFRealm extends AuthorizingRealm { return false; case TRACE: return logger.isTraceEnabled(); - case WARN: - return logger.isWarnEnabled(); - } } return false; @@ -287,8 +286,8 @@ public class AAFRealm extends AuthorizingRealm { Principal newBait = bait; if(singleton.idMap!=null) { final String newID = singleton.idMap.get(bait.getName()); - singleton.access.printf(Level.INFO,"Successful authentication attempt by %s",bait.getName()); if(newID!=null) { + singleton.access.printf(Level.INFO,"Successful authentication Translation %s to %s",bait.getName(), newID); newBait = new Principal() { @Override public String getName() { diff --git a/shiro/src/test/java/org/onap/aaf/cadi/shiro/test/JU_AAFRealm.java b/shiro/src/test/java/org/onap/aaf/cadi/shiro/test/JU_AAFRealm.java index f49ecb4..f159a8f 100644 --- a/shiro/src/test/java/org/onap/aaf/cadi/shiro/test/JU_AAFRealm.java +++ b/shiro/src/test/java/org/onap/aaf/cadi/shiro/test/JU_AAFRealm.java @@ -27,13 +27,14 @@ import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.Permission; import org.apache.shiro.subject.PrincipalCollection; +import org.junit.Assert; import org.junit.Test; import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.shiro.AAFRealm; import org.onap.aaf.cadi.shiro.AAFShiroPermission; -import junit.framework.Assert; + public class JU_AAFRealm { @@ -58,6 +59,8 @@ public class JU_AAFRealm { testAPerm(false,azi,"org.osaaf.nons","resources","something","get"); // testAPerm(true,azi,"name","org.access","something","*"); // testAPerm(false,azi,"org.accessX","something","*"); + + Assert.assertEquals(true,ar.supports(upt)); } catch (Throwable t) { t.printStackTrace(); Assert.fail(); -- cgit 1.2.3-korg