From a649fd1b3c8308b4c7cc2018965c93bff9d7eb54 Mon Sep 17 00:00:00 2001 From: Sai Gandham Date: Wed, 30 Jan 2019 08:44:44 -0600 Subject: Update shiro logging and sl4j init Issue-ID: AAF-655 Change-Id: I1e1439efbee5900c82a6065a0581faae15622581 Signed-off-by: Sai Gandham --- pom.xml | 2 +- shiro-osgi-bundle/pom.xml | 2 +- shiro/pom.xml | 2 +- .../onap/aaf/cadi/shiro/AAFAuthenticationInfo.java | 9 +++--- .../onap/aaf/cadi/shiro/AAFAuthorizationInfo.java | 12 ++++---- .../java/org/onap/aaf/cadi/shiro/AAFRealm.java | 33 ++++++++++++---------- sidecar/fproxy/pom.xml | 2 +- sidecar/pom.xml | 2 +- sidecar/rproxy/pom.xml | 2 +- sidecar/tproxy-config/pom.xml | 2 +- version.properties | 2 +- 11 files changed, 37 insertions(+), 33 deletions(-) diff --git a/pom.xml b/pom.xml index 99a6645..7e111ff 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@ 4.0.0 org.onap.aaf.cadi parent - 2.1.10-SNAPSHOT + 2.1.11-SNAPSHOT CADI Plugins Parent pom diff --git a/shiro-osgi-bundle/pom.xml b/shiro-osgi-bundle/pom.xml index 2081be5..d7459ce 100644 --- a/shiro-osgi-bundle/pom.xml +++ b/shiro-osgi-bundle/pom.xml @@ -22,7 +22,7 @@ org.onap.aaf.cadi parent - 2.1.10-SNAPSHOT + 2.1.11-SNAPSHOT .. diff --git a/shiro/pom.xml b/shiro/pom.xml index 60a3de5..1d435b0 100644 --- a/shiro/pom.xml +++ b/shiro/pom.xml @@ -22,7 +22,7 @@ org.onap.aaf.cadi parent - 2.1.10-SNAPSHOT + 2.1.11-SNAPSHOT .. diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java index 4e5d59b..45bdadc 100644 --- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthenticationInfo.java @@ -24,7 +24,8 @@ import java.nio.ByteBuffer; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; -import org.apache.log4j.Logger; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.UsernamePasswordToken; @@ -35,7 +36,7 @@ import org.onap.aaf.cadi.Hash; public class AAFAuthenticationInfo implements AuthenticationInfo { private static final long serialVersionUID = -1502704556864321020L; - final static Logger logger = Logger.getLogger(AAFAuthenticationInfo.class); + final static Logger logger = LoggerFactory.getLogger(AAFAuthenticationInfo.class); // We assume that Shiro is doing Memory Only, and this salt is not needed cross process private final static int salt = new SecureRandom().nextInt(); @@ -50,14 +51,12 @@ public class AAFAuthenticationInfo implements AuthenticationInfo { hash = getSaltedCred(password); } @Override - public byte[] getCredentials() { - logger.debug("AAFAuthenticationInfo.getCredentials"); + public byte[] getCredentials() { return hash; } @Override public PrincipalCollection getPrincipals() { - logger.debug( "AAFAuthenticationInfo.getPrincipals"); return apc; } diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java index 7633670..f1bfd3c 100644 --- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFAuthorizationInfo.java @@ -29,7 +29,8 @@ import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.Permission; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.Access.Level; - +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * We treat "roles" and "permissions" in a similar way for first pass. * @@ -38,6 +39,9 @@ import org.onap.aaf.cadi.Access.Level; */ public class AAFAuthorizationInfo implements AuthorizationInfo { private static final long serialVersionUID = -4805388954462426018L; + + final static Logger logger = LoggerFactory.getLogger(AAFAuthorizationInfo.class); + private Access access; private Principal bait; private List pond; @@ -50,6 +54,7 @@ public class AAFAuthorizationInfo implements AuthorizationInfo { this.pond = pond; sPerms=null; oPerms=null; + } public Principal principal() { @@ -64,7 +69,6 @@ public class AAFAuthorizationInfo implements AuthorizationInfo { oPerms = new ArrayList(); for(final org.onap.aaf.cadi.Permission p : pond) { oPerms.add(new AAFShiroPermission(p)); - System.out.println("List user" + p); } } } @@ -73,20 +77,18 @@ public class AAFAuthorizationInfo implements AuthorizationInfo { @Override public Collection getRoles() { -// access.log(Level.DEBUG, "AAFAuthorizationInfo.getRoles"); // Until we decide to make Roles available, tie into String based permissions. return getStringPermissions(); } @Override public Collection getStringPermissions() { -// access.log(Level.DEBUG, "AAFAuthorizationInfo.getStringPermissions"); synchronized(bait) { if(sPerms == null) { sPerms = new ArrayList(); for(org.onap.aaf.cadi.Permission p : pond) { sPerms.add(p.getKey().replace("|",":")); - System.out.println("Replacing | to :" + p.getKey().replace("|",":")); +// System.out.println("Replacing | to :" + p.getKey().replace("|",":")); } } } diff --git a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java index 091c22b..4b24c70 100644 --- a/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java +++ b/shiro/src/main/java/org/onap/aaf/cadi/shiro/AAFRealm.java @@ -30,7 +30,6 @@ import java.util.Map; import java.util.Map.Entry; import java.util.TreeMap; -import org.apache.log4j.Logger; import org.apache.log4j.PropertyConfigurator; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; @@ -51,9 +50,12 @@ import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.filter.MapBathConverter; import org.onap.aaf.cadi.util.CSV; import org.onap.aaf.misc.env.APIException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + public class AAFRealm extends AuthorizingRealm { - final static Logger logger = Logger.getLogger(AAFRealm.class); + final static Logger logger = LoggerFactory.getLogger(AAFRealm.class); public static final String AAF_REALM = "AAFRealm"; @@ -78,11 +80,12 @@ public class AAFRealm extends AuthorizingRealm { String cadi_prop_files = access.getProperty(Config.CADI_PROP_FILES); if(cadi_prop_files==null) { String msg = Config.CADI_PROP_FILES + " in VM Args is required to initialize AAFRealm."; - access.log(Level.INIT,msg); + access.log(Level.DEBUG,msg); throw new RuntimeException(msg); } else { try { String log4jConfigFile = "./etc/org.ops4j.pax.logging.cfg"; + PropertyConfigurator.configure(log4jConfigFile); System.setOut(createLoggingProxy(System.out)); System.setErr(createLoggingProxy(System.err)); @@ -94,7 +97,6 @@ public class AAFRealm extends AuthorizingRealm { acon = AAFCon.newInstance(access); authn = acon.newAuthn(); authz = acon.newLur(authn); - final String csv = access.getProperty(Config.CADI_BATH_CONVERT); if(csv!=null) { try { @@ -122,12 +124,12 @@ public class AAFRealm extends AuthorizingRealm { idMap.put(oldID,newID); } } catch (IOException e) { - logger.error(e.getMessage(), e); +// access.log(e); } } } catch (APIException | CadiException | LocatorException e) { String msg = "Cannot initiate AAFRealm"; - logger.info(msg + " "+ e.getMessage(), e); + access.log(Level.INIT,msg,e.getMessage()); throw new RuntimeException(msg,e); } } @@ -145,15 +147,14 @@ public class AAFRealm extends AuthorizingRealm { @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { - logger.debug("AAFRealm.doGetAuthenticationInfo :"+token); - final UsernamePasswordToken upt = (UsernamePasswordToken)token; final String user = upt.getUsername(); String authUser = user; final String password=new String(upt.getPassword()); String authPassword = password; - if(mbc!=null) { + if(mbc!=null) { try { + final String oldBath = "Basic " + Symm.base64noSplit.encode(user+':'+password); String bath = mbc.convert(access, oldBath); if(bath!=oldBath) { @@ -161,11 +162,13 @@ public class AAFRealm extends AuthorizingRealm { int colon = bath.indexOf(':'); if(colon>=0) { authUser = bath.substring(0, colon); - authPassword = bath.substring(colon+1); + authPassword = bath.substring(colon+1); + access.log(Level.DEBUG, authUser,"user authenticated"); + access.log(Level.DEBUG, authn.validate(authUser,authPassword)); } } } catch (IOException e) { - logger.error(e.getMessage(), e); + access.log(e); } } String err; @@ -173,11 +176,11 @@ public class AAFRealm extends AuthorizingRealm { err = authn.validate(authUser,authPassword); } catch (IOException e) { err = "Credential cannot be validated"; - logger.error(err, e); + access.log(Level.DEBUG, e, err); } if(err != null) { - logger.debug(err); + access.log(Level.DEBUG, err, " - Credential cannot be validated"); throw new AuthenticationException(err); } @@ -185,7 +188,9 @@ public class AAFRealm extends AuthorizingRealm { access, user, password + ); + } @Override @@ -202,7 +207,6 @@ public class AAFRealm extends AuthorizingRealm { @Override protected AAFAuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { - logger.debug("AAFRealm.doGetAuthenthorizationInfo"); Principal bait = (Principal)principals.getPrimaryPrincipal(); Principal newBait = bait; if(idMap!=null) { @@ -218,7 +222,6 @@ public class AAFRealm extends AuthorizingRealm { } List pond = new ArrayList<>(); authz.fishAll(newBait,pond); - return new AAFAuthorizationInfo(access,bait,pond); } diff --git a/sidecar/fproxy/pom.xml b/sidecar/fproxy/pom.xml index 97c470d..1a63ea5 100644 --- a/sidecar/fproxy/pom.xml +++ b/sidecar/fproxy/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.cadi.sidecar sidecar - 2.1.10-SNAPSHOT + 2.1.11-SNAPSHOT fproxy diff --git a/sidecar/pom.xml b/sidecar/pom.xml index 0345abb..2d5f678 100644 --- a/sidecar/pom.xml +++ b/sidecar/pom.xml @@ -20,7 +20,7 @@ org.onap.aaf.cadi parent - 2.1.10-SNAPSHOT + 2.1.11-SNAPSHOT .. 4.0.0 diff --git a/sidecar/rproxy/pom.xml b/sidecar/rproxy/pom.xml index dd7a07e..ce105a9 100644 --- a/sidecar/rproxy/pom.xml +++ b/sidecar/rproxy/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.cadi.sidecar sidecar - 2.1.10-SNAPSHOT + 2.1.11-SNAPSHOT rproxy diff --git a/sidecar/tproxy-config/pom.xml b/sidecar/tproxy-config/pom.xml index fdac4fb..d981797 100644 --- a/sidecar/tproxy-config/pom.xml +++ b/sidecar/tproxy-config/pom.xml @@ -24,7 +24,7 @@ org.onap.aaf.cadi.sidecar sidecar - 2.1.10-SNAPSHOT + 2.1.11-SNAPSHOT tproxy-config diff --git a/version.properties b/version.properties index 1e3a49e..91423b2 100644 --- a/version.properties +++ b/version.properties @@ -27,7 +27,7 @@ major=2 minor=1 -patch=10 +patch=11 base_version=${major}.${minor}.${patch} -- cgit 1.2.3-korg