From 4a51a8f96715ffb2a42189b93b9fa91b453b8530 Mon Sep 17 00:00:00 2001 From: sg481n Date: Thu, 3 Aug 2017 17:39:12 -0400 Subject:  [AAF-21] Initial code import MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Change-Id: Ia1dd196befd061f6ba0c2be6bf4456a30ea50f97 Signed-off-by: sg481n --- .../java/com/att/cadi/client/AbsBasicAuth.java | 94 ++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 client/src/main/java/com/att/cadi/client/AbsBasicAuth.java (limited to 'client/src/main/java/com/att/cadi/client/AbsBasicAuth.java') diff --git a/client/src/main/java/com/att/cadi/client/AbsBasicAuth.java b/client/src/main/java/com/att/cadi/client/AbsBasicAuth.java new file mode 100644 index 0000000..ef8abf4 --- /dev/null +++ b/client/src/main/java/com/att/cadi/client/AbsBasicAuth.java @@ -0,0 +1,94 @@ +/******************************************************************************* + * ============LICENSE_START==================================================== + * * org.onap.aai + * * =========================================================================== + * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * * Copyright © 2017 Amdocs + * * =========================================================================== + * * Licensed under the Apache License, Version 2.0 (the "License"); + * * you may not use this file except in compliance with the License. + * * You may obtain a copy of the License at + * * + * * http://www.apache.org/licenses/LICENSE-2.0 + * * + * * Unless required by applicable law or agreed to in writing, software + * * distributed under the License is distributed on an "AS IS" BASIS, + * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * * See the License for the specific language governing permissions and + * * limitations under the License. + * * ============LICENSE_END==================================================== + * * + * * ECOMP is a trademark and service mark of AT&T Intellectual Property. + * * + ******************************************************************************/ +package com.att.cadi.client; + +import java.io.IOException; + +import com.att.cadi.SecuritySetter; +import com.att.cadi.Symm; +import com.att.cadi.config.SecurityInfoC; + +public abstract class AbsBasicAuth implements SecuritySetter { + protected static final String REPEAT_OFFENDER="This call is aborted because of repeated usage of invalid Passwords"; + private static final int MAX_TEMP_COUNT = 10; + private static final int MAX_SPAM_COUNT = 10000; + private static final long WAIT_TIME = 1000*60*4; + + protected final String headValue; + protected SecurityInfoC securityInfo; + protected String user; + private long lastMiss; + private int count; + + public AbsBasicAuth(String user, String pass, SecurityInfoC si) throws IOException { + this.user = user; + headValue = "Basic " + Symm.base64.encode(user + ':' + pass); + securityInfo = si; + lastMiss=0L; + count=0; + } + + /* (non-Javadoc) + * @see com.att.cadi.SecuritySetter#getID() + */ + @Override + public String getID() { + return user; + } + + public boolean isDenied() { + if(lastMiss>0 && lastMiss>System.currentTimeMillis()) { + return true; + } else { + lastMiss=0L; + return false; + } + } + + public synchronized int setLastResponse(int httpcode) { + if(httpcode == 401) { + ++count; + if(lastMiss==0L && count>MAX_TEMP_COUNT) { + lastMiss=System.currentTimeMillis()+WAIT_TIME; + } +// if(count>MAX_SPAM_COUNT) { +// System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n", +// count); +// System.exit(401); +// } + if(count%1000==0) { + System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n", + count,MAX_SPAM_COUNT); + } + + } else { + lastMiss=0; + } + return count; + } + + public int count() { + return count; + } +} -- cgit 1.2.3-korg