From 62c4eb45e157d502463d797c1353802ca8e1e307 Mon Sep 17 00:00:00 2001 From: sg481n Date: Fri, 25 Aug 2017 01:57:24 -0400 Subject: Update project structure for aaf/cadi Update project structure from com.att to org.onap and add distribution management and staging plugin. Issue-id: AAF-22 Change-Id: Idf2b591139e38921ad28782a51486714a05dee92 Signed-off-by: sg481n --- .../com/att/cadi/taf/localhost/LocalhostTaf.java | 130 --------------------- 1 file changed, 130 deletions(-) delete mode 100644 core/src/main/java/com/att/cadi/taf/localhost/LocalhostTaf.java (limited to 'core/src/main/java/com/att/cadi/taf/localhost/LocalhostTaf.java') diff --git a/core/src/main/java/com/att/cadi/taf/localhost/LocalhostTaf.java b/core/src/main/java/com/att/cadi/taf/localhost/LocalhostTaf.java deleted file mode 100644 index 67754a9..0000000 --- a/core/src/main/java/com/att/cadi/taf/localhost/LocalhostTaf.java +++ /dev/null @@ -1,130 +0,0 @@ -/******************************************************************************* - * ============LICENSE_START==================================================== - * * org.onap.aaf - * * =========================================================================== - * * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * * =========================================================================== - * * Licensed under the Apache License, Version 2.0 (the "License"); - * * you may not use this file except in compliance with the License. - * * You may obtain a copy of the License at - * * - * * http://www.apache.org/licenses/LICENSE-2.0 - * * - * * Unless required by applicable law or agreed to in writing, software - * * distributed under the License is distributed on an "AS IS" BASIS, - * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * * See the License for the specific language governing permissions and - * * limitations under the License. - * * ============LICENSE_END==================================================== - * * - * * ECOMP is a trademark and service mark of AT&T Intellectual Property. - * * - ******************************************************************************/ -package com.att.cadi.taf.localhost; - -import java.net.InetAddress; -import java.net.NetworkInterface; -import java.net.SocketException; -import java.net.UnknownHostException; -import java.util.Enumeration; -import java.util.TreeSet; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import com.att.cadi.Access; -import com.att.cadi.Access.Level; -import com.att.cadi.CachedPrincipal; -import com.att.cadi.CachedPrincipal.Resp; -import com.att.cadi.Taf; -import com.att.cadi.taf.HttpTaf; -import com.att.cadi.taf.TafResp; -import com.att.cadi.taf.TafResp.RESP; - -/** - * Implement the ability to utilize LocalHost as a TAF. - * - * Configure with two properties, - * localhost.deny - * localhost.accept - * - * 1) If localhost.deny==true, then no localhost requests are allowed - * 2) If localhost.deny==false, but accept==false, return "Try Another TAF" (i.e. allow further checking of the - * chain, but don't treat localhost as an acceptable credential) - * 3) If localhost.deny=false and accept=true, then the processes coming from the same machine, given logins are needed, - * to run, are treated as validated. This is primarily for Developer purposes. - * - * - * - */ -public class LocalhostTaf implements HttpTaf { - private TafResp isLocalHost,isNotLocalHost; - private static final TreeSet addrSet; - - static { - addrSet = new TreeSet(); - try { - for(Enumeration en = NetworkInterface.getNetworkInterfaces();en.hasMoreElements();) { - NetworkInterface ni = en.nextElement(); - for(Enumeration eia = ni.getInetAddresses();eia.hasMoreElements();) { - InetAddress ia = eia.nextElement(); - addrSet.add(ia.getHostAddress()); - } - } - } catch (SocketException e) { - } - - } - - public LocalhostTaf(Access access, boolean accept, boolean isDenied) { - String hostname = access.getProperty("hostname",null); - if(hostname !=null) { - try { - addrSet.add(InetAddress.getByName(hostname).getHostAddress()); - } catch (UnknownHostException e) { - access.log(e,"Unknown Host"); - } - } - - if(isDenied) { - access.log(Level.INFO,"LocalhostTaf will deny all localhost traffic"); - } else { - access.log(Level.INFO,"LocalhostTaf will not deny localhost requests, ", - (accept?"and will treat them as authenticated":"but will require other authentication")); - } - // Set the appropriate behavior for when ID coming in is from localhost - isLocalHost = isDenied? - new LocalhostTafResp(access, RESP.NO_FURTHER_PROCESSING,"Localhost is denied"): - accept? - new LocalhostTafResp(access, RESP.IS_AUTHENTICATED,"Localhost is allowed"): - new LocalhostTafResp(access, RESP.TRY_ANOTHER_TAF,"Localhost is allowed"); - isNotLocalHost = new LocalhostTafResp(access, RESP.TRY_ANOTHER_TAF,"Address is not Localhost"); - } - -// @Override - public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) { - String remote = req.getRemoteAddr(); - return addrSet.contains(remote) - ?isLocalHost - :isNotLocalHost; - } - - /** - * This function used for other TAFs (i.e. CSP, which can't work on localhost address) - * - * @param address - * @return - */ - public static boolean isLocalAddress(String address) { - return addrSet.contains(address); - } - - public String toString() { - return "Localhost TAF activated: " + isLocalHost.desc(); - } - - public Resp revalidate(CachedPrincipal prin) { - // shouldn't get here, since there's no need to Cache, but if so, LocalHost is always valid... - return Resp.REVALIDATED; - } -} -- cgit 1.2.3-korg