Remove the manual timer

Remove timer that was leading to issues during SDC fetch. Moreover there
is already a cache in Cadi

Issue-ID: CLAMP-181
Change-Id: I9926f2aaea290484d2356532c9a00e6e3f0d6a59
Signed-off-by: sebdet <sd378r@intl.att.com>

2 files changed, 43 insertions, 83 deletions

diff --git a/src/main/java/org/onap/clamp/clds/ClampServlet.java b/src/main/java/org/onap/clamp/clds/ClampServlet.java
index 549b12f9..52931340 100644
--- a/src/main/java/org/onap/clamp/clds/ClampServlet.java
+++ b/src/main/java/org/onap/clamp/clds/ClampServlet.java
@@ -37,8 +37,8 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.camel.component.servlet.CamelHttpTransportServlet;
 import org.onap.clamp.clds.service.SecureServicePermission;
-import org.onap.clamp.clds.util.ClampTimer;
 import org.springframework.context.ApplicationContext;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
@@ -49,50 +49,54 @@ import org.springframework.web.context.support.WebApplicationContextUtils;
 
 public class ClampServlet extends CamelHttpTransportServlet {
 
+    /**
+     *
+     */
+    private static final long serialVersionUID = -4198841134910211542L;
+
     protected static final EELFLogger logger = EELFManager.getInstance().getLogger(ClampServlet.class);
     public static final String PERM_INSTANCE = "clamp.config.security.permission.instance";
     public static final String PERM_CL = "clamp.config.security.permission.type.cl";
     public static final String PERM_TEMPLATE = "clamp.config.security.permission.type.template";
     public static final String PERM_VF = "clamp.config.security.permission.type.filter.vf";
     public static final String PERM_MANAGE = "clamp.config.security.permission.type.cl.manage";
+    public static final String PERM_TOSCA = "clamp.config.security.permission.type.tosca";
 
+    /**
+     * When AAF is enabled, request object will contain a cadi Wrapper, so queries
+     * to isUserInRole will invoke a http call to AAF server.
+     */
     @Override
     protected void doService(HttpServletRequest request, HttpServletResponse response)
-            throws ServletException, IOException {
-        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        throws ServletException, IOException {
         List<SecureServicePermission> permissionList = new ArrayList<>();
 
-        // Get Principal info and translate it into Spring Authentication If
-        // authenticataion is null: a) the authentication info was set manually
-        // in the previous thread b) handled by Spring automatically for the 2
-        // cases above, no need for the translation, just skip the following
-        // step
-        if (null == authentication) {
-            logger.debug("Populate Spring Authenticataion info manually.");
-            ApplicationContext applicationContext = WebApplicationContextUtils
-                    .getWebApplicationContext(this.getServletContext());
-            // Start a timer to clear the authentication after 5 mins, so that
-            // the authentication will be reinitialized with AAF DB
-            new ClampTimer(300);
-            String cldsPersmissionTypeCl = applicationContext.getEnvironment().getProperty(PERM_CL);
-            String cldsPermissionTypeTemplate = applicationContext.getEnvironment().getProperty(PERM_TEMPLATE);
-            String cldsPermissionInstance = applicationContext.getEnvironment().getProperty(PERM_INSTANCE);
-            String cldsPermissionTypeFilterVf = applicationContext.getEnvironment().getProperty(PERM_VF);
-            String cldsPermissionTypeClManage = applicationContext.getEnvironment().getProperty(PERM_MANAGE);
+        ApplicationContext applicationContext = WebApplicationContextUtils
+            .getWebApplicationContext(this.getServletContext());
 
-            // set the stragety to Mode_Global, so that all thread is able to
-            // see the authentication
-            SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL);
-            Principal p = request.getUserPrincipal();
+        String cldsPersmissionTypeCl = applicationContext.getEnvironment().getProperty(PERM_CL);
+        String cldsPermissionTypeTemplate = applicationContext.getEnvironment().getProperty(PERM_TEMPLATE);
+        String cldsPermissionInstance = applicationContext.getEnvironment().getProperty(PERM_INSTANCE);
+        String cldsPermissionTypeFilterVf = applicationContext.getEnvironment().getProperty(PERM_VF);
+        String cldsPermissionTypeClManage = applicationContext.getEnvironment().getProperty(PERM_MANAGE);
+        String cldsPermissionTypeTosca = applicationContext.getEnvironment().getProperty(PERM_TOSCA);
 
+        // set the stragety to Mode_Global, so that all thread is able to
+        // see the authentication
+        SecurityContextHolder.setStrategyName(SecurityContextHolder.MODE_GLOBAL);
+        Principal p = request.getUserPrincipal();
+        if (null != p) {
             permissionList.add(SecureServicePermission.create(cldsPersmissionTypeCl, cldsPermissionInstance, "read"));
             permissionList.add(SecureServicePermission.create(cldsPersmissionTypeCl, cldsPermissionInstance, "update"));
             permissionList
-                    .add(SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, "read"));
+            .add(SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, "read"));
             permissionList
-                    .add(SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, "update"));
+            .add(SecureServicePermission.create(cldsPermissionTypeTemplate, cldsPermissionInstance, "update"));
             permissionList.add(SecureServicePermission.create(cldsPermissionTypeFilterVf, cldsPermissionInstance, "*"));
             permissionList.add(SecureServicePermission.create(cldsPermissionTypeClManage, cldsPermissionInstance, "*"));
+            permissionList.add(SecureServicePermission.create(cldsPermissionTypeTosca, cldsPermissionInstance, "read"));
+            permissionList
+            .add(SecureServicePermission.create(cldsPermissionTypeTosca, cldsPermissionInstance, "update"));
 
             List<GrantedAuthority> grantedAuths = new ArrayList<>();
             for (SecureServicePermission perm : permissionList) {
@@ -101,10 +105,21 @@ public class ClampServlet extends CamelHttpTransportServlet {
                     grantedAuths.add(new SimpleGrantedAuthority(permString));
                 }
             }
+
             Authentication auth = new UsernamePasswordAuthenticationToken(new User(p.getName(), "", grantedAuths), "",
-                    grantedAuths);
+                grantedAuths);
             SecurityContextHolder.getContext().setAuthentication(auth);
         }
-        super.doService(request, response);
+        try {
+            super.doService(request, response);
+        } catch (ServletException | IOException ioe) {
+            logger.error("Exception caught when executing doService in servlet", ioe);
+            try {
+                response.sendError(HttpStatus.INTERNAL_SERVER_ERROR.value());
+            } catch (IOException e) {
+                logger.error("Exception caught when executing HTTP sendError in servlet", e);
+            }
+        }
+
     }
 }
\ No newline at end of file
diff --git a/src/main/java/org/onap/clamp/clds/util/ClampTimer.java b/src/main/java/org/onap/clamp/clds/util/ClampTimer.java
deleted file mode 100644
index d08e73a4..00000000
--- a/src/main/java/org/onap/clamp/clds/util/ClampTimer.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP CLAMP
- * ================================================================================
- * Copyright (C) 2018 AT&T Intellectual Property. All rights
- *                             reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END============================================
- * Modifications copyright (c) 2018 Nokia
- * ===================================================================
- *
- */
-package org.onap.clamp.clds.util;
-
-import java.util.Timer;
-import java.util.TimerTask;
-import com.att.eelf.configuration.EELFLogger;
-import com.att.eelf.configuration.EELFManager;
-
-import org.springframework.security.core.context.SecurityContextHolder;
-
-/**
- * Define the ClampTimer and CleanupTask, to clear up the Spring Authenticataion info when time is up.
- */
-
-public class ClampTimer {
-    protected static final EELFLogger logger          = EELFManager.getInstance().getLogger(ClampTimer.class);
-    Timer timer;
-
-    public ClampTimer(int seconds) {
-        timer = new Timer();
-        timer.schedule(new CleanupTask(), seconds*1000L);
-    }
-
-    class CleanupTask extends TimerTask {
-        public void run() {
-            logger.debug("Time is up, clear the Spring authenticataion settings");
-            //Clear up the spring authentication
-            SecurityContextHolder.getContext().setAuthentication(null);
-            //Terminate the timer thread
-            timer.cancel(); 
-        }
-    }
-}
\ No newline at end of file