diff --git a/pom.xml b/pom.xml
index afbf5f1e7..04f4bb58b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -133,7 +133,7 @@
org.apache.httpcomponents
httpclient
- 4.3.3
+ 4.2.1
diff --git a/src/main/java/com/hp/csbu/cc/middleware/AuthClient.java b/src/main/java/com/hp/csbu/cc/middleware/AuthClient.java
index 324f264f4..f8da4b650 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/AuthClient.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/AuthClient.java
@@ -8,9 +8,9 @@ import org.apache.thrift.TException;
import org.apache.thrift.TException;
-import com.hp.csbu.cc.security.cs.thrift.service.AuthResponse;
-import com.hp.csbu.cc.security.cs.thrift.service.ResourceException;
-import com.hp.csbu.cc.security.cs.thrift.service.SigAuthRequest;
+//import com.hp.csbu.cc.security.cs.thrift.service.AuthResponse;
+//import com.hp.csbu.cc.security.cs.thrift.service.ResourceException;
+//import com.hp.csbu.cc.security.cs.thrift.service.SigAuthRequest;
/**
@@ -22,10 +22,10 @@ import com.hp.csbu.cc.security.cs.thrift.service.SigAuthRequest;
public interface AuthClient {
public Object validateTokenForServiceEndpointV2(String token,
String serviceIds, String endpointIds, boolean includeCatalog)
- throws TException, ClientProtocolException; //ResourceException
+ throws TException, ClientProtocolException;//, ResourceException;
public Object validateTokenForServiceEndpointV3(String token,
- Map inputParams) throws TException, ClientProtocolException; //ResourceException
+ Map inputParams) throws TException, ClientProtocolException;//, ResourceException;
- public AuthResponse validateSignature(SigAuthRequest request) throws ResourceException, TException;
+ //public AuthResponse validateSignature(SigAuthRequest request) throws ResourceException, TException;
}
diff --git a/src/main/java/com/hp/csbu/cc/middleware/AuthClientFactory.java b/src/main/java/com/hp/csbu/cc/middleware/AuthClientFactory.java
index a288cfd84..dc03e048d 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/AuthClientFactory.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/AuthClientFactory.java
@@ -76,7 +76,7 @@ public abstract class AuthClientFactory {
} else {*/
instance = new HttpClientFactory(host, port, timeout,
clientAuth, keyStore, keyPass, trustStore, trustPass,
- adminToken, maxActive, timeBetweenEvictionRunsMillis,
+ adminToken, maxActive, timeBetweenEvictionRunsMillis,
minEvictableIdleTimeMillis);
// }
@@ -113,8 +113,11 @@ public abstract class AuthClientFactory {
*/
public void recycle(AuthClient client) {
try {
- pool.returnObject(client);
- } catch (Exception e) {
+ //int nonIdle = pool.getNumActive();
+ //if(nonIdle >1)
+ pool.returnObject(client);
+
+ } catch (Exception e) {
throw new AuthConnectionException("Failed to recycle client", e);
}
}
@@ -129,6 +132,7 @@ public abstract class AuthClientFactory {
try {
pool.invalidateObject(client);
} catch (Exception e) {
+ System.out.println("AuthConnection problem destorying");
throw new AuthConnectionException("Failed to destroy client", e);
}
}
@@ -141,6 +145,6 @@ public abstract class AuthClientFactory {
pool.close();
} catch (Exception e) {
throw new AuthConnectionException("Failed to close client pool", e);
- }
+ }
}
}
diff --git a/src/main/java/com/hp/csbu/cc/middleware/AuthConstants.java b/src/main/java/com/hp/csbu/cc/middleware/AuthConstants.java
index e4735b472..214a0d786 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/AuthConstants.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/AuthConstants.java
@@ -93,6 +93,7 @@ public interface AuthConstants {
public static final String SIGNATURE_METHOD = "HmacSHA1";
+ public static final String TIME_TO_CACHE_TOKEN ="TimeToCacheToken";
/** Version of CS to authenticate the credentials **/
public static final String AUTH_VERSION = "AuthVersion";
diff --git a/src/main/java/com/hp/csbu/cc/middleware/Config.java b/src/main/java/com/hp/csbu/cc/middleware/Config.java
index ea3378218..c963c9fdf 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/Config.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/Config.java
@@ -39,7 +39,7 @@ public class Config implements AuthConstants {
private String endpointIds;
// Memcache timeout value
- private long memCacheTimeOut;
+// private long memCacheTimeOut;
//the time to cache token
private long timeToCacheToken;
@@ -104,15 +104,13 @@ public class Config implements AuthConstants {
// Initialize memcache...
String cacheHosts = context.getInitParameter(MEMCACHE_HOSTS);
- boolean isEncrypted = Boolean.valueOf(context
+ /*boolean isEncrypted = Boolean.valueOf(context
.getInitParameter(MEMCACHE_ENCRYPT));
- memCacheTimeOut = getValue(MEMCACHE_TIMEOUT, 2000L);
+ memCacheTimeOut = getValue(MEMCACHE_TIMEOUT, 2000L);*/
/* if (cacheHosts != null && !cacheHosts.isEmpty()) {
this.client = new MemcacheCrypt(cacheHosts, isEncrypted);
}*/
-
-
// Initialize Certificates
String keyStore = filterConfig.getInitParameter(KEYSTORE);
@@ -125,7 +123,7 @@ public class Config implements AuthConstants {
boolean clientAuth = getValue(CONN_SSL_CLIENT_AUTH, true);
int maxActive = getValue(CONN_POOL_MAX_ACTIVE, 3);
int maxIdle = getValue(CONN_POOL_MAX_IDLE, 3);
- long evictPeriod = getValue(CONN_POOL_EVICT_PERIOD, 60000L);
+ long evictPeriod = getValue(CONN_POOL_EVICT_PERIOD, 60000L);
long minIdleTime = getValue(CONN_POOL_MIN_IDLE_TIME, 90000L);
retries = getValue(CONN_TIMEOUT_RETRIES, 3);
pauseTime = getValue(PAUSE_BETWEEN_RETRIES, 100);
@@ -133,11 +131,18 @@ public class Config implements AuthConstants {
includeCatalog = getValue(INCLUDE_SERVICE_CATALOG, true);
adminAuthMethod = getValue(ADMIN_AUTH_METHOD, "");
adminProjectId = getValue(ADMIN_PROJECT_ID, "");
- this.factory = AuthClientFactory.build(host, port, timeout,
+ timeToCacheToken = getValue(TIME_TO_CACHE_TOKEN,600);
+ /*this.factory = AuthClientFactory.build(host, port, timeout,
clientAuth, keyStore, keyPass, trustStore, trustPass,
- maxActive, maxIdle, evictPeriod, minIdleTime, adminToken);
+ maxActive, maxIdle, evictPeriod, minIdleTime, adminToken);*/
+
+ this.factory = AuthClientFactory.build(host, port, timeout,
+ clientAuth, null, null, trustStore, trustPass,
+ maxActive, maxIdle, evictPeriod, minIdleTime, adminToken);
+
+
verifyRequiredParamsForAuthMethod();
- this.client = new TokenCache<>(20,map);
+ this.client = new TokenCache<>(timeToCacheToken,map);
logger.info("Auth host (2-way SSL: " + clientAuth + "): " + host);
logger.info("Read Servlet Initialization Parameters ");
initialized = true;
@@ -166,15 +171,19 @@ public class Config implements AuthConstants {
}
}
- protected String getAdminSecretKey() {
- if (context.getAttribute(ADMIN_SECRET_KEY) != null) {
- return (String) context.getAttribute(ADMIN_SECRET_KEY);
- } else {
- return getValue(ADMIN_SECRET_KEY, "");
- }
- }
+ protected String getAdminSecretKey() {
+ if (context.getAttribute(ADMIN_SECRET_KEY) != null) {
+ return (String) context.getAttribute(ADMIN_SECRET_KEY);
+ } else {
+ return getValue(ADMIN_SECRET_KEY, "");
+ }
+ }
- protected String getAdminAuthMethod() {
+ protected String getAdminToken() {
+ return getValue(ADMIN_TOKEN, "");
+ }
+
+ protected String getAdminAuthMethod() {
return adminAuthMethod;
}
@@ -188,7 +197,8 @@ public class Config implements AuthConstants {
protected String getAdminPassword() {
if (context.getAttribute(ADMIN_PASSWORD) != null) {
- return (String) context.getAttribute(ADMIN_PASSWORD);
+ String password = (String) context.getAttribute(ADMIN_PASSWORD);
+ return password;
} else {
return getValue(ADMIN_PASSWORD, "");
}
@@ -198,22 +208,22 @@ public class Config implements AuthConstants {
return includeCatalog;
}
- protected long getMemCacheTimeOut() {
+ /*protected long getMemCacheTimeOut() {
return memCacheTimeOut;
- }
+ } */
protected String getAuthVersion() {
return authVersion;
}
- protected void setMemCacheTimeOut(long memCacheTimeOut) {
+ /*protected void setMemCacheTimeOut(long memCacheTimeOut) {
this.memCacheTimeOut = memCacheTimeOut;
- }
+ }*/
// Is caching enabled?
- protected boolean isCaching() {
+ /*protected boolean isCaching() {
return this.client != null;
- }
+ }*/
protected ServletContext getConfig() {
return context;
@@ -252,6 +262,9 @@ public class Config implements AuthConstants {
public void setTimeToCacheToken(long timeToCachedToken) {
this.timeToCacheToken = timeToCachedToken;
}
+
+ public void setClient(TokenCache client) { this.client = client;}
+
private T getValue(String paramName, T defaultValue) {
Class type = defaultValue.getClass();
diff --git a/src/main/java/com/hp/csbu/cc/middleware/FilterUtils.java b/src/main/java/com/hp/csbu/cc/middleware/FilterUtils.java
index 36d155aae..1c643ab00 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/FilterUtils.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/FilterUtils.java
@@ -41,6 +41,7 @@ import javax.servlet.ServletRequest;
//import net.rubyeye.xmemcached.exception.MemcachedException;
+//import com.hp.csbu.cc.security.cs.thrift.service.Role;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -77,6 +78,10 @@ public class FilterUtils {
logger.warn("Failed to shutdown memcache", e);
}
} */
+ TokenCache client = appConfig.getClient();
+
+ if(client !=null)
+ appConfig.setClient(null);
AuthClientFactory factory = appConfig.getFactory();
// Shutdown factory
@@ -405,7 +410,7 @@ public class FilterUtils {
// Insert token into cache
public static void cacheToken(String token, Object auth) {
- if (isCaching()) {
+ ///if (isCaching()) {
appConfig.getClient().put(token, (String) auth);
/*try {
appConfig.getClient().putToken(token, auth);
@@ -416,12 +421,12 @@ public class FilterUtils {
} catch (MemcachedException e) {
logger.error("Error memcache", e);
} */
- }
+ //}
}
// Get token from cache
- public static Object getCachedToken(String token) {
- if (isCaching()) {
+ public static Object getCachedToken(String token) throws IOException {
+ /*if (isCaching()) {
long timeout = appConfig.getMemCacheTimeOut();
/*try {
@@ -432,8 +437,8 @@ public class FilterUtils {
logger.error("Error memcache interrupted");
} catch (MemcachedException e) {
logger.error("Error memcache", e);
- } */
- }
+ }
+ } */
return appConfig.getClient().getToken(token);
}
@@ -447,9 +452,9 @@ public class FilterUtils {
}
// Is caching enabled?
- private static boolean isCaching() {
+ /*private static boolean isCaching() {
return appConfig.getClient() != null;
- }
+ }*/
/* private static void getRoles(Object obj, StringBuilder tenants,
StringBuilder nonTenants) {
diff --git a/src/main/java/com/hp/csbu/cc/middleware/HttpAuthClient.java b/src/main/java/com/hp/csbu/cc/middleware/HttpAuthClient.java
index e0fe26328..fec9abef0 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/HttpAuthClient.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/HttpAuthClient.java
@@ -15,8 +15,8 @@ import java.util.Date;
import java.util.Map;
import java.util.TimeZone;
-import com.hp.csbu.cc.security.cs.thrift.service.AuthResponse;
-import com.hp.csbu.cc.security.cs.thrift.service.SigAuthRequest;
+//import com.hp.csbu.cc.security.cs.thrift.service.AuthResponse;
+//import com.hp.csbu.cc.security.cs.thrift.service.SigAuthRequest;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
@@ -25,10 +25,14 @@ import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicHeader;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
+import org.apache.http.params.CoreConnectionPNames;
+import org.apache.http.params.HttpParams;
+import org.apache.http.util.EntityUtils;
//import com.hp.csbu.cc.security.cs.thrift.service.AuthResponse;
//import com.hp.csbu.cc.security.cs.thrift.service.SigAuthRequest;
@@ -52,8 +56,8 @@ public class HttpAuthClient implements AuthClient {
public HttpAuthClient(HttpClient client, URI uri) {
this.client = client;
- this.uri = uri;
- }
+ this.uri = uri;
+ }
@Override
public Object validateTokenForServiceEndpointV2(String token,
@@ -82,15 +86,32 @@ public class HttpAuthClient implements AuthClient {
Header[] header, String serviceIds, String endpointIds)
throws ClientProtocolException {
HttpResponse response = sendGet(newUri, header, serviceIds, endpointIds);
- int code = response.getStatusLine().getStatusCode();
- if (code == 404) {
- throw new AuthException("Authorization failed for token: " + token);
- }
- if (code != 200) {
- adminToken = null;
- throw new AuthException("Failed to validate via HTTP " + code
- + " " +response.getStatusLine().getReasonPhrase());
- }
+
+ HttpEntity entity = response.getEntity();
+ int code = response.getStatusLine().getStatusCode();
+
+ InputStream instream = null;
+ try {
+ if (code == 404) {
+ instream = entity.getContent();
+ instream.close();
+ throw new AuthException("Authorization failed for token: " + token);
+ }
+ if (code != 200) {
+ adminToken = null;
+ instream = entity.getContent();
+ instream.close();
+ String reasonPhrase = response.getStatusLine().getReasonPhrase();
+
+ throw new AuthException("Failed to validate via HTTP " + code
+ + " " + reasonPhrase);
+ }
+ } catch(IOException e) {
+ throw new ClientProtocolException(
+ "IO Exception: problem closing stream ", e);
+ }
+
+
return parseResponse(response);
}
@@ -103,7 +124,7 @@ public class HttpAuthClient implements AuthClient {
try {
post.setEntity(body);
response = client.execute(post);
- int code = response.getStatusLine().getStatusCode();
+ int code = response.getStatusLine().getStatusCode();
if (!(code == 201 || code == 200 || code == 203)) {
adminToken = null;
throw new AuthException(
@@ -112,8 +133,8 @@ public class HttpAuthClient implements AuthClient {
}
} catch (IOException e) {
post.abort();
- throw new ClientProtocolException(
- "IO Exception during POST request ", e);
+ throw new ClientProtocolException(
+ "IO Exception during POST request ", e);
}
return response;
}
@@ -141,26 +162,33 @@ public class HttpAuthClient implements AuthClient {
get.setHeader(header);
}
}
- //if (!appConfig.getAdminAuthMethod().isEmpty()) {
- get.setHeader(new BasicHeader(TOKEN, "password"));//getAdminToken()));
- //}
+
+ if(!appConfig.getAdminToken().isEmpty()) {
+ get.setHeader(new BasicHeader(TOKEN, appConfig.getAdminToken()));
+ }
+ else if (!appConfig.getAdminAuthMethod().isEmpty()) {
+ get.setHeader(new BasicHeader(TOKEN, getAdminToken()));
+ }
+
try {
response = client.execute(get);
+
} catch (IOException e) {
get.abort();
- throw new ClientProtocolException(
+
+ throw new ClientProtocolException(
"IO Exception during GET request ", e);
}
- return response;
+ return response;
}
private String parseResponse(HttpResponse response) {
StringBuffer json = new StringBuffer();
- HttpEntity entity = response.getEntity();
+ HttpEntity entity = response.getEntity();
if (entity != null) {
- InputStream instream;
+ InputStream instream;
try {
- instream = entity.getContent();
+ instream = entity.getContent();
BufferedReader reader = new BufferedReader(
new InputStreamReader(instream));
@@ -169,11 +197,14 @@ public class HttpAuthClient implements AuthClient {
json.append(line);
line = reader.readLine();
}
+ instream.close();
+ reader.close();
} catch (Exception e) {
throw new AuthException("Failed to parse Http Response ", e);
}
}
- return json.toString();
+
+ return json.toString();
}
private String getAdminToken() throws ClientProtocolException {
@@ -246,16 +277,19 @@ public class HttpAuthClient implements AuthClient {
bfr.append(appConfig.getAdminUser());
bfr.append("\",\"password\": \"");
bfr.append(appConfig.getAdminPassword());
- if (appConfig.getAdminProject() != null && !appConfig.getAdminProject().isEmpty()) {
- bfr.append("\"},\"scope\": { \"project\": { \"id\": \"");
- bfr.append(appConfig.getAdminProject());
+ bfr.append("\",\"domain\": {\"id\": \"default\"");
+ bfr.append("}}}}}}");
+
+ //if (appConfig.getAdminProject() != null && !appConfig.getAdminProject().isEmpty()) {
+ /*bfr.append("\"},\"scope\": { \"domain\": { \"id\": \"");
+ bfr.append("\"default\"");//appConfig.getAdminProject());
bfr.append("\"}}}}}}");
- } else {
+ //} else {
bfr.append("\"}}}}}");
- }
+ //}
} else if (appConfig.getAdminAuthMethod().equalsIgnoreCase(ACCESSKEY)) {
bfr.append("{\"auth\": {\"identity\": {\"methods\": [\"accessKey\"], \"accessKey\": { \"accessKey\": \"");
- bfr.append(appConfig.getAdminAccessKey());
+ bfr.append(appConfig.getAdminAccessKey());
bfr.append("\", \"secretKey\": \"");
bfr.append(appConfig.getAdminSecretKey());
if (appConfig.getAdminProject() != null && !appConfig.getAdminProject().isEmpty()) {
@@ -264,7 +298,7 @@ public class HttpAuthClient implements AuthClient {
bfr.append("\"}}}}}");
} else {
bfr.append("\"}}}}");
- }
+ }*/
} else {
String msg = String.format("Admin auth method %s not supported",appConfig.getAdminAuthMethod());
throw new AuthException(msg);
@@ -287,12 +321,6 @@ public class HttpAuthClient implements AuthClient {
return tokenExpiryDate.getTime() < (current.getTime() + DELTA_TIME_IN_SEC * 1000);
}
- public void reset() {
- }
+ public void reset() { }
-@Override
- public AuthResponse validateSignature(SigAuthRequest request) {
- // TODO Auto-generated method stub
- return null;
- }
}
diff --git a/src/main/java/com/hp/csbu/cc/middleware/HttpClientPoolFactory.java b/src/main/java/com/hp/csbu/cc/middleware/HttpClientPoolFactory.java
index cae1126f7..c7e1bf212 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/HttpClientPoolFactory.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/HttpClientPoolFactory.java
@@ -55,9 +55,10 @@ public class HttpClientPoolFactory extends BasePoolableObjectFactory {
}
connMgr = new PoolingClientConnectionManager(schemeRegistry,
minEvictableIdleTimeMillis, TimeUnit.MILLISECONDS);
- connMgr.setMaxTotal(maxActive);
- connMgr.setDefaultMaxPerRoute(maxActive);
-
+
+ connMgr.setMaxTotal(maxActive);
+ connMgr.setDefaultMaxPerRoute(maxActive);
+
// Http connection timeout
HttpParams params = new BasicHttpParams();
params.setParameter(CoreConnectionPNames.SO_TIMEOUT, timeout);
@@ -70,17 +71,17 @@ public class HttpClientPoolFactory extends BasePoolableObjectFactory {
cleaner = new HttpPoolCleaner(connMgr, timeBetweenEvictionRunsMillis,
minEvictableIdleTimeMillis);
new Thread(cleaner).start();
-
+
}
@Override
public Object makeObject() throws Exception {
- return new HttpAuthClient(client, uri);
+ return new HttpAuthClient(client, uri);
}
@Override
public void passivateObject(Object obj) throws Exception {
- ((HttpAuthClient) obj).reset();
+ ((HttpAuthClient) obj).reset();
}
@Override
diff --git a/src/main/java/com/hp/csbu/cc/middleware/TokenAuth.java b/src/main/java/com/hp/csbu/cc/middleware/TokenAuth.java
index 42df220e1..046955f1e 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/TokenAuth.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/TokenAuth.java
@@ -96,15 +96,19 @@ public class TokenAuth implements Filter, AuthConstants {
logger.info("No token found...Skipping");
}
} else {
- // Retrieve from cache
- auth = FilterUtils.getCachedToken(token);
- if (auth == null) {
- // Validate credential
- AuthClient client = null;
- do {
- try {
- auth = FilterUtils.getCachedToken(token);
- client = factory.getClient();
+ // Retrieve from cache
+ //AuthClient client = null;
+ //try {
+ auth = FilterUtils.getCachedToken(token);
+ //if (auth == null) {
+
+ // Validate credential
+
+ // do {
+
+ //auth = FilterUtils.getCachedToken(token);
+ //client = factory.getClient();
+ //factory.recycle(client);
/*if (appConfig.getAuthVersion().equalsIgnoreCase("v2.0")) {
auth = client.validateTokenForServiceEndpointV2((token, appConfig.getServiceIds(),
appConfig.getEndpointIds(), appConfig.isIncludeCatalog());
@@ -113,15 +117,16 @@ public class TokenAuth implements Filter, AuthConstants {
//auth = client.validateTokenForServiceEndpointV3(token, getInputParams());
auth = new TokenCache(appConfig.getTimeToCacheToken(),getInputParams());
} */
- // Cache token
- //FilterUtils.cacheToken(token, auth);
- // Return to connection pool for re-use
-
+ // Cache token
+ //FilterUtils.cacheToken(token, auth);
+ // Return to connection pool for re-use
+ /*if(auth==null)
+ throw new TTransportException();
factory.recycle(client);
-
- logger.debug("Successful Authentication");
- break;
- }/* catch (TTransportException t) {
+ */
+ // logger.debug("Successful Authentication");
+ // break;
+ /*} catch (TTransportException t) {
if (client != null)
factory.discard(client);
if (numberOfTries < retries) {
@@ -137,36 +142,41 @@ public class TokenAuth implements Filter, AuthConstants {
handler.onException(t, resp, token);
}
return;
- } catch (ClientProtocolException c) {
- if (client != null)
+ } */ /*}catch (ClientProtocolException c) {
+ if (client != null){
+
factory.discard(client);
- if (numberOfTries < retries) {
+ /*if (numberOfTries < retries) {
FilterUtils.pause(pauseTime);
logger.debug("Retrying connection after "
+ pauseTime + " seconds.");
numberOfTries++;
continue;
-
- } else {
+ */
+ //return;
+ /*} else {
TokenExceptionHandler handler = TokenExceptionHandler
.valueOf("ClientProtocolException");
handler.onException(c, resp, token);
- }
- return;
- }*/catch (Exception ex) {
+ } */
+ //return;
+ //}
+
+ /* }catch (Exception ex) {
if (client != null)
factory.recycle(client);
TokenExceptionHandler handler = ExceptionHandlerUtil
.lookUpTokenException(ex);
handler.onException(ex, resp, token);
return;
- }
- } while (numberOfTries <= retries);
- } else {
+ }*/
+ //} while (numberOfTries <= retries);
+ /*} else {
// Got a cached token!
logger.debug("Got cached token: " + token);
}
- }
+ }*/
+ }
req = FilterUtils.wrapRequest(req, auth);
logger.debug("TokenAuth: Forwarding down stream to next filter/servlet");
// Forward downstream...
diff --git a/src/main/java/com/hp/csbu/cc/middleware/TokenCache.java b/src/main/java/com/hp/csbu/cc/middleware/TokenCache.java
index 38d0a7b6f..b1398103b 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/TokenCache.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/TokenCache.java
@@ -1,15 +1,17 @@
package com.hp.csbu.cc.middleware;
-import com.google.common.cache.*;
-import org.apache.http.client.ClientProtocolException;
-import org.apache.thrift.TException;
-import org.apache.thrift.transport.TTransportException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+ import com.google.common.cache.*;
+ //import com.hp.csbu.cc.security.cs.thrift.service.ResourceException;
+ import org.apache.http.client.ClientProtocolException;
+ import org.apache.thrift.TException;
+ import org.apache.thrift.transport.TTransportException;
+ import org.slf4j.Logger;
+ import org.slf4j.LoggerFactory;
-import java.util.Map;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.TimeUnit;
+ import java.io.IOException;
+ import java.util.Map;
+ import java.util.concurrent.ExecutionException;
+ import java.util.concurrent.TimeUnit;
public class TokenCache {
@@ -29,37 +31,46 @@ public class TokenCache {
cache = CacheBuilder.newBuilder().maximumSize(10000)
.expireAfterWrite(timeToExpire, TimeUnit.SECONDS)
.build(new CacheLoader() {
- public V load(K key) throws TException,ClientProtocolException {
- //return (V) client.validateTokenForServiceEndpointV3((String)key,map);
+ public V load(K key) throws TException,ClientProtocolException {//,ResourceException {
+
V value = null;
- //AuthClient client = null;
+ AuthClient client = null;
+
try {
client = factory.getClient();
if (appConfig.getAuthVersion().equals("v2.0")) {
-
value = (V) client.validateTokenForServiceEndpointV2((String) key, appConfig.getServiceIds(),
appConfig.getEndpointIds(), appConfig.isIncludeCatalog());
} else {
value = (V) client.validateTokenForServiceEndpointV3((String) key, map);
}
- }catch(Exception e) {
- //factory.discard(client);
- factory.recycle(client);
- throw e;
+ }/*catch(TTransportException t) {
+ if(client!=null)
+ factory.discard(client);
}
+ catch(ClientProtocolException c) {
+ if(client!=null) {
+ factory.discard(client);
+ }
+ } */
+ finally {
+ if(client!=null)
+ factory.recycle(client);
+ }
+
return value;
}
});
}
- public V getToken(K key) {
+ public V getToken(K key) throws IOException {
V value = null;
try {
- value = cache.get(key);
+ value = cache.get(key);
} catch (ExecutionException e) {
- logger.debug("Problem retrieving key from cache: " + e.getStackTrace());
- factory.recycle(client);
+ logger.error("Problem retrieving key from cache: " + e.getStackTrace());
+ throw new ClientProtocolException("Problem retrieving key from cache"+e.getStackTrace());
}
return value;
}
diff --git a/src/main/java/com/hp/csbu/cc/middleware/TokenExceptionHandler.java b/src/main/java/com/hp/csbu/cc/middleware/TokenExceptionHandler.java
index 5350f8e83..f02056c32 100644
--- a/src/main/java/com/hp/csbu/cc/middleware/TokenExceptionHandler.java
+++ b/src/main/java/com/hp/csbu/cc/middleware/TokenExceptionHandler.java
@@ -10,7 +10,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.thrift.TException;
-import com.hp.csbu.cc.security.cs.thrift.service.ResourceException;
+//import com.hp.csbu.cc.security.cs.thrift.service.ResourceException;
public enum TokenExceptionHandler {
@@ -61,7 +61,7 @@ public enum TokenExceptionHandler {
+ ie.getMessage() + " " + ie);
}
}
- },
+ }/*,
ResourceException {
@Override
public void onException(Exception e, ServletResponse resp, String token) {
@@ -81,7 +81,7 @@ public enum TokenExceptionHandler {
+ ie.getMessage() + " " + ie);
}
}
- },
+ }, */,
AuthException {
@Override
public void onException(Exception e, ServletResponse resp, String token) {
diff --git a/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/AuthResponse.java b/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/AuthResponse.java.txt
similarity index 100%
rename from src/main/java/com/hp/csbu/cc/security/cs/thrift/service/AuthResponse.java
rename to src/main/java/com/hp/csbu/cc/security/cs/thrift/service/AuthResponse.java.txt
diff --git a/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/ResourceException.java b/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/ResourceException.java.txt
similarity index 100%
rename from src/main/java/com/hp/csbu/cc/security/cs/thrift/service/ResourceException.java
rename to src/main/java/com/hp/csbu/cc/security/cs/thrift/service/ResourceException.java.txt
diff --git a/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Role.java b/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Role.java.txt
similarity index 100%
rename from src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Role.java
rename to src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Role.java.txt
diff --git a/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SigAuthRequest.java b/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SigAuthRequest.java.txt
similarity index 100%
rename from src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SigAuthRequest.java
rename to src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SigAuthRequest.java.txt
diff --git a/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SignatureCredentials.java b/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SignatureCredentials.java.txt
similarity index 100%
rename from src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SignatureCredentials.java
rename to src/main/java/com/hp/csbu/cc/security/cs/thrift/service/SignatureCredentials.java.txt
diff --git a/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Token.java b/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Token.java.txt
similarity index 100%
rename from src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Token.java
rename to src/main/java/com/hp/csbu/cc/security/cs/thrift/service/Token.java.txt
diff --git a/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/User.java b/src/main/java/com/hp/csbu/cc/security/cs/thrift/service/User.java.txt
similarity index 100%
rename from src/main/java/com/hp/csbu/cc/security/cs/thrift/service/User.java
rename to src/main/java/com/hp/csbu/cc/security/cs/thrift/service/User.java.txt
diff --git a/src/main/java/com/hpcloud/mon/MonApiApplication.java b/src/main/java/com/hpcloud/mon/MonApiApplication.java
index 65105b9eb..aa685b273 100644
--- a/src/main/java/com/hpcloud/mon/MonApiApplication.java
+++ b/src/main/java/com/hpcloud/mon/MonApiApplication.java
@@ -121,12 +121,10 @@ public class MonApiApplication extends Application {
authInitParams.put("ConnRetryTimes", config.middleware.connRetryTimes);
authInitParams.put("ConnRetryInterval", config.middleware.connRetryInterval);
authInitParams.put("AdminToken", config.middleware.adminToken);
- authInitParams.put("ExpireCacheToken", config.middleware.timeToCacheToken);
- /* authInitParams.put("AdminAuthMethod", config.middleware.adminToken);
- authInitParams.put("AdminUser", "admin");
- authInitParams.put("AdminPassword", "password");*/
-
-
+ authInitParams.put("TimeToCacheToken", config.middleware.timeToCacheToken);
+ authInitParams.put("AdminAuthMethod", config.middleware.adminAuthMethod);
+ authInitParams.put("AdminUser", config.middleware.adminUser);
+ authInitParams.put("AdminPassword", config.middleware.adminPassword);
Dynamic tokenAuthFilter = environment.servlets().addFilter("token-auth", new TokenAuth());
tokenAuthFilter.addMappingForUrlPatterns(null, true, "/");
diff --git a/src/main/java/com/hpcloud/mon/infrastructure/middleware/MiddlewareConfiguration.java b/src/main/java/com/hpcloud/mon/infrastructure/middleware/MiddlewareConfiguration.java
index ea9c12ed5..6306da431 100644
--- a/src/main/java/com/hpcloud/mon/infrastructure/middleware/MiddlewareConfiguration.java
+++ b/src/main/java/com/hpcloud/mon/infrastructure/middleware/MiddlewareConfiguration.java
@@ -45,7 +45,11 @@ public class MiddlewareConfiguration {
@NotEmpty @JsonProperty public String connPoolMinIdleTime;
@NotEmpty @JsonProperty public String connRetryTimes;
@NotEmpty @JsonProperty public String connRetryInterval;
- @NotEmpty @JsonProperty public String adminToken;
@NotNull @JsonProperty public List rolesToMatch;
@JsonProperty public String timeToCacheToken;
+ @JsonProperty public String adminAuthMethod;
+ @JsonProperty public String adminUser;
+ @NotEmpty @JsonProperty public String adminToken;
+ @JsonProperty public String adminPassword;
+ @JsonProperty public String adminUserAccess;
}