aboutsummaryrefslogtreecommitdiffstats
path: root/upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/ODLJndiLdapRealmAuthNOnly.java
diff options
context:
space:
mode:
Diffstat (limited to 'upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/ODLJndiLdapRealmAuthNOnly.java')
-rw-r--r--upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/ODLJndiLdapRealmAuthNOnly.java102
1 files changed, 0 insertions, 102 deletions
diff --git a/upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/ODLJndiLdapRealmAuthNOnly.java b/upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/ODLJndiLdapRealmAuthNOnly.java
deleted file mode 100644
index 978266c5..00000000
--- a/upstream/odl-aaa-moon/aaa/aaa-shiro/src/main/java/org/opendaylight/aaa/shiro/realm/ODLJndiLdapRealmAuthNOnly.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
- * Copyright (c) 2016 Brocade Communications Systems, Inc. and others. All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-package org.opendaylight.aaa.shiro.realm;
-
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.authc.AuthenticationInfo;
-import org.apache.shiro.authc.AuthenticationToken;
-import org.apache.shiro.realm.ldap.JndiLdapRealm;
-import org.opendaylight.aaa.shiro.accounting.Accounter;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Wrapper class for <code>org.apache.shiro.realm.ldap.JndiLdapRealm</code>.
- * This implementation disables Authorization so any LDAP user is able to access
- * server resources. This is particularly useful for quickly prototyping ODL
- * without worrying about resolving LDAP attributes (groups) to OpenDaylight
- * roles.
- *
- * The motivation for subclassing Shiro's implementation is two-fold: 1) Enhance
- * the default logging of Shiro. This allows us to more easily log incoming
- * connections, providing some security auditing. 2) Provide a common package in
- * the classpath for ODL supported Realm implementations (i.e.,
- * <code>org.opendaylight.aaa.shiro.realm</code>), which consolidates the number
- * of <code>Import-Package</code> statements consumers need to enumerate. For
- * example, the netconf project only needs to import
- * <code>org.opendaylight.aaa.shiro.realm</code>, and does not need to worry
- * about importing Shiro packages.
- *
- * @author Ryan Goulding (ryandgoulding@gmail.com)
- *
- */
-public class ODLJndiLdapRealmAuthNOnly extends JndiLdapRealm {
-
- private static final Logger LOG = LoggerFactory.getLogger(ODLJndiLdapRealmAuthNOnly.class);
-
- private static final String LDAP_CONNECTION_MESSAGE = "AAA LDAP connection from ";
-
- /*
- * Adds debugging information surrounding creation of ODLJndiLdapRealm
- */
- public ODLJndiLdapRealmAuthNOnly() {
- super();
- LOG.debug("Creating ODLJndiLdapRealmAuthNOnly");
- }
-
- /*
- * (non-Javadoc) Overridden to expose important audit trail information for
- * accounting.
- *
- * @see
- * org.apache.shiro.realm.ldap.JndiLdapRealm#doGetAuthenticationInfo(org
- * .apache.shiro.authc.AuthenticationToken)
- */
- @Override
- protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
- throws AuthenticationException {
-
- try {
- final String username = getUsername(token);
- logIncomingConnection(username);
- return super.doGetAuthenticationInfo(token);
- } catch (ClassCastException e) {
- LOG.info("Couldn't service the LDAP connection", e);
- }
- return null;
- }
-
- /**
- * Logs an incoming LDAP connection
- *
- * @param username
- * the requesting user
- */
- protected void logIncomingConnection(final String username) {
- final String message = LDAP_CONNECTION_MESSAGE + username;
- LOG.info(message);
- Accounter.output(message);
- }
-
- /**
- * Extracts the username from <code>token</code>
- *
- * @param token Which possibly contains a username
- * @return the username if it can be extracted
- * @throws ClassCastException
- * The incoming token is not username/password (i.e., X.509
- * certificate)
- */
- public static String getUsername(AuthenticationToken token) throws ClassCastException {
- if (null == token) {
- return null;
- }
- return (String) token.getPrincipal();
- }
-}