CFID-85: add auth counters to /varz

Change-Id: If7c2b2443683a54d3586de0fa77820a356fe441d

uaa/src/main/java/org/cloudfoundry/identity/uaa/audit/JdbcAuditService.java

@@ -18,8 +18,6 @@
 import javax.sql.DataSource;
 
 import org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails;
-import org.cloudfoundry.identity.uaa.scim.DefaultPasswordValidator;
-import org.cloudfoundry.identity.uaa.scim.PasswordValidator;
 import org.cloudfoundry.identity.uaa.user.UaaUser;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.crypto.codec.Base64;
@@ -31,8 +29,8 @@
  * @author Luke Taylor
  */
 public class JdbcAuditService implements UaaAuditService {
+
 	private final JdbcTemplate template;
-	private PasswordValidator passwordValidator = new DefaultPasswordValidator();
 
 	public JdbcAuditService(DataSource dataSource) {
 		this.template = new JdbcTemplate(dataSource);

uaa/src/main/java/org/cloudfoundry/identity/uaa/audit/LoggingAuditService.java

@@ -12,50 +12,63 @@
  */
 package org.cloudfoundry.identity.uaa.audit;
 
+import java.util.concurrent.atomic.AtomicInteger;
+
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails;
 import org.cloudfoundry.identity.uaa.user.UaaUser;
+import org.springframework.jmx.export.annotation.ManagedMetric;
+import org.springframework.jmx.export.annotation.ManagedResource;
+import org.springframework.jmx.support.MetricType;
 
 /**
  * Audit service implementation which just outputs the relevant
  * information through the logger.
  *
  * @author Luke Taylor
+ * @author Dave Syer
  */
+@ManagedResource
 public class LoggingAuditService implements UaaAuditService {
 	private final Log logger = LogFactory.getLog("UAA Audit Logger");
+	private AtomicInteger authenticationCount = new AtomicInteger();
+	private AtomicInteger authenticationFailureCount = new AtomicInteger();
+	private AtomicInteger userNotFoundeCount = new AtomicInteger();
+
+	@ManagedMetric(metricType = MetricType.COUNTER, displayName = "User Not Found Count")
+	public int getUserNotFoundCount() {
+		return userNotFoundeCount.get();
+	}
+
+	@ManagedMetric(metricType = MetricType.COUNTER, displayName = "Successful Authentication Count")
+	public int getAuthenticationCount() {
+		return authenticationCount.get();
+	}
+
+	@ManagedMetric(metricType = MetricType.COUNTER, displayName = "Authentication Failure Count")
+	public int getAuthenticationFailureCount() {
+		return authenticationFailureCount.get();
+	}
 
 	@Override
 	public void userAuthenticationSuccess(UaaUser user, UaaAuthenticationDetails details) {
+		authenticationCount.incrementAndGet();
 		log("User authenticated: " + user.getId() + ", " + user.getUsername());
 	}
 
 	@Override
 	public void userAuthenticationFailure(UaaUser user, UaaAuthenticationDetails details) {
+		authenticationFailureCount.incrementAndGet();
 		log("Authentication failed, user: " + user.getId() + ", " + user.getUsername());
 	}
 
 	@Override
 	public void userNotFound(String name, UaaAuthenticationDetails details) {
+		userNotFoundeCount.incrementAndGet();
 		log("Attempt to login as non-existent user: " + name);
 	}
 
-//	@Override
-//	public void principalAuthenticationSuccess(String name) {
-//		log("Principal authenticated: " + name);
-//	}
-//
-//	@Override
-//	public void principalAuthenticationFailure(String name) {
-//		log("Authentication failed, principal: " + name);
-//	}
-//
-//	@Override
-//	public void principalNotFound(String name) {
-//		log("Attempt to login as non-existent principal: " + name);
-//	}
-
 	private void log(String msg) {
 		StringBuilder output = new StringBuilder(256);
   		output.append("\n\n************************************************************\n\n");

uaa/src/main/java/org/cloudfoundry/identity/uaa/authentication/LegacyAuthenticationManager.java

@@ -27,9 +27,7 @@
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.MediaType;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.util.StringUtils;

uaa/src/main/java/org/cloudfoundry/identity/uaa/authentication/LegacyTokenServices.java

@@ -12,10 +12,6 @@
  */
 package org.cloudfoundry.identity.uaa.authentication;
 
-import java.util.HashMap;
-import java.util.Map;
-
-import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;

uaa/src/main/java/org/cloudfoundry/identity/uaa/varz/VarzEndpoint.java

@@ -36,6 +36,7 @@ public void setServer(MBeanServer server) {
 		Map<String, Object> result = new LinkedHashMap<String, Object>(statix);
 		result.putAll(getMBeans("java.lang:*"));
 		result.putAll(getMBeans("Catalina:type=GlobalRequestProcessor,*"));
+		result.putAll(getMBeans("spring.application:*"));
 		return result;
 	}
 

uaa/src/main/webapp/WEB-INF/spring-servlet.xml

@@ -12,7 +12,8 @@
 
 	<import resource="spring-scim.xml" />
 
-	<context:property-placeholder properties-ref="applicationProperties" system-properties-mode="OVERRIDE" />
+	<context:property-placeholder properties-ref="applicationProperties"
+		system-properties-mode="OVERRIDE" />
 
 	<bean id="applicationPropertiesParent" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
 		<property name="propertiesArray">
@@ -28,11 +29,16 @@
 		</property>
 	</bean>
 
-	<bean id="applicationProperties" parent="applicationPropertiesParent"/>
+	<bean id="applicationProperties" parent="applicationPropertiesParent" />
 
 	<sec:debug />
 
-	<bean class="org.cloudfoundry.identity.uaa.event.AuditListener" />
+	<bean class="org.cloudfoundry.identity.uaa.event.AuditListener">
+		<constructor-arg ref="loggingAuditService"/>
+	</bean>
+
+	<!-- Keep this as a top-level bean to ensure it is exposed as a @ManagedResource -->
+	<bean id="loggingAuditService" class="org.cloudfoundry.identity.uaa.audit.LoggingAuditService" />
 
 	<sec:http pattern="/resources/**" security="none" />
 	<sec:http pattern="/favicon.ico" security="none" />
@@ -88,7 +94,7 @@
 	</http>
 
 	<http pattern="/oauth/token" create-session="never" authentication-manager-ref="clientAuthenticationManager"
-		xmlns="http://www.springframework.org/schema/security" >
+		xmlns="http://www.springframework.org/schema/security">
 		<intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />
 		<anonymous enabled="false" />
 		<http-basic />
@@ -117,11 +123,11 @@
 
 	<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
 		<authentication-provider user-service-ref="clientDetailsUserService">
-			<password-encoder ref="bcryptPasswordEncoder"/>
+			<password-encoder ref="bcryptPasswordEncoder" />
 		</authentication-provider>
 	</authentication-manager>
-	
-	<bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
+
+	<bean id="bcryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
 
 	<authentication-manager id="emptyAuthenticationMgr" xmlns="http://www.springframework.org/schema/security" />
 
@@ -131,7 +137,7 @@
 		<constructor-arg ref="clientDetails" />
 	</bean>
 
-	<oauth:authorization-server client-details-service-ref="clientDetails" token-services-ref="tokenServices" >
+	<oauth:authorization-server client-details-service-ref="clientDetails" token-services-ref="tokenServices">
 		<oauth:authorization-code />
 		<oauth:implicit />
 		<oauth:refresh-token />
@@ -180,6 +186,8 @@
 
 	<context:mbean-server id="mbeanServer" />
 
+	<context:mbean-export server="mbeanServer" default-domain="spring.application" />
+
 	<!--Basic application beans. -->
 	<bean id="varzEndpoint" class="org.cloudfoundry.identity.uaa.varz.VarzEndpoint">
 		<property name="server" ref="mbeanServer" />
@@ -282,10 +290,10 @@
 
 	<beans profile="legacy">
 
-		<bean id="userDatabase" class="org.cloudfoundry.identity.uaa.authentication.LegacyUaaUserDatabase"/>
+		<bean id="userDatabase" class="org.cloudfoundry.identity.uaa.authentication.LegacyUaaUserDatabase" />
 
-		<bean id="authzAuthenticationMgr" class="org.cloudfoundry.identity.uaa.authentication.LegacyAuthenticationManager" >
-			<property name="cloudControllerUrl" value="${cloud.controller.url:http://api.cloudfoundry.com/users/{username}/tokens}"/>
+		<bean id="authzAuthenticationMgr" class="org.cloudfoundry.identity.uaa.authentication.LegacyAuthenticationManager">
+			<property name="cloudControllerUrl" value="${cloud.controller.url:http://api.cloudfoundry.com/users/{username}/tokens}" />
 		</bean>
 
 		<bean id="tokenServices" class="org.cloudfoundry.identity.uaa.authentication.LegacyTokenServices">