Beispiel #1
0
  private void restLdapHealth(final PwmRequest pwmRequest, final ConfigGuideBean configGuideBean)
      throws IOException, PwmUnrecoverableException {
    final Configuration tempConfiguration =
        new Configuration(configGuideBean.getStoredConfiguration());
    final PwmApplication tempApplication =
        new PwmApplication.PwmEnvironment(
                tempConfiguration, pwmRequest.getPwmApplication().getApplicationPath())
            .setApplicationMode(PwmApplication.MODE.NEW)
            .setInternalRuntimeInstance(true)
            .setWebInfPath(pwmRequest.getPwmApplication().getWebInfPath())
            .createPwmApplication();
    final LDAPStatusChecker ldapStatusChecker = new LDAPStatusChecker();
    final List<HealthRecord> records = new ArrayList<>();
    final LdapProfile ldapProfile = tempConfiguration.getDefaultLdapProfile();
    switch (configGuideBean.getStep()) {
      case LDAP_SERVER:
        {
          try {
            checkLdapServer(configGuideBean);
            records.add(password.pwm.health.HealthRecord.forMessage(HealthMessage.LDAP_OK));
          } catch (Exception e) {
            records.add(
                new HealthRecord(
                    HealthStatus.WARN,
                    HealthTopic.LDAP,
                    "Can not connect to remote server: " + e.getMessage()));
          }
        }
        break;

      case LDAP_ADMIN:
        {
          records.addAll(
              ldapStatusChecker.checkBasicLdapConnectivity(
                  tempApplication, tempConfiguration, ldapProfile, false));
          if (records.isEmpty()) {
            records.add(password.pwm.health.HealthRecord.forMessage(HealthMessage.LDAP_OK));
          }
        }
        break;

      case LDAP_CONTEXT:
        {
          records.addAll(
              ldapStatusChecker.checkBasicLdapConnectivity(
                  tempApplication, tempConfiguration, ldapProfile, true));
          if (records.isEmpty()) {
            records.add(
                new HealthRecord(
                    HealthStatus.GOOD, HealthTopic.LDAP, "LDAP Contextless Login Root validated"));
          }
          try {
            final UserMatchViewerFunction userMatchViewerFunction = new UserMatchViewerFunction();
            final Collection<UserIdentity> results =
                userMatchViewerFunction.discoverMatchingUsers(
                    pwmRequest.getPwmApplication(),
                    2,
                    configGuideBean.getStoredConfiguration(),
                    PwmSetting.QUERY_MATCH_PWM_ADMIN,
                    null);

            if (results.isEmpty()) {
              records.add(
                  new HealthRecord(HealthStatus.WARN, HealthTopic.LDAP, "No matching admin users"));
            } else {
              records.add(
                  new HealthRecord(HealthStatus.GOOD, HealthTopic.LDAP, "Admin group validated"));
            }
          } catch (PwmException e) {
            records.add(
                new HealthRecord(
                    HealthStatus.WARN,
                    HealthTopic.LDAP,
                    "Error during admin group validation: "
                        + e.getErrorInformation().toDebugStr()));
          } catch (Exception e) {
            records.add(
                new HealthRecord(
                    HealthStatus.WARN,
                    HealthTopic.LDAP,
                    "Error during admin group validation: " + e.getMessage()));
          }
        }
        break;

      case LDAP_TESTUSER:
        {
          final String testUserValue = configGuideBean.getFormData().get(PARAM_LDAP_TEST_USER);
          if (testUserValue != null && !testUserValue.isEmpty()) {
            records.addAll(
                ldapStatusChecker.checkBasicLdapConnectivity(
                    tempApplication, tempConfiguration, ldapProfile, false));
            records.addAll(
                ldapStatusChecker.doLdapTestUserCheck(
                    tempConfiguration, ldapProfile, tempApplication));
          } else {
            records.add(
                new HealthRecord(HealthStatus.CAUTION, HealthTopic.LDAP, "No test user specified"));
          }
        }
        break;
    }

    HealthData jsonOutput = new HealthData();
    jsonOutput.records =
        password.pwm.ws.server.rest.bean.HealthRecord.fromHealthRecords(
            records, pwmRequest.getLocale(), tempConfiguration);
    jsonOutput.timestamp = new Date();
    jsonOutput.overall = HealthMonitor.getMostSevereHealthStatus(records).toString();
    final RestResultBean restResultBean = new RestResultBean();
    restResultBean.setData(jsonOutput);
    pwmRequest.outputJsonResult(restResultBean);
  }
 public static LoadBalancer generateLoadBalancer() {
   LoadBalancer loadBalancer = new LoadBalancer();
   loadBalancer.setPort(port);
   Set<AccessList> accessLists = new HashSet<AccessList>();
   AccessList item = new AccessList();
   item.setUserName(username);
   item.setId(id);
   item.setIpAddress(ipv42);
   item.setType(AccessListType.DENY);
   item.setLoadbalancer(loadBalancer);
   accessLists.add(item);
   loadBalancer.setAccessLists(accessLists);
   loadBalancer.setAccountId(accountId);
   loadBalancer.setAlgorithm(LoadBalancerAlgorithm.ROUND_ROBIN);
   ConnectionLimit limit = new ConnectionLimit();
   limit.setId(id);
   limit.setUserName(username);
   limit.setLoadBalancer(loadBalancer);
   limit.setMaxConnectionRate(maxConnectRate);
   limit.setMaxConnections(maxConnections);
   limit.setMinConnections(minConnections);
   limit.setRateInterval(rateInterval);
   loadBalancer.setConnectionLimit(limit);
   loadBalancer.setConnectionLogging(active);
   loadBalancer.setContentCaching(active);
   loadBalancer.setCreated(Calendar.getInstance());
   loadBalancer.setUpdated(Calendar.getInstance());
   loadBalancer.setHalfClosed(active);
   HealthMonitor monitor = new HealthMonitor();
   monitor.setUserName(username);
   monitor.setId(id);
   monitor.setAttemptsBeforeDeactivation(numAttempts);
   monitor.setBodyRegex(regex);
   monitor.setDelay(delay);
   monitor.setHostHeader(header);
   monitor.setLoadbalancer(loadBalancer);
   monitor.setStatusRegex(regex);
   monitor.setPath(path);
   monitor.setTimeout(timeout);
   monitor.setType(HealthMonitorType.CONNECT);
   loadBalancer.setHealthMonitor(monitor);
   loadBalancer.setHost(new Host());
   loadBalancer.setName(name);
   Set<Node> nodes = new HashSet<Node>();
   Node node = new Node();
   node.setId(id);
   node.setPort(port);
   node.setLoadbalancer(loadBalancer);
   node.setCondition(NodeCondition.ENABLED);
   node.setIpAddress(ipv43);
   List<NodeMeta> nodeMetadata = new ArrayList<NodeMeta>();
   NodeMeta nodeMeta = new NodeMeta();
   nodeMeta.setKey(metaKey);
   nodeMeta.setNode(node);
   nodeMeta.setValue(metaValue);
   nodeMeta.setId(id);
   nodeMeta.setUserName(username);
   nodeMetadata.add(nodeMeta);
   node.setNodeMetadata(nodeMetadata);
   node.setStatus(NodeStatus.ONLINE);
   node.setType(NodeType.PRIMARY);
   node.setWeight(weight);
   nodes.add(node);
   node = new Node();
   node.setId(id + 1);
   node.setPort(port);
   node.setLoadbalancer(loadBalancer);
   node.setCondition(NodeCondition.ENABLED);
   node.setIpAddress(ipv44);
   nodeMetadata = new ArrayList<NodeMeta>();
   nodeMeta = new NodeMeta();
   nodeMeta.setKey(metaKey);
   nodeMeta.setNode(node);
   nodeMeta.setValue(metaValue);
   nodeMeta.setId(id + 1);
   nodeMeta.setUserName(username);
   nodeMetadata.add(nodeMeta);
   node.setNodeMetadata(nodeMetadata);
   node.setStatus(NodeStatus.ONLINE);
   node.setType(NodeType.PRIMARY);
   node.setWeight(weight);
   nodes.add(node);
   loadBalancer.setNodes(nodes);
   Set<LoadbalancerMeta> lbMetadata = new HashSet<LoadbalancerMeta>();
   LoadbalancerMeta lbMeta = new LoadbalancerMeta();
   lbMeta.setUserName(username);
   lbMeta.setId(id);
   lbMeta.setKey(metaKey);
   lbMeta.setValue(metaValue);
   lbMeta.setLoadbalancer(loadBalancer);
   lbMetadata.add(lbMeta);
   loadBalancer.setLoadbalancerMetadata(lbMetadata);
   loadBalancer.setProtocol(LoadBalancerProtocol.HTTP);
   RateLimit limits = new RateLimit();
   limits.setLoadbalancer(loadBalancer);
   limits.setId(id);
   limits.setUserName(username);
   limits.setExpirationTime(Calendar.getInstance());
   limits.setMaxRequestsPerSecond(maxRequests);
   Ticket ticket = new Ticket();
   ticket.setUserName(username);
   ticket.setId(id);
   ticket.setLoadbalancer(loadBalancer);
   ticket.setComment(comment);
   ticket.setTicketId(ticketId);
   limits.setTicket(ticket);
   loadBalancer.setRateLimit(limits);
   loadBalancer.setSessionPersistence(SessionPersistence.HTTP_COOKIE);
   SslTermination termination = new SslTermination();
   termination.setId(id);
   termination.setEnabled(active);
   termination.setUserName(username);
   termination.setSecurePort(securePort);
   termination.setCertificate(cert);
   termination.setPrivatekey(key);
   termination.setSecureTrafficOnly(inactive);
   termination.setLoadbalancer(loadBalancer);
   loadBalancer.setSslTermination(termination);
   loadBalancer.setStatus(LoadBalancerStatus.ACTIVE);
   loadBalancer.setSticky(inactive);
   Suspension suspension = new Suspension();
   suspension.setUserName(username);
   suspension.setId(id);
   suspension.setLoadbalancer(loadBalancer);
   suspension.setUser(user);
   suspension.setReason(reason);
   suspension.setTicket(ticket);
   loadBalancer.setSuspension(suspension);
   Set<Ticket> tickets = new HashSet<Ticket>();
   tickets.add(ticket);
   loadBalancer.setTickets(tickets);
   loadBalancer.setTimeout(timeout);
   UserPages pages = new UserPages();
   pages.setLoadbalancer(loadBalancer);
   pages.setId(id);
   pages.setUserName(username);
   pages.setErrorpage(errorPage);
   loadBalancer.setUserPages(pages);
   loadBalancer.setId(id);
   loadBalancer.setUserName(username);
   Set<LoadBalancerJoinVip> vipList = spy(new HashSet<LoadBalancerJoinVip>());
   VirtualIp vip = new VirtualIp();
   vip.setId(1234);
   vip.setIpAddress("10.69.0.60");
   LoadBalancerJoinVip loadBalancerJoinVip = new LoadBalancerJoinVip();
   loadBalancerJoinVip.setVirtualIp(vip);
   vipList.add(loadBalancerJoinVip);
   loadBalancer.setLoadBalancerJoinVipSet(vipList);
   return loadBalancer;
 }