public UserCacheRecord next() { try { UserCacheRecord returnBean = null; while (returnBean == null && this.storageKeyIterator.hasNext()) { UserCacheService.StorageKey key = this.storageKeyIterator.next(); returnBean = userCacheService.readStorageKey(key); if (returnBean != null) { if (returnBean.getCacheTimestamp() == null) { LOGGER.debug( PwmConstants.REPORTING_SESSION_LABEL, "purging record due to missing cache timestamp: " + JsonUtil.serialize(returnBean)); userCacheService.removeStorageKey(key); } else if (TimeDuration.fromCurrent(returnBean.getCacheTimestamp()) .isLongerThan(settings.getMaxCacheAge())) { LOGGER.debug( PwmConstants.REPORTING_SESSION_LABEL, "purging record due to old age timestamp: " + JsonUtil.serialize(returnBean)); userCacheService.removeStorageKey(key); } else { return returnBean; } } } } catch (LocalDBException e) { throw new IllegalStateException( "unexpected iterator traversal error while reading LocalDB: " + e.getMessage()); } return null; }
private static List<UserIdentity> readAllUsersFromLdap( final PwmApplication pwmApplication, final String searchFilter, final int maxResults) throws ChaiUnavailableException, ChaiOperationException, PwmUnrecoverableException, PwmOperationalException { final UserSearchEngine userSearchEngine = new UserSearchEngine(pwmApplication, null); final UserSearchEngine.SearchConfiguration searchConfiguration = new UserSearchEngine.SearchConfiguration(); searchConfiguration.setEnableValueEscaping(false); searchConfiguration.setSearchTimeout( Long.parseLong( pwmApplication.getConfig().readAppProperty(AppProperty.REPORTING_LDAP_SEARCH_TIMEOUT))); if (searchFilter == null) { searchConfiguration.setUsername("*"); } else { searchConfiguration.setFilter(searchFilter); } LOGGER.debug( PwmConstants.REPORTING_SESSION_LABEL, "beginning UserReportService user search using parameters: " + (JsonUtil.serialize(searchConfiguration))); final Map<UserIdentity, Map<String, String>> searchResults = userSearchEngine.performMultiUserSearch( searchConfiguration, maxResults, Collections.<String>emptyList()); LOGGER.debug( PwmConstants.REPORTING_SESSION_LABEL, "user search found " + searchResults.size() + " users for reporting"); final List<UserIdentity> returnList = new ArrayList<>(searchResults.keySet()); Collections.shuffle(returnList); return returnList; }
private void restBrowseLdap(final PwmRequest pwmRequest, final ConfigGuideBean configGuideBean) throws IOException, ServletException, PwmUnrecoverableException { final StoredConfigurationImpl storedConfiguration = StoredConfigurationImpl.copy(configGuideBean.getStoredConfiguration()); if (configGuideBean.getStep() == STEP.LDAP_ADMIN) { storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_DN, LDAP_PROFILE_KEY, null); storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_PASSWORD, LDAP_PROFILE_KEY, null); } final Date startTime = new Date(); final Map<String, String> inputMap = pwmRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation); final String profile = inputMap.get("profile"); final String dn = inputMap.containsKey("dn") ? inputMap.get("dn") : ""; final LdapBrowser ldapBrowser = new LdapBrowser(storedConfiguration); final LdapBrowser.LdapBrowseResult result = ldapBrowser.doBrowse(profile, dn); ldapBrowser.close(); LOGGER.trace( pwmRequest, "performed ldapBrowse operation in " + TimeDuration.fromCurrent(startTime).asCompactString() + ", result=" + JsonUtil.serialize(result)); pwmRequest.outputJsonResult(new RestResultBean(result)); }
private void updateCacheFromLdap() throws ChaiUnavailableException, ChaiOperationException, PwmOperationalException, PwmUnrecoverableException { LOGGER.debug( PwmConstants.REPORTING_SESSION_LABEL, "beginning process to updating user cache records from ldap"); if (status != STATUS.OPEN) { return; } cancelFlag = false; reportStatus = new ReportStatusInfo(settings.getSettingsHash()); reportStatus.setInProgress(true); reportStatus.setStartDate(new Date()); try { final Queue<UserIdentity> allUsers = new LinkedList<>(getListOfUsers()); reportStatus.setTotal(allUsers.size()); while (status == STATUS.OPEN && !allUsers.isEmpty() && !cancelFlag) { final Date startUpdateTime = new Date(); final UserIdentity userIdentity = allUsers.poll(); try { if (updateCachedRecordFromLdap(userIdentity)) { reportStatus.setUpdated(reportStatus.getUpdated() + 1); } } catch (Exception e) { String errorMsg = "error while updating report cache for " + userIdentity.toString() + ", cause: "; errorMsg += e instanceof PwmException ? ((PwmException) e).getErrorInformation().toDebugStr() : e.getMessage(); final ErrorInformation errorInformation; errorInformation = new ErrorInformation(PwmError.ERROR_REPORTING_ERROR, errorMsg); LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, errorInformation.toDebugStr()); reportStatus.setLastError(errorInformation); reportStatus.setErrors(reportStatus.getErrors() + 1); } reportStatus.setCount(reportStatus.getCount() + 1); reportStatus.getEventRateMeter().markEvents(1); final TimeDuration totalUpdateTime = TimeDuration.fromCurrent(startUpdateTime); if (settings.isAutoCalcRest()) { avgTracker.addSample(totalUpdateTime.getTotalMilliseconds()); Helper.pause(avgTracker.avgAsLong()); } else { Helper.pause(settings.getRestTime().getTotalMilliseconds()); } } if (cancelFlag) { reportStatus.setLastError( new ErrorInformation( PwmError.ERROR_SERVICE_NOT_AVAILABLE, "report cancelled by operator")); } } finally { reportStatus.setFinishDate(new Date()); reportStatus.setInProgress(false); } LOGGER.debug( PwmConstants.REPORTING_SESSION_LABEL, "update user cache process completed: " + JsonUtil.serialize(reportStatus)); }
private void saveTempData() { try { final String jsonInfo = JsonUtil.serialize(reportStatus); pwmApplication.writeAppAttribute(PwmApplication.AppAttribute.REPORT_STATUS, jsonInfo); } catch (Exception e) { LOGGER.error( PwmConstants.REPORTING_SESSION_LABEL, "error writing cached report dredge info into memory: " + e.getMessage()); } }
@Override public boolean contains(final DatabaseTable table, final String key) throws DatabaseException { final boolean result = get(table, key) != null; if (traceLogging) { final Map<String, Object> debugOutput = new LinkedHashMap<>(); debugOutput.put("table", table); debugOutput.put("key", key); debugOutput.put("result", result); LOGGER.trace( "contains operation result: " + JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint)); } updateStats(true, false); return result; }
@Override public String get(final DatabaseTable table, final String key) throws DatabaseException { if (traceLogging) { LOGGER.trace("attempting get operation for table=" + table + ", key=" + key); } preOperationCheck(); final StringBuilder sb = new StringBuilder(); sb.append("SELECT * FROM ").append(table.toString()).append(" WHERE " + KEY_COLUMN + " = ?"); PreparedStatement statement = null; ResultSet resultSet = null; String returnValue = null; try { statement = connection.prepareStatement(sb.toString()); statement.setString(1, key); statement.setMaxRows(1); resultSet = statement.executeQuery(); if (resultSet.next()) { returnValue = resultSet.getString(VALUE_COLUMN); } } catch (SQLException e) { final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_DB_UNAVAILABLE, "get operation failed: " + e.getMessage()); lastError = errorInformation; throw new DatabaseException(errorInformation); } finally { close(statement); close(resultSet); } if (traceLogging) { final LinkedHashMap<String, Object> debugOutput = new LinkedHashMap<>(); debugOutput.put("table", table); debugOutput.put("key", key); debugOutput.put("result", returnValue); LOGGER.trace( "get operation result: " + JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint)); } updateStats(true, false); return returnValue; }
@Override public boolean remove(final DatabaseTable table, final String key) throws DatabaseException { if (traceLogging) { LOGGER.trace("attempting remove operation for table=" + table + ", key=" + key); } boolean result = contains(table, key); if (result) { final StringBuilder sqlText = new StringBuilder(); sqlText.append("DELETE FROM ").append(table.toString()).append(" WHERE " + KEY_COLUMN + "=?"); PreparedStatement statement = null; try { statement = connection.prepareStatement(sqlText.toString()); statement.setString(1, key); statement.executeUpdate(); LOGGER.trace("remove operation succeeded for table=" + table + ", key=" + key); } catch (SQLException e) { final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_DB_UNAVAILABLE, "remove operation failed: " + e.getMessage()); lastError = errorInformation; throw new DatabaseException(errorInformation); } finally { close(statement); } } if (traceLogging) { final Map<String, Object> debugOutput = new LinkedHashMap<>(); debugOutput.put("table", table); debugOutput.put("key", key); debugOutput.put("result", result); LOGGER.trace( "remove operation result: " + JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint)); } updateStats(true, false); return result; }
/** * 把数据库中查出来的扁平数据转换成树 * * @param list sql 数据集 * @param selfKey id * @param parentKey pid * @param childrenName children * @return */ @SuppressWarnings("unchecked") public static List<Map<String, Object>> generateTree( List<Object> list, String selfKey, String parentKey, String childrenName, Boolean hasAttributes) { if (CollectionUtils.isEmpty(list)) { return null; } List<Map<String, Object>> rootList = new ArrayList<>(); // 引用指引Map Map<Object, Map<String, Object>> referenceMap = new HashMap<>(); // 所有元素集合 Set<Object> allObjectSet = new HashSet<>(); // 孤儿节点 List<Map<String, Object>> orphanList = new ArrayList<>(); for (Object object : list) { Map<String, Object> map = (Map<String, Object>) object; allObjectSet.add(map.get(selfKey)); } for (Object object : list) { Map<String, Object> map = (Map<String, Object>) object; Object pid = map.get(parentKey); if (pid == null || "0".equals(pid.toString())) { rootList.add(map); referenceMap.put(map.get(selfKey), map); } else if (!allObjectSet.contains(pid)) { orphanList.add(map); } } list.removeAll(rootList); list.removeAll(orphanList); // 递归出所有子节点 recursion(parentKey, childrenName, referenceMap, list, selfKey); LG.info(JsonUtil.toJson(rootList)); return rootList; }
private void initTempData() throws LocalDBException, PwmUnrecoverableException { final String cleanFlag = pwmApplication.readAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG); if (!"true".equals(cleanFlag)) { LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, "did not shut down cleanly"); reportStatus = new ReportStatusInfo(settings.getSettingsHash()); reportStatus.setTotal(userCacheService.size()); } else { try { final String jsonInfo = pwmApplication.readAppAttribute(PwmApplication.AppAttribute.REPORT_STATUS); if (jsonInfo != null && !jsonInfo.isEmpty()) { reportStatus = JsonUtil.deserialize(jsonInfo, ReportStatusInfo.class); } } catch (Exception e) { LOGGER.error( PwmConstants.REPORTING_SESSION_LABEL, "error loading cached report status info into memory: " + e.getMessage()); } } reportStatus = reportStatus == null ? new ReportStatusInfo(settings.getSettingsHash()) : reportStatus; // safety final String currentSettingCache = settings.getSettingsHash(); if (reportStatus.getSettingsHash() != null && !reportStatus.getSettingsHash().equals(currentSettingCache)) { LOGGER.error( PwmConstants.REPORTING_SESSION_LABEL, "configuration has changed, will clear cached report data"); clear(); } reportStatus.setInProgress(false); pwmApplication.writeAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG, "false"); }
// @Test public void testFetchGraphSimple() { try { String neId = "21100799"; String group = "bw"; // interesting for the BW String titleX = "Bandwidth"; String titleY = "bps"; int timespan = 0; // Daily /* String neId = "1005255"; String group = "cpu"; // interesting for the CPU String titleX = "CPU Utilization"; String titleY = "Utilization"; int timespan = 0; // Daily */ FetchGraphSimpleCommandMessage message = CommandMessageFactory.createRRDGraphSimpleCommandMessage( neId, group, timespan, titleX, titleY); MessageProducer producer = null; MessageConsumer consumer = null; try { // time to send the JMS request TextMessage reqMsg; Message replyMsg; producer = session.createProducer(new HornetQQueue(SERVICE_QUEUE)); // this will uniquelly identify the request String UIID = UUID.randomUUID().toString(); reqMsg = session.createTextMessage(); reqMsg.setStringProperty("ServiceRRD_msg_type", "fetchGraphSimple"); reqMsg.setStringProperty("ServiceRRD_correlation_id", UIID); String body = JsonUtil.getInstance().toJSON(message); reqMsg.setText(body); logger.info("SEND:\n" + body); producer.send(reqMsg); consumer = session.createConsumer( new HornetQQueue(SERVICE_REPLY_QUEUE), "ServiceRRD_correlation_id = '" + UIID + "'"); replyMsg = consumer.receive(30000); if (replyMsg == null) { logger.info("ServiceRRD timeout on receive()"); } else { if (replyMsg instanceof BytesMessage) { BytesMessage graphStream = (BytesMessage) replyMsg; byte[] graph = new byte[(int) graphStream.getBodyLength()]; graphStream.readBytes(graph); FileOutputStream image = new FileOutputStream( "/Users/cvasilak/Temp/svc-rrd-images/" + neId + "_" + group + "_" + timespan + ".png"); image.write(graph); image.close(); logger.info("image retrieved and saved!"); } else if (replyMsg instanceof TextMessage) { // the server responded with an error logger.info(((TextMessage) replyMsg).getText()); } } } catch (Exception e) { e.printStackTrace(); } finally { try { if (producer != null) producer.close(); if (consumer != null) consumer.close(); } catch (JMSException e) { } } } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } }
public Map getUserStoryTaskMap(String timeEntryItemRef) throws Exception { Map taskMap = new HashMap(); String[] objectIdArr = timeEntryItemRef.split("/"); String objectId = objectIdArr[objectIdArr.length - 1]; log.info("objectId=" + objectId); String apiURL = "https://rally1.rallydev.com/slm/webservice/1.34/adhoc"; String requestJSON = "{" + "\"timeentryitem\" : \"/timeentryitem?query=(ObjectID%20=%20" + objectId + ")&fetch=true\"," + "\"task\" : \"/task?query=(ObjectID%20=%20${timeentryitem.Task.ObjectID})&fetch=true\"," + "\"userstory\" : \"/hierarchicalrequirement?query=(ObjectID%20=%20${task.WorkProduct.ObjectID})&fetch=true\"," + "\"defect\" : \"/defect?query=(ObjectID%20=%20${task.WorkProduct.ObjectID})&fetch=true\"" + "}"; log.info("apiURL=" + apiURL); log.info("requestJSON=" + requestJSON); String responseJSON = postRallyXML(apiURL, requestJSON); // Bypass"%;" to avoid exception responseJSON = responseJSON.replace("%;", ";"); responseJSON = responseJSON.replace("%", ""); Map jsonMap = JsonUtil.jsonToMap(responseJSON); String usRef = ""; String usName = ""; String usFormattedId = ""; String usPlanEstimate = ""; String usTaskEstimateTotal = ""; String usTaskRemainingTotal = ""; String usState = ""; String usOwner = ""; Map usMap = new HashMap(); // Get user story info JSONObject userstoryMap = (JSONObject) jsonMap.get("userstory"); JSONArray userstoryArray = (JSONArray) userstoryMap.get("Results"); if (userstoryArray == null || userstoryArray.size() == 0) { userstoryMap = (JSONObject) jsonMap.get("defect"); userstoryArray = (JSONArray) userstoryMap.get("Results"); } if (userstoryArray != null && userstoryArray.size() > 0) { JSONObject userstoryInfo = (JSONObject) userstoryArray.get(0); // log.info("userstoryInfo="+userstoryInfo); usRef = (userstoryInfo.get("_ref")).toString(); usFormattedId = (userstoryInfo.get("FormattedID")).toString(); usName = (userstoryInfo.get("Name")).toString(); usState = (userstoryInfo.get("ScheduleState")).toString(); if (userstoryInfo.get("PlanEstimate") != null) usPlanEstimate = (userstoryInfo.get("PlanEstimate")).toString(); if (userstoryInfo.get("TaskEstimateTotal") != null) usTaskEstimateTotal = (userstoryInfo.get("TaskEstimateTotal")).toString(); if (userstoryInfo.get("TaskRemainingTotal") != null) usTaskRemainingTotal = (userstoryInfo.get("TaskRemainingTotal")).toString(); JSONObject ownerMap = (JSONObject) userstoryInfo.get("Owner"); if (ownerMap != null) { usOwner = (String) ownerMap.get("_refObjectName"); if (usOwner == null) { usOwner = ""; } } } Map usDetailMap = new HashMap(); usDetailMap.put("usFormattedId", usFormattedId); usDetailMap.put("usName", usName); usDetailMap.put("usPlanEstimate", usPlanEstimate); usDetailMap.put("usTaskEstimateTotal", usTaskEstimateTotal); usDetailMap.put("usTaskRemainingTotal", usTaskRemainingTotal); usDetailMap.put("usOwner", usOwner); usDetailMap.put("usState", usState); usMap.put(usRef, usDetailMap); // log.info("usMap="+usMap); String taskObjId = ""; String taskFormattedId = ""; String taskName = ""; String estimate = ""; String toDo = ""; String taskState = ""; String taskOwner = ""; String projectName = ""; String iterationName = ""; String workProductRef = ""; List taskList = new ArrayList(); // Get task info JSONObject taskJsonMap = (JSONObject) jsonMap.get("task"); JSONArray taskArray = (JSONArray) taskJsonMap.get("Results"); if (taskArray != null && taskArray.size() > 0) { for (int i = 0; i < taskArray.size(); i++) { JSONObject taskInfo = (JSONObject) taskArray.get(0); // log.info("taskMap="+taskMap); // log.info("taskInfo="+taskInfo); taskObjId = (taskInfo.get("ObjectID")).toString(); taskFormattedId = (taskInfo.get("FormattedID")).toString(); taskState = (taskInfo.get("State")).toString(); Object taskNameObj = taskInfo.get("Name"); taskName = taskNameObj == null ? "" : taskNameObj.toString(); Object estimateObject = taskInfo.get("Estimate"); estimate = estimateObject == null ? "" : estimateObject.toString(); Object toDoObject = taskInfo.get("ToDo"); toDo = toDoObject == null ? "" : toDoObject.toString(); JSONObject ownerMap = (JSONObject) taskInfo.get("Owner"); // log.info("ownerMap="+ownerMap); if (ownerMap != null) { taskOwner = (String) ownerMap.get("_refObjectName"); if (taskOwner == null) { taskOwner = ""; } } JSONObject workProductMap = (JSONObject) taskInfo.get("WorkProduct"); // log.info("workProductMap="+workProductMap); if (workProductMap != null) { workProductRef = (String) workProductMap.get("_ref"); if (workProductRef == null) { workProductRef = ""; } } JSONObject projectMap = (JSONObject) taskInfo.get("Project"); // log.info("projectMap="+projectMap); if (projectMap != null) { projectName = (String) projectMap.get("_refObjectName"); if (projectName == null) { projectName = ""; } } JSONObject iterationMap = (JSONObject) taskInfo.get("Iteration"); // log.info("iterationMap="+iterationMap); if (iterationMap != null) { iterationName = (String) iterationMap.get("_refObjectName"); if (iterationName == null) { iterationName = ""; } } taskMap.put("taskFormattedId", taskFormattedId); taskMap.put("taskName", taskName); taskMap.put("taskState", taskState); taskMap.put("owner", taskOwner); taskMap.put("taskEstimate", estimate); taskMap.put("taskRemaining", toDo); taskMap.put("projectName", projectName); taskMap.put("iterationName", iterationName); Map map = (Map) usMap.get(workProductRef); taskMap.put("usName", map.get("usFormattedId") + " " + map.get("usName")); log.info("taskMap=" + taskMap); } // for taskArray } return taskMap; }
/** * This is the entry point under which all password changes are managed. The following is the * general procedure when this method is invoked. * * <ul> * <li>password is checked against PWM password requirement * <li>ldap password set is attempted<br> * <br> * if successful: * <ul> * <li>uiBean is updated with old and new passwords * <li>uiBean's password expire flag is set to false * <li>any configured external methods are invoked * <li>user email notification is sent * <li>return true * </ul> * <br> * if unsuccessful * <ul> * <li>ssBean is updated with appropriate error * <li>return false * </ul> * </ul> * * @param newPassword the new password that is being set. * @param pwmSession beanmanager for config and user info lookup * @throws com.novell.ldapchai.exception.ChaiUnavailableException if the ldap directory is not * unavailable * @throws password.pwm.error.PwmUnrecoverableException if user is not authenticated */ public static void setActorPassword( final PwmSession pwmSession, final PwmApplication pwmApplication, final PasswordData newPassword) throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException { final UserInfoBean uiBean = pwmSession.getUserInfoBean(); if (!pwmSession .getSessionManager() .checkPermission(pwmApplication, Permission.CHANGE_PASSWORD)) { final String errorMsg = "attempt to setActorPassword, but user does not have password change permission"; final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg); throw new PwmOperationalException(errorInformation); } // double check to make sure password meets PWM rule requirements. This should // have been done before setActorPassword() is invoked, so it should be redundant // but we do it just in case. try { final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator(pwmApplication, uiBean.getPasswordPolicy()); pwmPasswordRuleValidator.testPassword( newPassword, null, uiBean, pwmSession.getSessionManager().getActor(pwmApplication)); } catch (PwmDataValidationException e) { final String errorMsg = "attempt to setActorPassword, but password does not pass local policy validator"; final ErrorInformation errorInformation = new ErrorInformation(e.getErrorInformation().getError(), errorMsg); throw new PwmOperationalException(errorInformation); } // retrieve the user's old password from the userInfoBean in the session final PasswordData oldPassword = pwmSession.getLoginInfoBean().getUserCurrentPassword(); boolean setPasswordWithoutOld = false; if (oldPassword == null) { if (pwmSession .getSessionManager() .getActor(pwmApplication) .getChaiProvider() .getDirectoryVendor() == ChaiProvider.DIRECTORY_VENDOR.MICROSOFT_ACTIVE_DIRECTORY) { setPasswordWithoutOld = true; } } if (!setPasswordWithoutOld) { // Check to make sure we actually have an old password if (oldPassword == null) { final String errorMsg = "cannot set password for user, old password is not available"; final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_WRONGPASSWORD, errorMsg); throw new PwmOperationalException(errorInformation); } } try { final ChaiProvider provider = pwmSession.getSessionManager().getChaiProvider(); final ChaiUser theUser = ChaiFactory.createChaiUser( pwmSession.getUserInfoBean().getUserIdentity().getUserDN(), provider); final boolean boundAsSelf = theUser .getEntryDN() .equals(provider.getChaiConfiguration().getSetting(ChaiSetting.BIND_DN)); LOGGER.trace( pwmSession, "preparing to setActorPassword for '" + theUser.getEntryDN() + "', bindAsSelf=" + boundAsSelf + ", authType=" + pwmSession.getLoginInfoBean().getType()); if (setPasswordWithoutOld) { theUser.setPassword(newPassword.getStringValue(), true); } else { theUser.changePassword(oldPassword.getStringValue(), newPassword.getStringValue()); } } catch (ChaiPasswordPolicyException e) { final String errorMsg = "error setting password for user '" + uiBean.getUserIdentity() + "'' " + e.toString(); final PwmError pwmError = PwmError.forChaiError(e.getErrorCode()); final ErrorInformation error = new ErrorInformation( pwmError == null ? PwmError.PASSWORD_UNKNOWN_VALIDATION : pwmError, errorMsg); throw new PwmOperationalException(error); } catch (ChaiOperationException e) { final String errorMsg = "error setting password for user '" + uiBean.getUserIdentity() + "'' " + e.getMessage(); final PwmError pwmError = PwmError.forChaiError(e.getErrorCode()) == null ? PwmError.ERROR_UNKNOWN : PwmError.forChaiError(e.getErrorCode()); final ErrorInformation error = new ErrorInformation(pwmError, errorMsg); throw new PwmOperationalException(error); } // at this point the password has been changed, so log it. LOGGER.info( pwmSession, "user '" + uiBean.getUserIdentity() + "' successfully changed password"); // update the session state bean's password modified flag pwmSession.getSessionStateBean().setPasswordModified(true); // update the login info bean with the user's new password pwmSession.getLoginInfoBean().setUserCurrentPassword(newPassword); // close any outstanding ldap connections (since they cache the old password) pwmSession .getSessionManager() .updateUserPassword(pwmApplication, uiBean.getUserIdentity(), newPassword); // clear the "requires new password flag" uiBean.setRequiresNewPassword(false); // mark the auth type as authenticatePd now that we have the user's natural password. pwmSession.getLoginInfoBean().setType(AuthenticationType.AUTHENTICATED); // update the uibean's "password expired flag". final UserStatusReader userStatusReader = new UserStatusReader(pwmApplication, pwmSession.getLabel()); uiBean.setPasswordState( userStatusReader.readPasswordStatus( pwmSession.getSessionManager().getActor(pwmApplication), uiBean.getPasswordPolicy(), uiBean, newPassword)); // create a proxy user object for pwm to update/read the user. final ChaiUser proxiedUser = pwmSession.getSessionManager().getActor(pwmApplication); // update statistics { pwmApplication.getStatisticsManager().incrementValue(Statistic.PASSWORD_CHANGES); pwmApplication.getStatisticsManager().updateEps(Statistic.EpsType.PASSWORD_CHANGES, 1); final int passwordStrength = PasswordUtility.judgePasswordStrength(newPassword.getStringValue()); pwmApplication .getStatisticsManager() .updateAverageValue(Statistic.AVG_PASSWORD_STRENGTH, passwordStrength); } // add the old password to the global history list (if the old password is known) if (oldPassword != null && pwmApplication .getConfig() .readSettingAsBoolean(PwmSetting.PASSWORD_SHAREDHISTORY_ENABLE)) { pwmApplication.getSharedHistoryManager().addWord(pwmSession, oldPassword.getStringValue()); } // invoke post password change actions invokePostChangePasswordActions(pwmSession, newPassword.getStringValue()); { // execute configured actions LOGGER.debug(pwmSession, "executing configured actions to user " + proxiedUser.getEntryDN()); final List<ActionConfiguration> configValues = pwmApplication .getConfig() .readSettingAsAction(PwmSetting.CHANGE_PASSWORD_WRITE_ATTRIBUTES); if (configValues != null && !configValues.isEmpty()) { final LoginInfoBean clonedLoginInfoBean = JsonUtil.cloneUsingJson(pwmSession.getLoginInfoBean(), LoginInfoBean.class); clonedLoginInfoBean.setUserCurrentPassword(newPassword); final MacroMachine macroMachine = new MacroMachine( pwmApplication, pwmSession.getLabel(), pwmSession.getUserInfoBean(), clonedLoginInfoBean, pwmSession.getSessionManager().getUserDataReader(pwmApplication)); final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings(pwmApplication, uiBean.getUserIdentity()) .setMacroMachine(macroMachine) .setExpandPwmMacros(true) .createActionExecutor(); actionExecutor.executeActions(configValues, pwmSession); } } // update the current last password update field in ldap LdapOperationsHelper.updateLastPasswordUpdateAttribute( pwmApplication, pwmSession.getLabel(), uiBean.getUserIdentity()); }
public static PasswordCheckInfo checkEnteredPassword( final PwmApplication pwmApplication, final Locale locale, final ChaiUser user, final UserInfoBean userInfoBean, final LoginInfoBean loginInfoBean, final PasswordData password, final PasswordData confirmPassword) throws PwmUnrecoverableException, ChaiUnavailableException { if (userInfoBean == null) { throw new NullPointerException("userInfoBean cannot be null"); } boolean pass = false; String userMessage = ""; int errorCode = 0; final boolean passwordIsCaseSensitive = userInfoBean.getPasswordPolicy() == null || userInfoBean .getPasswordPolicy() .getRuleHelper() .readBooleanValue(PwmPasswordRule.CaseSensitive); final CachePolicy cachePolicy; { final long cacheLifetimeMS = Long.parseLong( pwmApplication .getConfig() .readAppProperty(AppProperty.CACHE_PWRULECHECK_LIFETIME_MS)); cachePolicy = CachePolicy.makePolicyWithExpirationMS(cacheLifetimeMS); } if (password == null) { userMessage = new ErrorInformation(PwmError.PASSWORD_MISSING) .toUserStr(locale, pwmApplication.getConfig()); } else { final CacheService cacheService = pwmApplication.getCacheService(); final CacheKey cacheKey = user != null && userInfoBean.getUserIdentity() != null ? CacheKey.makeCacheKey( PasswordUtility.class, userInfoBean.getUserIdentity(), user.getEntryDN() + ":" + password.hash()) : null; if (pwmApplication.getConfig().isDevDebugMode()) { LOGGER.trace("generated cacheKey for password check request: " + cacheKey); } try { if (cacheService != null && cacheKey != null) { final String cachedValue = cacheService.get(cacheKey); if (cachedValue != null) { if (NEGATIVE_CACHE_HIT.equals(cachedValue)) { pass = true; } else { LOGGER.trace("cache hit!"); final ErrorInformation errorInformation = JsonUtil.deserialize(cachedValue, ErrorInformation.class); throw new PwmDataValidationException(errorInformation); } } } if (!pass) { final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator( pwmApplication, userInfoBean.getPasswordPolicy(), locale); final PasswordData oldPassword = loginInfoBean == null ? null : loginInfoBean.getUserCurrentPassword(); pwmPasswordRuleValidator.testPassword(password, oldPassword, userInfoBean, user); pass = true; if (cacheService != null && cacheKey != null) { cacheService.put(cacheKey, cachePolicy, NEGATIVE_CACHE_HIT); } } } catch (PwmDataValidationException e) { errorCode = e.getError().getErrorCode(); userMessage = e.getErrorInformation().toUserStr(locale, pwmApplication.getConfig()); pass = false; if (cacheService != null && cacheKey != null) { final String jsonPayload = JsonUtil.serialize(e.getErrorInformation()); cacheService.put(cacheKey, cachePolicy, jsonPayload); } } } final PasswordCheckInfo.MATCH_STATUS matchStatus = figureMatchStatus(passwordIsCaseSensitive, password, confirmPassword); if (pass) { switch (matchStatus) { case EMPTY: userMessage = new ErrorInformation(PwmError.PASSWORD_MISSING_CONFIRM) .toUserStr(locale, pwmApplication.getConfig()); break; case MATCH: userMessage = new ErrorInformation(PwmError.PASSWORD_MEETS_RULES) .toUserStr(locale, pwmApplication.getConfig()); break; case NO_MATCH: userMessage = new ErrorInformation(PwmError.PASSWORD_DOESNOTMATCH) .toUserStr(locale, pwmApplication.getConfig()); break; default: userMessage = ""; } } final int strength = judgePasswordStrength(password == null ? null : password.getStringValue()); return new PasswordCheckInfo(userMessage, pass, strength, matchStatus, errorCode); }
public List<HealthRecord> healthCheck() { if (status == PwmService.STATUS.CLOSED) { return Collections.emptyList(); } final List<HealthRecord> returnRecords = new ArrayList<>(); try { preOperationCheck(); } catch (DatabaseException e) { lastError = e.getErrorInformation(); returnRecords.add( new HealthRecord( HealthStatus.WARN, HealthTopic.Database, "Database server is not available: " + e.getErrorInformation().toDebugStr())); return returnRecords; } try { final Map<String, String> tempMap = new HashMap<>(); tempMap.put("instance", instanceID); tempMap.put("date", (new java.util.Date()).toString()); this.put( DatabaseTable.PWM_META, DatabaseAccessorImpl.KEY_TEST, JsonUtil.serializeMap(tempMap)); } catch (PwmException e) { returnRecords.add( new HealthRecord( HealthStatus.WARN, HealthTopic.Database, "Error writing to database: " + e.getErrorInformation().toDebugStr())); return returnRecords; } if (lastError != null) { final TimeDuration errorAge = TimeDuration.fromCurrent(lastError.getDate().getTime()); if (errorAge.isShorterThan(TimeDuration.HOUR)) { returnRecords.add( new HealthRecord( HealthStatus.CAUTION, HealthTopic.Database, "Database server was recently unavailable (" + errorAge.asLongString(PwmConstants.DEFAULT_LOCALE) + " ago at " + lastError.getDate().toString() + "): " + lastError.toDebugStr())); } } if (returnRecords.isEmpty()) { returnRecords.add( new HealthRecord( HealthStatus.GOOD, HealthTopic.Database, "Database connection to " + this.dbConfiguration.getConnectionString() + " okay")); } return returnRecords; }
private Connection openDB(final DBConfiguration dbConfiguration) throws DatabaseException { final String connectionURL = dbConfiguration.getConnectionString(); final String jdbcClassName = dbConfiguration.getDriverClassname(); try { final byte[] jdbcDriverBytes = dbConfiguration.getJdbcDriver(); if (jdbcDriverBytes != null) { LOGGER.debug("loading JDBC database driver stored in configuration"); final JarClassLoader jarClassLoader = new JarClassLoader(); jarClassLoader.add(new ByteArrayInputStream(jdbcDriverBytes)); final JclObjectFactory jclObjectFactory = JclObjectFactory.getInstance(); // Create object of loaded class driver = (Driver) jclObjectFactory.create(jarClassLoader, jdbcClassName); LOGGER.debug( "successfully loaded JDBC database driver '" + jdbcClassName + "' from application configuration"); } } catch (Throwable e) { final String errorMsg = "error registering JDBC database driver stored in configuration: " + e.getMessage(); final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg); LOGGER.error(errorMsg, e); throw new DatabaseException(errorInformation); } if (driver == null) { try { LOGGER.debug("loading JDBC database driver from classpath: " + jdbcClassName); driver = (Driver) Class.forName(jdbcClassName).newInstance(); LOGGER.debug("successfully loaded JDBC database driver from classpath: " + jdbcClassName); } catch (Throwable e) { final String errorMsg = e.getClass().getName() + " error loading JDBC database driver from classpath: " + e.getMessage(); final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg); throw new DatabaseException(errorInformation); } } try { LOGGER.debug("opening connection to database " + connectionURL); final Properties connectionProperties = new Properties(); if (dbConfiguration.getUsername() != null && !dbConfiguration.getUsername().isEmpty()) { connectionProperties.setProperty("user", dbConfiguration.getUsername()); } if (dbConfiguration.getPassword() != null) { connectionProperties.setProperty( "password", dbConfiguration.getPassword().getStringValue()); } final Connection connection = driver.connect(connectionURL, connectionProperties); final Map<PwmAboutProperty, String> debugProps = getConnectionDebugProperties(connection); ; LOGGER.debug( "successfully opened connection to database " + connectionURL + ", properties: " + JsonUtil.serializeMap(debugProps)); connection.setAutoCommit(true); return connection; } catch (Throwable e) { final String errorMsg = "error connecting to database: " + Helper.readHostileExceptionMessage(e); final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg); if (e instanceof IOException) { LOGGER.error(errorInformation); } else { LOGGER.error(errorMsg, e); } throw new DatabaseException(errorInformation); } }
@Test public void testFetchLast() { try { String neId = "1005255"; // KLNNMS02(cpuusage=YES cpu1min=YES memutil=YES) KLNNMS05(cpuusage=YES // bususage=YES) // String neId = "1006119"; // KLNNMS02(cpuusage=YES cpu1min=YES memutil=YES // KLNNMS05(cpuusage=NO bususage=NO) Set<String> rras = new HashSet<String>(); // klnnms02 rras.add("cpu5sec"); rras.add("cpu1min"); rras.add("memutil"); // klnnms05 rras.add("cpuusage"); rras.add("bususage"); FetchLastCommandMessage message = CommandMessageFactory.createRRDLastCommandMessage(neId, "AVERAGE", 0, 0, null, rras); MessageProducer producer = null; MessageConsumer consumer = null; // time to send the JMS request try { TextMessage reqMsg, replyMsg; producer = session.createProducer(new HornetQQueue(SERVICE_QUEUE)); // this will uniquelly identify the request String UIID = UUID.randomUUID().toString(); reqMsg = session.createTextMessage(); reqMsg.setStringProperty("ServiceRRD_msg_type", "fetchLast"); reqMsg.setStringProperty("ServiceRRD_correlation_id", UIID); String body = JsonUtil.getInstance().toJSON(message); reqMsg.setText(body); logger.info("SEND:\n" + body); producer.send(reqMsg); consumer = session.createConsumer( new HornetQQueue(SERVICE_REPLY_QUEUE), "ServiceRRD_correlation_id = '" + UIID + "'"); replyMsg = (TextMessage) consumer.receive(30000); if (replyMsg == null) { logger.info("ServiceRRD timeout on receive()"); } else { logger.info("REPLY:\n" + replyMsg.getText()); } } catch (Exception e) { e.printStackTrace(); } finally { try { if (producer != null) producer.close(); if (consumer != null) consumer.close(); } catch (JMSException e) { } } } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } }
@Override public boolean put(final DatabaseTable table, final String key, final String value) throws DatabaseException { preOperationCheck(); if (traceLogging) { LOGGER.trace("attempting put operation for table=" + table + ", key=" + key); } if (!contains(table, key)) { final String sqlText = "INSERT INTO " + table.toString() + "(" + KEY_COLUMN + ", " + VALUE_COLUMN + ") VALUES(?,?)"; PreparedStatement statement = null; try { statement = connection.prepareStatement(sqlText); statement.setString(1, key); statement.setString(2, value); statement.executeUpdate(); } catch (SQLException e) { final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_DB_UNAVAILABLE, "put operation failed: " + e.getMessage()); lastError = errorInformation; throw new DatabaseException(errorInformation); } finally { close(statement); } return false; } final String sqlText = "UPDATE " + table.toString() + " SET " + VALUE_COLUMN + "=? WHERE " + KEY_COLUMN + "=?"; PreparedStatement statement = null; try { statement = connection.prepareStatement(sqlText); statement.setString(1, value); statement.setString(2, key); statement.executeUpdate(); } catch (SQLException e) { final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_DB_UNAVAILABLE, "put operation failed: " + e.getMessage()); lastError = errorInformation; throw new DatabaseException(errorInformation); } finally { close(statement); } if (traceLogging) { final Map<String, Object> debugOutput = new LinkedHashMap<>(); debugOutput.put("table", table); debugOutput.put("key", key); debugOutput.put("value", value); LOGGER.trace( "put operation result: " + JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint)); } updateStats(false, true); return true; }