public UserCacheRecord next() {
try {
UserCacheRecord returnBean = null;
while (returnBean == null && this.storageKeyIterator.hasNext()) {
UserCacheService.StorageKey key = this.storageKeyIterator.next();
returnBean = userCacheService.readStorageKey(key);
if (returnBean != null) {
if (returnBean.getCacheTimestamp() == null) {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"purging record due to missing cache timestamp: "
+ JsonUtil.serialize(returnBean));
userCacheService.removeStorageKey(key);
} else if (TimeDuration.fromCurrent(returnBean.getCacheTimestamp())
.isLongerThan(settings.getMaxCacheAge())) {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"purging record due to old age timestamp: " + JsonUtil.serialize(returnBean));
userCacheService.removeStorageKey(key);
} else {
return returnBean;
}
}
}
} catch (LocalDBException e) {
throw new IllegalStateException(
"unexpected iterator traversal error while reading LocalDB: " + e.getMessage());
}
return null;
}
private static List<UserIdentity> readAllUsersFromLdap(
final PwmApplication pwmApplication, final String searchFilter, final int maxResults)
throws ChaiUnavailableException, ChaiOperationException, PwmUnrecoverableException,
PwmOperationalException {
final UserSearchEngine userSearchEngine = new UserSearchEngine(pwmApplication, null);
final UserSearchEngine.SearchConfiguration searchConfiguration =
new UserSearchEngine.SearchConfiguration();
searchConfiguration.setEnableValueEscaping(false);
searchConfiguration.setSearchTimeout(
Long.parseLong(
pwmApplication.getConfig().readAppProperty(AppProperty.REPORTING_LDAP_SEARCH_TIMEOUT)));
if (searchFilter == null) {
searchConfiguration.setUsername("*");
} else {
searchConfiguration.setFilter(searchFilter);
}
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"beginning UserReportService user search using parameters: "
+ (JsonUtil.serialize(searchConfiguration)));
final Map<UserIdentity, Map<String, String>> searchResults =
userSearchEngine.performMultiUserSearch(
searchConfiguration, maxResults, Collections.<String>emptyList());
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"user search found " + searchResults.size() + " users for reporting");
final List<UserIdentity> returnList = new ArrayList<>(searchResults.keySet());
Collections.shuffle(returnList);
return returnList;
}
private void restBrowseLdap(final PwmRequest pwmRequest, final ConfigGuideBean configGuideBean)
throws IOException, ServletException, PwmUnrecoverableException {
final StoredConfigurationImpl storedConfiguration =
StoredConfigurationImpl.copy(configGuideBean.getStoredConfiguration());
if (configGuideBean.getStep() == STEP.LDAP_ADMIN) {
storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_DN, LDAP_PROFILE_KEY, null);
storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_PASSWORD, LDAP_PROFILE_KEY, null);
}
final Date startTime = new Date();
final Map<String, String> inputMap =
pwmRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation);
final String profile = inputMap.get("profile");
final String dn = inputMap.containsKey("dn") ? inputMap.get("dn") : "";
final LdapBrowser ldapBrowser = new LdapBrowser(storedConfiguration);
final LdapBrowser.LdapBrowseResult result = ldapBrowser.doBrowse(profile, dn);
ldapBrowser.close();
LOGGER.trace(
pwmRequest,
"performed ldapBrowse operation in "
+ TimeDuration.fromCurrent(startTime).asCompactString()
+ ", result="
+ JsonUtil.serialize(result));
pwmRequest.outputJsonResult(new RestResultBean(result));
}
private void updateCacheFromLdap()
throws ChaiUnavailableException, ChaiOperationException, PwmOperationalException,
PwmUnrecoverableException {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"beginning process to updating user cache records from ldap");
if (status != STATUS.OPEN) {
return;
}
cancelFlag = false;
reportStatus = new ReportStatusInfo(settings.getSettingsHash());
reportStatus.setInProgress(true);
reportStatus.setStartDate(new Date());
try {
final Queue<UserIdentity> allUsers = new LinkedList<>(getListOfUsers());
reportStatus.setTotal(allUsers.size());
while (status == STATUS.OPEN && !allUsers.isEmpty() && !cancelFlag) {
final Date startUpdateTime = new Date();
final UserIdentity userIdentity = allUsers.poll();
try {
if (updateCachedRecordFromLdap(userIdentity)) {
reportStatus.setUpdated(reportStatus.getUpdated() + 1);
}
} catch (Exception e) {
String errorMsg =
"error while updating report cache for " + userIdentity.toString() + ", cause: ";
errorMsg +=
e instanceof PwmException
? ((PwmException) e).getErrorInformation().toDebugStr()
: e.getMessage();
final ErrorInformation errorInformation;
errorInformation = new ErrorInformation(PwmError.ERROR_REPORTING_ERROR, errorMsg);
LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, errorInformation.toDebugStr());
reportStatus.setLastError(errorInformation);
reportStatus.setErrors(reportStatus.getErrors() + 1);
}
reportStatus.setCount(reportStatus.getCount() + 1);
reportStatus.getEventRateMeter().markEvents(1);
final TimeDuration totalUpdateTime = TimeDuration.fromCurrent(startUpdateTime);
if (settings.isAutoCalcRest()) {
avgTracker.addSample(totalUpdateTime.getTotalMilliseconds());
Helper.pause(avgTracker.avgAsLong());
} else {
Helper.pause(settings.getRestTime().getTotalMilliseconds());
}
}
if (cancelFlag) {
reportStatus.setLastError(
new ErrorInformation(
PwmError.ERROR_SERVICE_NOT_AVAILABLE, "report cancelled by operator"));
}
} finally {
reportStatus.setFinishDate(new Date());
reportStatus.setInProgress(false);
}
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"update user cache process completed: " + JsonUtil.serialize(reportStatus));
}
private void saveTempData() {
try {
final String jsonInfo = JsonUtil.serialize(reportStatus);
pwmApplication.writeAppAttribute(PwmApplication.AppAttribute.REPORT_STATUS, jsonInfo);
} catch (Exception e) {
LOGGER.error(
PwmConstants.REPORTING_SESSION_LABEL,
"error writing cached report dredge info into memory: " + e.getMessage());
}
}
@Override
public boolean contains(final DatabaseTable table, final String key) throws DatabaseException {
final boolean result = get(table, key) != null;
if (traceLogging) {
final Map<String, Object> debugOutput = new LinkedHashMap<>();
debugOutput.put("table", table);
debugOutput.put("key", key);
debugOutput.put("result", result);
LOGGER.trace(
"contains operation result: "
+ JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint));
}
updateStats(true, false);
return result;
}
@Override
public String get(final DatabaseTable table, final String key) throws DatabaseException {
if (traceLogging) {
LOGGER.trace("attempting get operation for table=" + table + ", key=" + key);
}
preOperationCheck();
final StringBuilder sb = new StringBuilder();
sb.append("SELECT * FROM ").append(table.toString()).append(" WHERE " + KEY_COLUMN + " = ?");
PreparedStatement statement = null;
ResultSet resultSet = null;
String returnValue = null;
try {
statement = connection.prepareStatement(sb.toString());
statement.setString(1, key);
statement.setMaxRows(1);
resultSet = statement.executeQuery();
if (resultSet.next()) {
returnValue = resultSet.getString(VALUE_COLUMN);
}
} catch (SQLException e) {
final ErrorInformation errorInformation =
new ErrorInformation(
PwmError.ERROR_DB_UNAVAILABLE, "get operation failed: " + e.getMessage());
lastError = errorInformation;
throw new DatabaseException(errorInformation);
} finally {
close(statement);
close(resultSet);
}
if (traceLogging) {
final LinkedHashMap<String, Object> debugOutput = new LinkedHashMap<>();
debugOutput.put("table", table);
debugOutput.put("key", key);
debugOutput.put("result", returnValue);
LOGGER.trace(
"get operation result: " + JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint));
}
updateStats(true, false);
return returnValue;
}
@Override
public boolean remove(final DatabaseTable table, final String key) throws DatabaseException {
if (traceLogging) {
LOGGER.trace("attempting remove operation for table=" + table + ", key=" + key);
}
boolean result = contains(table, key);
if (result) {
final StringBuilder sqlText = new StringBuilder();
sqlText.append("DELETE FROM ").append(table.toString()).append(" WHERE " + KEY_COLUMN + "=?");
PreparedStatement statement = null;
try {
statement = connection.prepareStatement(sqlText.toString());
statement.setString(1, key);
statement.executeUpdate();
LOGGER.trace("remove operation succeeded for table=" + table + ", key=" + key);
} catch (SQLException e) {
final ErrorInformation errorInformation =
new ErrorInformation(
PwmError.ERROR_DB_UNAVAILABLE, "remove operation failed: " + e.getMessage());
lastError = errorInformation;
throw new DatabaseException(errorInformation);
} finally {
close(statement);
}
}
if (traceLogging) {
final Map<String, Object> debugOutput = new LinkedHashMap<>();
debugOutput.put("table", table);
debugOutput.put("key", key);
debugOutput.put("result", result);
LOGGER.trace(
"remove operation result: "
+ JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint));
}
updateStats(true, false);
return result;
}
/**
* 把数据库中查出来的扁平数据转换成树
*
* @param list sql 数据集
* @param selfKey id
* @param parentKey pid
* @param childrenName children
* @return
*/
@SuppressWarnings("unchecked")
public static List<Map<String, Object>> generateTree(
List<Object> list,
String selfKey,
String parentKey,
String childrenName,
Boolean hasAttributes) {
if (CollectionUtils.isEmpty(list)) {
return null;
}
List<Map<String, Object>> rootList = new ArrayList<>();
// 引用指引Map
Map<Object, Map<String, Object>> referenceMap = new HashMap<>();
// 所有元素集合
Set<Object> allObjectSet = new HashSet<>();
// 孤儿节点
List<Map<String, Object>> orphanList = new ArrayList<>();
for (Object object : list) {
Map<String, Object> map = (Map<String, Object>) object;
allObjectSet.add(map.get(selfKey));
}
for (Object object : list) {
Map<String, Object> map = (Map<String, Object>) object;
Object pid = map.get(parentKey);
if (pid == null || "0".equals(pid.toString())) {
rootList.add(map);
referenceMap.put(map.get(selfKey), map);
} else if (!allObjectSet.contains(pid)) {
orphanList.add(map);
}
}
list.removeAll(rootList);
list.removeAll(orphanList);
// 递归出所有子节点
recursion(parentKey, childrenName, referenceMap, list, selfKey);
LG.info(JsonUtil.toJson(rootList));
return rootList;
}
private void initTempData() throws LocalDBException, PwmUnrecoverableException {
final String cleanFlag =
pwmApplication.readAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG);
if (!"true".equals(cleanFlag)) {
LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, "did not shut down cleanly");
reportStatus = new ReportStatusInfo(settings.getSettingsHash());
reportStatus.setTotal(userCacheService.size());
} else {
try {
final String jsonInfo =
pwmApplication.readAppAttribute(PwmApplication.AppAttribute.REPORT_STATUS);
if (jsonInfo != null && !jsonInfo.isEmpty()) {
reportStatus = JsonUtil.deserialize(jsonInfo, ReportStatusInfo.class);
}
} catch (Exception e) {
LOGGER.error(
PwmConstants.REPORTING_SESSION_LABEL,
"error loading cached report status info into memory: " + e.getMessage());
}
}
reportStatus =
reportStatus == null
? new ReportStatusInfo(settings.getSettingsHash())
: reportStatus; // safety
final String currentSettingCache = settings.getSettingsHash();
if (reportStatus.getSettingsHash() != null
&& !reportStatus.getSettingsHash().equals(currentSettingCache)) {
LOGGER.error(
PwmConstants.REPORTING_SESSION_LABEL,
"configuration has changed, will clear cached report data");
clear();
}
reportStatus.setInProgress(false);
pwmApplication.writeAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG, "false");
}
// @Test
public void testFetchGraphSimple() {
try {
String neId = "21100799";
String group = "bw"; // interesting for the BW
String titleX = "Bandwidth";
String titleY = "bps";
int timespan = 0; // Daily
/*
String neId = "1005255";
String group = "cpu"; // interesting for the CPU
String titleX = "CPU Utilization";
String titleY = "Utilization";
int timespan = 0; // Daily
*/
FetchGraphSimpleCommandMessage message =
CommandMessageFactory.createRRDGraphSimpleCommandMessage(
neId, group, timespan, titleX, titleY);
MessageProducer producer = null;
MessageConsumer consumer = null;
try {
// time to send the JMS request
TextMessage reqMsg;
Message replyMsg;
producer = session.createProducer(new HornetQQueue(SERVICE_QUEUE));
// this will uniquelly identify the request
String UIID = UUID.randomUUID().toString();
reqMsg = session.createTextMessage();
reqMsg.setStringProperty("ServiceRRD_msg_type", "fetchGraphSimple");
reqMsg.setStringProperty("ServiceRRD_correlation_id", UIID);
String body = JsonUtil.getInstance().toJSON(message);
reqMsg.setText(body);
logger.info("SEND:\n" + body);
producer.send(reqMsg);
consumer =
session.createConsumer(
new HornetQQueue(SERVICE_REPLY_QUEUE),
"ServiceRRD_correlation_id = '" + UIID + "'");
replyMsg = consumer.receive(30000);
if (replyMsg == null) {
logger.info("ServiceRRD timeout on receive()");
} else {
if (replyMsg instanceof BytesMessage) {
BytesMessage graphStream = (BytesMessage) replyMsg;
byte[] graph = new byte[(int) graphStream.getBodyLength()];
graphStream.readBytes(graph);
FileOutputStream image =
new FileOutputStream(
"/Users/cvasilak/Temp/svc-rrd-images/"
+ neId
+ "_"
+ group
+ "_"
+ timespan
+ ".png");
image.write(graph);
image.close();
logger.info("image retrieved and saved!");
} else if (replyMsg instanceof TextMessage) { // the server responded with an error
logger.info(((TextMessage) replyMsg).getText());
}
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
if (producer != null) producer.close();
if (consumer != null) consumer.close();
} catch (JMSException e) {
}
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public Map getUserStoryTaskMap(String timeEntryItemRef) throws Exception {
Map taskMap = new HashMap();
String[] objectIdArr = timeEntryItemRef.split("/");
String objectId = objectIdArr[objectIdArr.length - 1];
log.info("objectId=" + objectId);
String apiURL = "https://rally1.rallydev.com/slm/webservice/1.34/adhoc";
String requestJSON =
"{"
+ "\"timeentryitem\" : \"/timeentryitem?query=(ObjectID%20=%20"
+ objectId
+ ")&fetch=true\","
+ "\"task\" : \"/task?query=(ObjectID%20=%20${timeentryitem.Task.ObjectID})&fetch=true\","
+ "\"userstory\" : \"/hierarchicalrequirement?query=(ObjectID%20=%20${task.WorkProduct.ObjectID})&fetch=true\","
+ "\"defect\" : \"/defect?query=(ObjectID%20=%20${task.WorkProduct.ObjectID})&fetch=true\""
+ "}";
log.info("apiURL=" + apiURL);
log.info("requestJSON=" + requestJSON);
String responseJSON = postRallyXML(apiURL, requestJSON);
// Bypass"%;" to avoid exception
responseJSON = responseJSON.replace("%;", ";");
responseJSON = responseJSON.replace("%", "");
Map jsonMap = JsonUtil.jsonToMap(responseJSON);
String usRef = "";
String usName = "";
String usFormattedId = "";
String usPlanEstimate = "";
String usTaskEstimateTotal = "";
String usTaskRemainingTotal = "";
String usState = "";
String usOwner = "";
Map usMap = new HashMap();
// Get user story info
JSONObject userstoryMap = (JSONObject) jsonMap.get("userstory");
JSONArray userstoryArray = (JSONArray) userstoryMap.get("Results");
if (userstoryArray == null || userstoryArray.size() == 0) {
userstoryMap = (JSONObject) jsonMap.get("defect");
userstoryArray = (JSONArray) userstoryMap.get("Results");
}
if (userstoryArray != null && userstoryArray.size() > 0) {
JSONObject userstoryInfo = (JSONObject) userstoryArray.get(0);
// log.info("userstoryInfo="+userstoryInfo);
usRef = (userstoryInfo.get("_ref")).toString();
usFormattedId = (userstoryInfo.get("FormattedID")).toString();
usName = (userstoryInfo.get("Name")).toString();
usState = (userstoryInfo.get("ScheduleState")).toString();
if (userstoryInfo.get("PlanEstimate") != null)
usPlanEstimate = (userstoryInfo.get("PlanEstimate")).toString();
if (userstoryInfo.get("TaskEstimateTotal") != null)
usTaskEstimateTotal = (userstoryInfo.get("TaskEstimateTotal")).toString();
if (userstoryInfo.get("TaskRemainingTotal") != null)
usTaskRemainingTotal = (userstoryInfo.get("TaskRemainingTotal")).toString();
JSONObject ownerMap = (JSONObject) userstoryInfo.get("Owner");
if (ownerMap != null) {
usOwner = (String) ownerMap.get("_refObjectName");
if (usOwner == null) {
usOwner = "";
}
}
}
Map usDetailMap = new HashMap();
usDetailMap.put("usFormattedId", usFormattedId);
usDetailMap.put("usName", usName);
usDetailMap.put("usPlanEstimate", usPlanEstimate);
usDetailMap.put("usTaskEstimateTotal", usTaskEstimateTotal);
usDetailMap.put("usTaskRemainingTotal", usTaskRemainingTotal);
usDetailMap.put("usOwner", usOwner);
usDetailMap.put("usState", usState);
usMap.put(usRef, usDetailMap);
// log.info("usMap="+usMap);
String taskObjId = "";
String taskFormattedId = "";
String taskName = "";
String estimate = "";
String toDo = "";
String taskState = "";
String taskOwner = "";
String projectName = "";
String iterationName = "";
String workProductRef = "";
List taskList = new ArrayList();
// Get task info
JSONObject taskJsonMap = (JSONObject) jsonMap.get("task");
JSONArray taskArray = (JSONArray) taskJsonMap.get("Results");
if (taskArray != null && taskArray.size() > 0) {
for (int i = 0; i < taskArray.size(); i++) {
JSONObject taskInfo = (JSONObject) taskArray.get(0);
// log.info("taskMap="+taskMap);
// log.info("taskInfo="+taskInfo);
taskObjId = (taskInfo.get("ObjectID")).toString();
taskFormattedId = (taskInfo.get("FormattedID")).toString();
taskState = (taskInfo.get("State")).toString();
Object taskNameObj = taskInfo.get("Name");
taskName = taskNameObj == null ? "" : taskNameObj.toString();
Object estimateObject = taskInfo.get("Estimate");
estimate = estimateObject == null ? "" : estimateObject.toString();
Object toDoObject = taskInfo.get("ToDo");
toDo = toDoObject == null ? "" : toDoObject.toString();
JSONObject ownerMap = (JSONObject) taskInfo.get("Owner");
// log.info("ownerMap="+ownerMap);
if (ownerMap != null) {
taskOwner = (String) ownerMap.get("_refObjectName");
if (taskOwner == null) {
taskOwner = "";
}
}
JSONObject workProductMap = (JSONObject) taskInfo.get("WorkProduct");
// log.info("workProductMap="+workProductMap);
if (workProductMap != null) {
workProductRef = (String) workProductMap.get("_ref");
if (workProductRef == null) {
workProductRef = "";
}
}
JSONObject projectMap = (JSONObject) taskInfo.get("Project");
// log.info("projectMap="+projectMap);
if (projectMap != null) {
projectName = (String) projectMap.get("_refObjectName");
if (projectName == null) {
projectName = "";
}
}
JSONObject iterationMap = (JSONObject) taskInfo.get("Iteration");
// log.info("iterationMap="+iterationMap);
if (iterationMap != null) {
iterationName = (String) iterationMap.get("_refObjectName");
if (iterationName == null) {
iterationName = "";
}
}
taskMap.put("taskFormattedId", taskFormattedId);
taskMap.put("taskName", taskName);
taskMap.put("taskState", taskState);
taskMap.put("owner", taskOwner);
taskMap.put("taskEstimate", estimate);
taskMap.put("taskRemaining", toDo);
taskMap.put("projectName", projectName);
taskMap.put("iterationName", iterationName);
Map map = (Map) usMap.get(workProductRef);
taskMap.put("usName", map.get("usFormattedId") + " " + map.get("usName"));
log.info("taskMap=" + taskMap);
} // for taskArray
}
return taskMap;
}
/**
* This is the entry point under which all password changes are managed. The following is the
* general procedure when this method is invoked.
*
* <ul>
* <li>password is checked against PWM password requirement
* <li>ldap password set is attempted<br>
* <br>
* if successful:
* <ul>
* <li>uiBean is updated with old and new passwords
* <li>uiBean's password expire flag is set to false
* <li>any configured external methods are invoked
* <li>user email notification is sent
* <li>return true
* </ul>
* <br>
* if unsuccessful
* <ul>
* <li>ssBean is updated with appropriate error
* <li>return false
* </ul>
* </ul>
*
* @param newPassword the new password that is being set.
* @param pwmSession beanmanager for config and user info lookup
* @throws com.novell.ldapchai.exception.ChaiUnavailableException if the ldap directory is not
* unavailable
* @throws password.pwm.error.PwmUnrecoverableException if user is not authenticated
*/
public static void setActorPassword(
final PwmSession pwmSession,
final PwmApplication pwmApplication,
final PasswordData newPassword)
throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException {
final UserInfoBean uiBean = pwmSession.getUserInfoBean();
if (!pwmSession
.getSessionManager()
.checkPermission(pwmApplication, Permission.CHANGE_PASSWORD)) {
final String errorMsg =
"attempt to setActorPassword, but user does not have password change permission";
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg);
throw new PwmOperationalException(errorInformation);
}
// double check to make sure password meets PWM rule requirements. This should
// have been done before setActorPassword() is invoked, so it should be redundant
// but we do it just in case.
try {
final PwmPasswordRuleValidator pwmPasswordRuleValidator =
new PwmPasswordRuleValidator(pwmApplication, uiBean.getPasswordPolicy());
pwmPasswordRuleValidator.testPassword(
newPassword, null, uiBean, pwmSession.getSessionManager().getActor(pwmApplication));
} catch (PwmDataValidationException e) {
final String errorMsg =
"attempt to setActorPassword, but password does not pass local policy validator";
final ErrorInformation errorInformation =
new ErrorInformation(e.getErrorInformation().getError(), errorMsg);
throw new PwmOperationalException(errorInformation);
}
// retrieve the user's old password from the userInfoBean in the session
final PasswordData oldPassword = pwmSession.getLoginInfoBean().getUserCurrentPassword();
boolean setPasswordWithoutOld = false;
if (oldPassword == null) {
if (pwmSession
.getSessionManager()
.getActor(pwmApplication)
.getChaiProvider()
.getDirectoryVendor()
== ChaiProvider.DIRECTORY_VENDOR.MICROSOFT_ACTIVE_DIRECTORY) {
setPasswordWithoutOld = true;
}
}
if (!setPasswordWithoutOld) {
// Check to make sure we actually have an old password
if (oldPassword == null) {
final String errorMsg = "cannot set password for user, old password is not available";
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_WRONGPASSWORD, errorMsg);
throw new PwmOperationalException(errorInformation);
}
}
try {
final ChaiProvider provider = pwmSession.getSessionManager().getChaiProvider();
final ChaiUser theUser =
ChaiFactory.createChaiUser(
pwmSession.getUserInfoBean().getUserIdentity().getUserDN(), provider);
final boolean boundAsSelf =
theUser
.getEntryDN()
.equals(provider.getChaiConfiguration().getSetting(ChaiSetting.BIND_DN));
LOGGER.trace(
pwmSession,
"preparing to setActorPassword for '"
+ theUser.getEntryDN()
+ "', bindAsSelf="
+ boundAsSelf
+ ", authType="
+ pwmSession.getLoginInfoBean().getType());
if (setPasswordWithoutOld) {
theUser.setPassword(newPassword.getStringValue(), true);
} else {
theUser.changePassword(oldPassword.getStringValue(), newPassword.getStringValue());
}
} catch (ChaiPasswordPolicyException e) {
final String errorMsg =
"error setting password for user '" + uiBean.getUserIdentity() + "'' " + e.toString();
final PwmError pwmError = PwmError.forChaiError(e.getErrorCode());
final ErrorInformation error =
new ErrorInformation(
pwmError == null ? PwmError.PASSWORD_UNKNOWN_VALIDATION : pwmError, errorMsg);
throw new PwmOperationalException(error);
} catch (ChaiOperationException e) {
final String errorMsg =
"error setting password for user '" + uiBean.getUserIdentity() + "'' " + e.getMessage();
final PwmError pwmError =
PwmError.forChaiError(e.getErrorCode()) == null
? PwmError.ERROR_UNKNOWN
: PwmError.forChaiError(e.getErrorCode());
final ErrorInformation error = new ErrorInformation(pwmError, errorMsg);
throw new PwmOperationalException(error);
}
// at this point the password has been changed, so log it.
LOGGER.info(
pwmSession, "user '" + uiBean.getUserIdentity() + "' successfully changed password");
// update the session state bean's password modified flag
pwmSession.getSessionStateBean().setPasswordModified(true);
// update the login info bean with the user's new password
pwmSession.getLoginInfoBean().setUserCurrentPassword(newPassword);
// close any outstanding ldap connections (since they cache the old password)
pwmSession
.getSessionManager()
.updateUserPassword(pwmApplication, uiBean.getUserIdentity(), newPassword);
// clear the "requires new password flag"
uiBean.setRequiresNewPassword(false);
// mark the auth type as authenticatePd now that we have the user's natural password.
pwmSession.getLoginInfoBean().setType(AuthenticationType.AUTHENTICATED);
// update the uibean's "password expired flag".
final UserStatusReader userStatusReader =
new UserStatusReader(pwmApplication, pwmSession.getLabel());
uiBean.setPasswordState(
userStatusReader.readPasswordStatus(
pwmSession.getSessionManager().getActor(pwmApplication),
uiBean.getPasswordPolicy(),
uiBean,
newPassword));
// create a proxy user object for pwm to update/read the user.
final ChaiUser proxiedUser = pwmSession.getSessionManager().getActor(pwmApplication);
// update statistics
{
pwmApplication.getStatisticsManager().incrementValue(Statistic.PASSWORD_CHANGES);
pwmApplication.getStatisticsManager().updateEps(Statistic.EpsType.PASSWORD_CHANGES, 1);
final int passwordStrength =
PasswordUtility.judgePasswordStrength(newPassword.getStringValue());
pwmApplication
.getStatisticsManager()
.updateAverageValue(Statistic.AVG_PASSWORD_STRENGTH, passwordStrength);
}
// add the old password to the global history list (if the old password is known)
if (oldPassword != null
&& pwmApplication
.getConfig()
.readSettingAsBoolean(PwmSetting.PASSWORD_SHAREDHISTORY_ENABLE)) {
pwmApplication.getSharedHistoryManager().addWord(pwmSession, oldPassword.getStringValue());
}
// invoke post password change actions
invokePostChangePasswordActions(pwmSession, newPassword.getStringValue());
{ // execute configured actions
LOGGER.debug(pwmSession, "executing configured actions to user " + proxiedUser.getEntryDN());
final List<ActionConfiguration> configValues =
pwmApplication
.getConfig()
.readSettingAsAction(PwmSetting.CHANGE_PASSWORD_WRITE_ATTRIBUTES);
if (configValues != null && !configValues.isEmpty()) {
final LoginInfoBean clonedLoginInfoBean =
JsonUtil.cloneUsingJson(pwmSession.getLoginInfoBean(), LoginInfoBean.class);
clonedLoginInfoBean.setUserCurrentPassword(newPassword);
final MacroMachine macroMachine =
new MacroMachine(
pwmApplication,
pwmSession.getLabel(),
pwmSession.getUserInfoBean(),
clonedLoginInfoBean,
pwmSession.getSessionManager().getUserDataReader(pwmApplication));
final ActionExecutor actionExecutor =
new ActionExecutor.ActionExecutorSettings(pwmApplication, uiBean.getUserIdentity())
.setMacroMachine(macroMachine)
.setExpandPwmMacros(true)
.createActionExecutor();
actionExecutor.executeActions(configValues, pwmSession);
}
}
// update the current last password update field in ldap
LdapOperationsHelper.updateLastPasswordUpdateAttribute(
pwmApplication, pwmSession.getLabel(), uiBean.getUserIdentity());
}
public static PasswordCheckInfo checkEnteredPassword(
final PwmApplication pwmApplication,
final Locale locale,
final ChaiUser user,
final UserInfoBean userInfoBean,
final LoginInfoBean loginInfoBean,
final PasswordData password,
final PasswordData confirmPassword)
throws PwmUnrecoverableException, ChaiUnavailableException {
if (userInfoBean == null) {
throw new NullPointerException("userInfoBean cannot be null");
}
boolean pass = false;
String userMessage = "";
int errorCode = 0;
final boolean passwordIsCaseSensitive =
userInfoBean.getPasswordPolicy() == null
|| userInfoBean
.getPasswordPolicy()
.getRuleHelper()
.readBooleanValue(PwmPasswordRule.CaseSensitive);
final CachePolicy cachePolicy;
{
final long cacheLifetimeMS =
Long.parseLong(
pwmApplication
.getConfig()
.readAppProperty(AppProperty.CACHE_PWRULECHECK_LIFETIME_MS));
cachePolicy = CachePolicy.makePolicyWithExpirationMS(cacheLifetimeMS);
}
if (password == null) {
userMessage =
new ErrorInformation(PwmError.PASSWORD_MISSING)
.toUserStr(locale, pwmApplication.getConfig());
} else {
final CacheService cacheService = pwmApplication.getCacheService();
final CacheKey cacheKey =
user != null && userInfoBean.getUserIdentity() != null
? CacheKey.makeCacheKey(
PasswordUtility.class,
userInfoBean.getUserIdentity(),
user.getEntryDN() + ":" + password.hash())
: null;
if (pwmApplication.getConfig().isDevDebugMode()) {
LOGGER.trace("generated cacheKey for password check request: " + cacheKey);
}
try {
if (cacheService != null && cacheKey != null) {
final String cachedValue = cacheService.get(cacheKey);
if (cachedValue != null) {
if (NEGATIVE_CACHE_HIT.equals(cachedValue)) {
pass = true;
} else {
LOGGER.trace("cache hit!");
final ErrorInformation errorInformation =
JsonUtil.deserialize(cachedValue, ErrorInformation.class);
throw new PwmDataValidationException(errorInformation);
}
}
}
if (!pass) {
final PwmPasswordRuleValidator pwmPasswordRuleValidator =
new PwmPasswordRuleValidator(
pwmApplication, userInfoBean.getPasswordPolicy(), locale);
final PasswordData oldPassword =
loginInfoBean == null ? null : loginInfoBean.getUserCurrentPassword();
pwmPasswordRuleValidator.testPassword(password, oldPassword, userInfoBean, user);
pass = true;
if (cacheService != null && cacheKey != null) {
cacheService.put(cacheKey, cachePolicy, NEGATIVE_CACHE_HIT);
}
}
} catch (PwmDataValidationException e) {
errorCode = e.getError().getErrorCode();
userMessage = e.getErrorInformation().toUserStr(locale, pwmApplication.getConfig());
pass = false;
if (cacheService != null && cacheKey != null) {
final String jsonPayload = JsonUtil.serialize(e.getErrorInformation());
cacheService.put(cacheKey, cachePolicy, jsonPayload);
}
}
}
final PasswordCheckInfo.MATCH_STATUS matchStatus =
figureMatchStatus(passwordIsCaseSensitive, password, confirmPassword);
if (pass) {
switch (matchStatus) {
case EMPTY:
userMessage =
new ErrorInformation(PwmError.PASSWORD_MISSING_CONFIRM)
.toUserStr(locale, pwmApplication.getConfig());
break;
case MATCH:
userMessage =
new ErrorInformation(PwmError.PASSWORD_MEETS_RULES)
.toUserStr(locale, pwmApplication.getConfig());
break;
case NO_MATCH:
userMessage =
new ErrorInformation(PwmError.PASSWORD_DOESNOTMATCH)
.toUserStr(locale, pwmApplication.getConfig());
break;
default:
userMessage = "";
}
}
final int strength = judgePasswordStrength(password == null ? null : password.getStringValue());
return new PasswordCheckInfo(userMessage, pass, strength, matchStatus, errorCode);
}
public List<HealthRecord> healthCheck() {
if (status == PwmService.STATUS.CLOSED) {
return Collections.emptyList();
}
final List<HealthRecord> returnRecords = new ArrayList<>();
try {
preOperationCheck();
} catch (DatabaseException e) {
lastError = e.getErrorInformation();
returnRecords.add(
new HealthRecord(
HealthStatus.WARN,
HealthTopic.Database,
"Database server is not available: " + e.getErrorInformation().toDebugStr()));
return returnRecords;
}
try {
final Map<String, String> tempMap = new HashMap<>();
tempMap.put("instance", instanceID);
tempMap.put("date", (new java.util.Date()).toString());
this.put(
DatabaseTable.PWM_META, DatabaseAccessorImpl.KEY_TEST, JsonUtil.serializeMap(tempMap));
} catch (PwmException e) {
returnRecords.add(
new HealthRecord(
HealthStatus.WARN,
HealthTopic.Database,
"Error writing to database: " + e.getErrorInformation().toDebugStr()));
return returnRecords;
}
if (lastError != null) {
final TimeDuration errorAge = TimeDuration.fromCurrent(lastError.getDate().getTime());
if (errorAge.isShorterThan(TimeDuration.HOUR)) {
returnRecords.add(
new HealthRecord(
HealthStatus.CAUTION,
HealthTopic.Database,
"Database server was recently unavailable ("
+ errorAge.asLongString(PwmConstants.DEFAULT_LOCALE)
+ " ago at "
+ lastError.getDate().toString()
+ "): "
+ lastError.toDebugStr()));
}
}
if (returnRecords.isEmpty()) {
returnRecords.add(
new HealthRecord(
HealthStatus.GOOD,
HealthTopic.Database,
"Database connection to " + this.dbConfiguration.getConnectionString() + " okay"));
}
return returnRecords;
}
private Connection openDB(final DBConfiguration dbConfiguration) throws DatabaseException {
final String connectionURL = dbConfiguration.getConnectionString();
final String jdbcClassName = dbConfiguration.getDriverClassname();
try {
final byte[] jdbcDriverBytes = dbConfiguration.getJdbcDriver();
if (jdbcDriverBytes != null) {
LOGGER.debug("loading JDBC database driver stored in configuration");
final JarClassLoader jarClassLoader = new JarClassLoader();
jarClassLoader.add(new ByteArrayInputStream(jdbcDriverBytes));
final JclObjectFactory jclObjectFactory = JclObjectFactory.getInstance();
// Create object of loaded class
driver = (Driver) jclObjectFactory.create(jarClassLoader, jdbcClassName);
LOGGER.debug(
"successfully loaded JDBC database driver '"
+ jdbcClassName
+ "' from application configuration");
}
} catch (Throwable e) {
final String errorMsg =
"error registering JDBC database driver stored in configuration: " + e.getMessage();
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
LOGGER.error(errorMsg, e);
throw new DatabaseException(errorInformation);
}
if (driver == null) {
try {
LOGGER.debug("loading JDBC database driver from classpath: " + jdbcClassName);
driver = (Driver) Class.forName(jdbcClassName).newInstance();
LOGGER.debug("successfully loaded JDBC database driver from classpath: " + jdbcClassName);
} catch (Throwable e) {
final String errorMsg =
e.getClass().getName()
+ " error loading JDBC database driver from classpath: "
+ e.getMessage();
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
throw new DatabaseException(errorInformation);
}
}
try {
LOGGER.debug("opening connection to database " + connectionURL);
final Properties connectionProperties = new Properties();
if (dbConfiguration.getUsername() != null && !dbConfiguration.getUsername().isEmpty()) {
connectionProperties.setProperty("user", dbConfiguration.getUsername());
}
if (dbConfiguration.getPassword() != null) {
connectionProperties.setProperty(
"password", dbConfiguration.getPassword().getStringValue());
}
final Connection connection = driver.connect(connectionURL, connectionProperties);
final Map<PwmAboutProperty, String> debugProps = getConnectionDebugProperties(connection);
;
LOGGER.debug(
"successfully opened connection to database "
+ connectionURL
+ ", properties: "
+ JsonUtil.serializeMap(debugProps));
connection.setAutoCommit(true);
return connection;
} catch (Throwable e) {
final String errorMsg =
"error connecting to database: " + Helper.readHostileExceptionMessage(e);
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
if (e instanceof IOException) {
LOGGER.error(errorInformation);
} else {
LOGGER.error(errorMsg, e);
}
throw new DatabaseException(errorInformation);
}
}
@Test
public void testFetchLast() {
try {
String neId =
"1005255"; // KLNNMS02(cpuusage=YES cpu1min=YES memutil=YES) KLNNMS05(cpuusage=YES
// bususage=YES)
// String neId = "1006119"; // KLNNMS02(cpuusage=YES cpu1min=YES memutil=YES
// KLNNMS05(cpuusage=NO bususage=NO)
Set<String> rras = new HashSet<String>();
// klnnms02
rras.add("cpu5sec");
rras.add("cpu1min");
rras.add("memutil");
// klnnms05
rras.add("cpuusage");
rras.add("bususage");
FetchLastCommandMessage message =
CommandMessageFactory.createRRDLastCommandMessage(neId, "AVERAGE", 0, 0, null, rras);
MessageProducer producer = null;
MessageConsumer consumer = null;
// time to send the JMS request
try {
TextMessage reqMsg, replyMsg;
producer = session.createProducer(new HornetQQueue(SERVICE_QUEUE));
// this will uniquelly identify the request
String UIID = UUID.randomUUID().toString();
reqMsg = session.createTextMessage();
reqMsg.setStringProperty("ServiceRRD_msg_type", "fetchLast");
reqMsg.setStringProperty("ServiceRRD_correlation_id", UIID);
String body = JsonUtil.getInstance().toJSON(message);
reqMsg.setText(body);
logger.info("SEND:\n" + body);
producer.send(reqMsg);
consumer =
session.createConsumer(
new HornetQQueue(SERVICE_REPLY_QUEUE),
"ServiceRRD_correlation_id = '" + UIID + "'");
replyMsg = (TextMessage) consumer.receive(30000);
if (replyMsg == null) {
logger.info("ServiceRRD timeout on receive()");
} else {
logger.info("REPLY:\n" + replyMsg.getText());
}
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
if (producer != null) producer.close();
if (consumer != null) consumer.close();
} catch (JMSException e) {
}
}
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
@Override
public boolean put(final DatabaseTable table, final String key, final String value)
throws DatabaseException {
preOperationCheck();
if (traceLogging) {
LOGGER.trace("attempting put operation for table=" + table + ", key=" + key);
}
if (!contains(table, key)) {
final String sqlText =
"INSERT INTO "
+ table.toString()
+ "("
+ KEY_COLUMN
+ ", "
+ VALUE_COLUMN
+ ") VALUES(?,?)";
PreparedStatement statement = null;
try {
statement = connection.prepareStatement(sqlText);
statement.setString(1, key);
statement.setString(2, value);
statement.executeUpdate();
} catch (SQLException e) {
final ErrorInformation errorInformation =
new ErrorInformation(
PwmError.ERROR_DB_UNAVAILABLE, "put operation failed: " + e.getMessage());
lastError = errorInformation;
throw new DatabaseException(errorInformation);
} finally {
close(statement);
}
return false;
}
final String sqlText =
"UPDATE " + table.toString() + " SET " + VALUE_COLUMN + "=? WHERE " + KEY_COLUMN + "=?";
PreparedStatement statement = null;
try {
statement = connection.prepareStatement(sqlText);
statement.setString(1, value);
statement.setString(2, key);
statement.executeUpdate();
} catch (SQLException e) {
final ErrorInformation errorInformation =
new ErrorInformation(
PwmError.ERROR_DB_UNAVAILABLE, "put operation failed: " + e.getMessage());
lastError = errorInformation;
throw new DatabaseException(errorInformation);
} finally {
close(statement);
}
if (traceLogging) {
final Map<String, Object> debugOutput = new LinkedHashMap<>();
debugOutput.put("table", table);
debugOutput.put("key", key);
debugOutput.put("value", value);
LOGGER.trace(
"put operation result: " + JsonUtil.serializeMap(debugOutput, JsonUtil.Flag.PrettyPrint));
}
updateStats(false, true);
return true;
}