Example #1
0
 private void updateCacheFromLdap()
     throws ChaiUnavailableException, ChaiOperationException, PwmOperationalException,
         PwmUnrecoverableException {
   LOGGER.debug(
       PwmConstants.REPORTING_SESSION_LABEL,
       "beginning process to updating user cache records from ldap");
   if (status != STATUS.OPEN) {
     return;
   }
   cancelFlag = false;
   reportStatus = new ReportStatusInfo(settings.getSettingsHash());
   reportStatus.setInProgress(true);
   reportStatus.setStartDate(new Date());
   try {
     final Queue<UserIdentity> allUsers = new LinkedList<>(getListOfUsers());
     reportStatus.setTotal(allUsers.size());
     while (status == STATUS.OPEN && !allUsers.isEmpty() && !cancelFlag) {
       final Date startUpdateTime = new Date();
       final UserIdentity userIdentity = allUsers.poll();
       try {
         if (updateCachedRecordFromLdap(userIdentity)) {
           reportStatus.setUpdated(reportStatus.getUpdated() + 1);
         }
       } catch (Exception e) {
         String errorMsg =
             "error while updating report cache for " + userIdentity.toString() + ", cause: ";
         errorMsg +=
             e instanceof PwmException
                 ? ((PwmException) e).getErrorInformation().toDebugStr()
                 : e.getMessage();
         final ErrorInformation errorInformation;
         errorInformation = new ErrorInformation(PwmError.ERROR_REPORTING_ERROR, errorMsg);
         LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, errorInformation.toDebugStr());
         reportStatus.setLastError(errorInformation);
         reportStatus.setErrors(reportStatus.getErrors() + 1);
       }
       reportStatus.setCount(reportStatus.getCount() + 1);
       reportStatus.getEventRateMeter().markEvents(1);
       final TimeDuration totalUpdateTime = TimeDuration.fromCurrent(startUpdateTime);
       if (settings.isAutoCalcRest()) {
         avgTracker.addSample(totalUpdateTime.getTotalMilliseconds());
         Helper.pause(avgTracker.avgAsLong());
       } else {
         Helper.pause(settings.getRestTime().getTotalMilliseconds());
       }
     }
     if (cancelFlag) {
       reportStatus.setLastError(
           new ErrorInformation(
               PwmError.ERROR_SERVICE_NOT_AVAILABLE, "report cancelled by operator"));
     }
   } finally {
     reportStatus.setFinishDate(new Date());
     reportStatus.setInProgress(false);
   }
   LOGGER.debug(
       PwmConstants.REPORTING_SESSION_LABEL,
       "update user cache process completed: " + JsonUtil.serialize(reportStatus));
 }
Example #2
0
  @Override
  public void init(PwmApplication pwmApplication) throws PwmException {
    status = STATUS.OPENING;
    this.pwmApplication = pwmApplication;

    if (pwmApplication.getApplicationMode() == PwmApplication.MODE.READ_ONLY) {
      LOGGER.debug(
          PwmConstants.REPORTING_SESSION_LABEL,
          "application mode is read-only, will remain closed");
      status = STATUS.CLOSED;
      return;
    }

    if (pwmApplication.getLocalDB() == null
        || LocalDB.Status.OPEN != pwmApplication.getLocalDB().status()) {
      LOGGER.debug(PwmConstants.REPORTING_SESSION_LABEL, "LocalDB is not open, will remain closed");
      status = STATUS.CLOSED;
      return;
    }

    if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.REPORTING_ENABLE)) {
      LOGGER.debug(
          PwmConstants.REPORTING_SESSION_LABEL,
          "reporting module is not enabled, will remain closed");
      status = STATUS.CLOSED;
      clear();
      return;
    }

    try {
      userCacheService = new UserCacheService();
      userCacheService.init(pwmApplication);
    } catch (Exception e) {
      LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, "unable to init cache service");
      status = STATUS.CLOSED;
      return;
    }

    settings = ReportSettings.readSettingsFromConfig(pwmApplication.getConfig());
    summaryData = ReportSummaryData.newSummaryData(settings.getTrackDays());

    executorService =
        Executors.newSingleThreadScheduledExecutor(
            Helper.makePwmThreadFactory(
                Helper.makeThreadName(pwmApplication, this.getClass()) + "-", true));

    String startupMsg = "report service started";
    LOGGER.debug(startupMsg);

    executorService.submit(new InitializationTask());

    status = STATUS.OPEN;
  }
Example #3
0
 @Override
 public void run() {
   try {
     initTempData();
   } catch (LocalDBException | PwmUnrecoverableException e) {
     LOGGER.error(
         PwmConstants.REPORTING_SESSION_LABEL, "error during initialization: " + e.getMessage());
     status = STATUS.CLOSED;
     return;
   }
   final long secondsUntilNextDredge =
       settings.getJobOffsetSeconds()
           + TimeDuration.fromCurrent(Helper.nextZuluZeroTime()).getTotalSeconds();
   executorService.scheduleAtFixedRate(
       new DredgeTask(),
       secondsUntilNextDredge,
       TimeDuration.DAY.getTotalSeconds(),
       TimeUnit.SECONDS);
   executorService.scheduleAtFixedRate(
       new RolloverTask(),
       secondsUntilNextDredge + 1,
       TimeDuration.DAY.getTotalSeconds(),
       TimeUnit.SECONDS);
   executorService.submit(new RolloverTask());
 }
Example #4
0
  @Override
  void doCommand() throws Exception {
    final PwmApplication pwmApplication = cliEnvironment.getPwmApplication();

    final File outputFile =
        (File) cliEnvironment.getOptions().get(CliParameters.REQUIRED_NEW_OUTPUT_FILE.getName());
    Helper.pause(2000);

    final long startTime = System.currentTimeMillis();
    final UserSearchEngine userSearchEngine =
        new UserSearchEngine(pwmApplication, SessionLabel.SYSTEM_LABEL);
    final UserSearchEngine.SearchConfiguration searchConfiguration =
        new UserSearchEngine.SearchConfiguration();
    searchConfiguration.setEnableValueEscaping(false);
    searchConfiguration.setUsername("*");

    final String systemRecordDelimiter = System.getProperty("line.separator");
    final Writer writer =
        new BufferedWriter(new PrintWriter(outputFile, PwmConstants.DEFAULT_CHARSET.toString()));
    final Map<UserIdentity, Map<String, String>> results =
        userSearchEngine.performMultiUserSearch(
            searchConfiguration, Integer.MAX_VALUE, Collections.<String>emptyList());
    out(
        "searching "
            + results.size()
            + " users for stored responses to write to "
            + outputFile.getAbsolutePath()
            + "....");
    int counter = 0;
    for (final UserIdentity identity : results.keySet()) {
      final ChaiUser user = pwmApplication.getProxiedChaiUser(identity);
      final ResponseSet responseSet =
          pwmApplication.getCrService().readUserResponseSet(null, identity, user);
      if (responseSet != null) {
        counter++;
        out("found responses for '" + user + "', writing to output.");
        final RestChallengesServer.JsonChallengesData outputData =
            new RestChallengesServer.JsonChallengesData();
        outputData.challenges = responseSet.asChallengeBeans(true);
        outputData.helpdeskChallenges = responseSet.asHelpdeskChallengeBeans(true);
        outputData.minimumRandoms = responseSet.getChallengeSet().minimumResponses();
        outputData.username = identity.toDelimitedKey();
        writer.write(JsonUtil.serialize(outputData));
        writer.write(systemRecordDelimiter);
      } else {
        out("skipping '" + user.toString() + "', no stored responses.");
      }
    }
    writer.close();
    out(
        "output complete, "
            + counter
            + " responses exported in "
            + TimeDuration.fromCurrent(startTime).asCompactString());
  }
  private String hashWord(final String word) throws NoSuchAlgorithmException {
    final MessageDigest md = MessageDigest.getInstance(settings.hashName);
    final String wordWithSalt = salt + word;
    final int hashLoopCount = settings.hashIterations;
    byte[] hashedAnswer = md.digest((wordWithSalt).getBytes());

    for (int i = 0; i < hashLoopCount; i++) {
      hashedAnswer = md.digest(hashedAnswer);
    }

    return Helper.binaryArrayToHex(hashedAnswer);
  }
Example #6
0
  public void outputSummaryToCsv(final OutputStream outputStream, final Locale locale)
      throws IOException {
    final List<ReportSummaryData.PresentationRow> outputList =
        summaryData.asPresentableCollection(pwmApplication.getConfig(), locale);
    final CSVPrinter csvPrinter = Helper.makeCsvPrinter(outputStream);

    for (final ReportSummaryData.PresentationRow presentationRow : outputList) {
      final List<String> headerRow = new ArrayList<>();
      headerRow.add(presentationRow.getLabel());
      headerRow.add(presentationRow.getCount());
      headerRow.add(presentationRow.getPct());
      csvPrinter.printRecord(headerRow);
    }

    csvPrinter.close();
  }
Example #7
0
  public int outputStatsToCsv(
      final OutputStream outputStream, final Locale locale, final boolean includeHeader)
      throws IOException {
    LOGGER.trace("beginning output stats to csv process");
    final Date startTime = new Date();

    final StatisticsManager statsManger = pwmApplication.getStatisticsManager();
    final CSVPrinter csvPrinter = Helper.makeCsvPrinter(outputStream);

    if (includeHeader) {
      final List<String> headers = new ArrayList<>();
      headers.add("KEY");
      headers.add("YEAR");
      headers.add("DAY");
      for (Statistic stat : Statistic.values()) {
        headers.add(stat.getLabel(locale));
      }
      csvPrinter.printRecord(headers);
    }

    int counter = 0;
    final Map<StatisticsManager.DailyKey, String> keys =
        statsManger.getAvailableKeys(PwmConstants.DEFAULT_LOCALE);
    for (final StatisticsManager.DailyKey loopKey : keys.keySet()) {
      counter++;
      final StatisticsBundle bundle = statsManger.getStatBundleForKey(loopKey.toString());
      final List<String> lineOutput = new ArrayList<>();
      lineOutput.add(loopKey.toString());
      lineOutput.add(String.valueOf(loopKey.year));
      lineOutput.add(String.valueOf(loopKey.day));
      for (final Statistic stat : Statistic.values()) {
        lineOutput.add(bundle.getStatistic(stat));
      }
      csvPrinter.printRecord(lineOutput);
    }

    csvPrinter.flush();
    LOGGER.trace(
        "completed output stats to csv process; output "
            + counter
            + " records in "
            + TimeDuration.fromCurrent(startTime).asCompactString());
    return counter;
  }
Example #8
0
    public static LocalDB initializeLocalDB(final PwmApplication pwmApplication) {
      if (pwmApplication.getApplicationMode() == MODE.ERROR
          || pwmApplication.getApplicationMode() == MODE.NEW) {
        LOGGER.warn(
            "skipping LocalDB open due to application mode " + pwmApplication.getApplicationMode());
        return null;
      }

      final File databaseDirectory;
      // see if META-INF isn't already there, then use WEB-INF.
      try {
        final String localDBLocationSetting =
            pwmApplication.getConfig().readSettingAsString(PwmSetting.PWMDB_LOCATION);
        databaseDirectory =
            Helper.figureFilepath(localDBLocationSetting, pwmApplication.applicationPath);
      } catch (Exception e) {
        pwmApplication.lastLocalDBFailure =
            new ErrorInformation(
                PwmError.ERROR_LOCALDB_UNAVAILABLE,
                "error locating configured LocalDB directory: " + e.getMessage());
        LOGGER.warn(pwmApplication.lastLocalDBFailure.toDebugStr());
        return null;
      }

      LOGGER.debug("using localDB path " + databaseDirectory);

      // initialize the localDB
      try {
        final boolean readOnly = pwmApplication.getApplicationMode() == MODE.READ_ONLY;
        return LocalDBFactory.getInstance(
            databaseDirectory, readOnly, pwmApplication, pwmApplication.getConfig());
      } catch (Exception e) {
        pwmApplication.lastLocalDBFailure =
            new ErrorInformation(
                PwmError.ERROR_LOCALDB_UNAVAILABLE,
                "unable to initialize LocalDB: " + e.getMessage());
        LOGGER.warn(pwmApplication.lastLocalDBFailure.toDebugStr());
      }

      return null;
    }
Example #9
0
  public void outputToCsv(
      final OutputStream outputStream, final boolean includeHeader, final Locale locale)
      throws IOException, ChaiUnavailableException, ChaiOperationException,
          PwmUnrecoverableException, PwmOperationalException {
    final CSVPrinter csvPrinter = Helper.makeCsvPrinter(outputStream);
    final Configuration config = pwmApplication.getConfig();
    final Class localeClass = password.pwm.i18n.Admin.class;
    if (includeHeader) {
      final List<String> headerRow = new ArrayList<>();
      headerRow.add(
          LocaleHelper.getLocalizedMessage(locale, "Field_Report_UserDN", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_LDAP_Profile", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(locale, "Field_Report_Username", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(locale, "Field_Report_Email", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(locale, "Field_Report_UserGuid", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(locale, "Field_Report_LastLogin", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_PwdExpireTime", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_PwdChangeTime", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_ResponseSaveTime", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_HasResponses", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_HasHelpdeskResponses", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_ResponseStorageMethod", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(locale, "Field_Report_PwdExpired", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_PwdPreExpired", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_PwdViolatesPolicy", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_PwdWarnPeriod", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_RequiresPasswordUpdate", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_RequiresResponseUpdate", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_RequiresProfileUpdate", config, localeClass));
      headerRow.add(
          LocaleHelper.getLocalizedMessage(
              locale, "Field_Report_RecordCacheTime", config, localeClass));
      csvPrinter.printRecord(headerRow);
    }

    ClosableIterator<UserCacheRecord> cacheBeanIterator = null;
    try {
      cacheBeanIterator = this.iterator();
      while (cacheBeanIterator.hasNext()) {
        final UserCacheRecord userCacheRecord = cacheBeanIterator.next();
        outputRecordRow(config, locale, userCacheRecord, csvPrinter);
      }
    } finally {
      if (cacheBeanIterator != null) {
        cacheBeanIterator.close();
      }
    }

    csvPrinter.flush();
  }
Example #10
0
  @Override
  protected void processAction(final PwmRequest pwmRequest)
      throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();

    if ((pwmSession.getSessionBean(ConfigGuideBean.class)).getStep() == STEP.START) {
      pwmSession.clearSessionBeans();
      pwmSession.getSessionStateBean().setTheme(null);
    }

    final ConfigGuideBean configGuideBean = pwmSession.getSessionBean(ConfigGuideBean.class);

    if (pwmApplication.getApplicationMode() != PwmApplication.MODE.NEW) {
      final ErrorInformation errorInformation =
          new ErrorInformation(
              PwmError.ERROR_SERVICE_NOT_AVAILABLE, "ConfigGuide unavailable unless in NEW mode");
      LOGGER.error(pwmSession, errorInformation.toDebugStr());
      pwmRequest.respondWithError(errorInformation);
      return;
    }

    if (!configGuideBean.getFormData().containsKey(PARAM_APP_SITEURL)) {
      final URI uri = URI.create(pwmRequest.getHttpServletRequest().getRequestURL().toString());
      final int port = Helper.portForUriSchema(uri);
      final String newUri =
          uri.getScheme() + "://" + uri.getHost() + ":" + port + pwmRequest.getContextPath();
      configGuideBean.getFormData().put(PARAM_APP_SITEURL, newUri);
    }

    pwmSession.setSessionTimeout(
        pwmRequest.getHttpServletRequest().getSession(),
        Integer.parseInt(
            pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT)));

    if (configGuideBean.getStep() == STEP.LDAP_CERT) {
      final String ldapServerString =
          ((List<String>)
                  configGuideBean
                      .getStoredConfiguration()
                      .readSetting(PwmSetting.LDAP_SERVER_URLS, LDAP_PROFILE_KEY)
                      .toNativeObject())
              .get(0);
      try {
        final URI ldapServerUri = new URI(ldapServerString);
        if ("ldaps".equalsIgnoreCase(ldapServerUri.getScheme())) {
          configGuideBean.setLdapCertificates(X509Utils.readRemoteCertificates(ldapServerUri));
          configGuideBean.setCertsTrustedbyKeystore(
              X509Utils.testIfLdapServerCertsInDefaultKeystore(ldapServerUri));
        } else {
          configGuideBean.setLdapCertificates(null);
          configGuideBean.setCertsTrustedbyKeystore(false);
        }
      } catch (Exception e) {
        LOGGER.error("error reading/testing ldap server certificates: " + e.getMessage());
      }
    }

    final ConfigGuideAction action = readProcessAction(pwmRequest);
    if (action != null) {
      pwmRequest.validatePwmFormID();
      switch (action) {
        case ldapHealth:
          restLdapHealth(pwmRequest, configGuideBean);
          return;

        case updateForm:
          restUpdateLdapForm(pwmRequest, configGuideBean);
          return;

        case gotoStep:
          restGotoStep(pwmRequest, configGuideBean);
          return;

        case useConfiguredCerts:
          restUseConfiguredCerts(pwmRequest, configGuideBean);
          return;

        case uploadConfig:
          restUploadConfig(pwmRequest);
          return;

        case extendSchema:
          restExtendSchema(pwmRequest, configGuideBean);
          return;

        case viewAdminMatches:
          restViewAdminMatches(pwmRequest, configGuideBean);
          return;

        case browseLdap:
          restBrowseLdap(pwmRequest, configGuideBean);
      }
    }

    if (!pwmRequest.getPwmResponse().getHttpServletResponse().isCommitted()) {
      forwardToJSP(pwmRequest);
    }
  }
Example #11
0
  private void initialize(final boolean initLogging) throws PwmUnrecoverableException {
    final Date startTime = new Date();

    // initialize log4j
    if (initLogging) {
      final String log4jFileName =
          configuration.readSettingAsString(PwmSetting.EVENTS_JAVA_LOG4JCONFIG_FILE);
      final File log4jFile = Helper.figureFilepath(log4jFileName, applicationPath);
      final String consoleLevel, fileLevel;
      switch (getApplicationMode()) {
        case ERROR:
        case NEW:
          consoleLevel = PwmLogLevel.TRACE.toString();
          fileLevel = PwmLogLevel.TRACE.toString();
          break;

        default:
          consoleLevel = configuration.readSettingAsString(PwmSetting.EVENTS_JAVA_STDOUT_LEVEL);
          fileLevel = configuration.readSettingAsString(PwmSetting.EVENTS_FILE_LEVEL);
          break;
      }

      PwmLogManager.initializeLogger(
          this, configuration, log4jFile, consoleLevel, applicationPath, fileLevel);

      switch (getApplicationMode()) {
        case RUNNING:
          break;

        case ERROR:
          LOGGER.fatal(
              "starting up in ERROR mode! Check log or health check information for cause");
          break;

        default:
          LOGGER.trace(
              "setting log level to TRACE because application mode is " + getApplicationMode());
          break;
      }
    }

    LOGGER.info(
        "initializing, application mode="
            + getApplicationMode()
            + ", applicationPath="
            + (applicationPath == null ? "null" : applicationPath.getAbsolutePath())
            + ", configurationFile="
            + (configurationFile == null ? "null" : configurationFile.getAbsolutePath()));

    this.localDB = Initializer.initializeLocalDB(this);
    this.localDBLogger = PwmLogManager.initializeLocalDBLogger(this);

    // log the loaded configuration
    LOGGER.info("configuration load completed");

    // read the pwm servlet instance id
    instanceID = fetchInstanceID(localDB, this);
    LOGGER.info("using '" + getInstanceID() + "' for instance's ID (instanceID)");

    // read the pwm installation date
    installTime = fetchInstallDate(startupTime);
    LOGGER.debug(
        "this application instance first installed on "
            + PwmConstants.DEFAULT_DATETIME_FORMAT.format(installTime));

    initServices();

    final TimeDuration totalTime = TimeDuration.fromCurrent(startTime);
    LOGGER.info(
        PwmConstants.PWM_APP_NAME
            + " "
            + PwmConstants.SERVLET_VERSION
            + " open for bidness! ("
            + totalTime.asCompactString()
            + ")");
    StatisticsManager.incrementStat(this, Statistic.PWM_STARTUPS);
    LOGGER.debug(
        "buildTime="
            + PwmConstants.BUILD_TIME
            + ", javaLocale="
            + Locale.getDefault()
            + ", DefaultLocale="
            + PwmConstants.DEFAULT_LOCALE);

    final Thread postInitThread =
        new Thread() {
          @Override
          public void run() {
            postInitTasks();
          }
        };
    postInitThread.setDaemon(true);
    postInitThread.setName(Helper.makeThreadName(this, PwmApplication.class));
    postInitThread.start();
  }
Example #12
0
  private Connection openDB(final DBConfiguration dbConfiguration) throws DatabaseException {
    final String connectionURL = dbConfiguration.getConnectionString();
    final String jdbcClassName = dbConfiguration.getDriverClassname();

    try {
      final byte[] jdbcDriverBytes = dbConfiguration.getJdbcDriver();
      if (jdbcDriverBytes != null) {
        LOGGER.debug("loading JDBC database driver stored in configuration");
        final JarClassLoader jarClassLoader = new JarClassLoader();
        jarClassLoader.add(new ByteArrayInputStream(jdbcDriverBytes));
        final JclObjectFactory jclObjectFactory = JclObjectFactory.getInstance();

        // Create object of loaded class
        driver = (Driver) jclObjectFactory.create(jarClassLoader, jdbcClassName);

        LOGGER.debug(
            "successfully loaded JDBC database driver '"
                + jdbcClassName
                + "' from application configuration");
      }
    } catch (Throwable e) {
      final String errorMsg =
          "error registering JDBC database driver stored in configuration: " + e.getMessage();
      final ErrorInformation errorInformation =
          new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
      LOGGER.error(errorMsg, e);
      throw new DatabaseException(errorInformation);
    }

    if (driver == null) {
      try {
        LOGGER.debug("loading JDBC database driver from classpath: " + jdbcClassName);
        driver = (Driver) Class.forName(jdbcClassName).newInstance();

        LOGGER.debug("successfully loaded JDBC database driver from classpath: " + jdbcClassName);
      } catch (Throwable e) {
        final String errorMsg =
            e.getClass().getName()
                + " error loading JDBC database driver from classpath: "
                + e.getMessage();
        final ErrorInformation errorInformation =
            new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
        throw new DatabaseException(errorInformation);
      }
    }

    try {
      LOGGER.debug("opening connection to database " + connectionURL);
      final Properties connectionProperties = new Properties();
      if (dbConfiguration.getUsername() != null && !dbConfiguration.getUsername().isEmpty()) {
        connectionProperties.setProperty("user", dbConfiguration.getUsername());
      }
      if (dbConfiguration.getPassword() != null) {
        connectionProperties.setProperty(
            "password", dbConfiguration.getPassword().getStringValue());
      }
      final Connection connection = driver.connect(connectionURL, connectionProperties);

      final Map<PwmAboutProperty, String> debugProps = getConnectionDebugProperties(connection);
      ;
      LOGGER.debug(
          "successfully opened connection to database "
              + connectionURL
              + ", properties: "
              + JsonUtil.serializeMap(debugProps));

      connection.setAutoCommit(true);
      return connection;
    } catch (Throwable e) {
      final String errorMsg =
          "error connecting to database: " + Helper.readHostileExceptionMessage(e);
      final ErrorInformation errorInformation =
          new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
      if (e instanceof IOException) {
        LOGGER.error(errorInformation);
      } else {
        LOGGER.error(errorMsg, e);
      }
      throw new DatabaseException(errorInformation);
    }
  }
Example #13
0
 public void run() {
   writeDbValues();
   resetDailyStats();
   daemonTimer.schedule(new NightlyTask(), Helper.nextZuluZeroTime());
 }
Example #14
0
  public void init(PwmApplication pwmApplication) throws PwmException {
    for (final Statistic.EpsType type : Statistic.EpsType.values()) {
      for (final Statistic.EpsDuration duration : Statistic.EpsDuration.values()) {
        epsMeterMap.put(
            type.toString() + duration.toString(), new EventRateMeter(duration.getTimeDuration()));
      }
    }

    status = STATUS.OPENING;
    this.localDB = pwmApplication.getLocalDB();
    this.pwmApplication = pwmApplication;

    if (localDB == null) {
      LOGGER.error("LocalDB is not available, will remain closed");
      status = STATUS.CLOSED;
      return;
    }

    {
      final String storedCummulativeBundleStr =
          localDB.get(LocalDB.DB.PWM_STATS, DB_KEY_CUMULATIVE);
      if (storedCummulativeBundleStr != null && storedCummulativeBundleStr.length() > 0) {
        statsCummulative = StatisticsBundle.input(storedCummulativeBundleStr);
      }
    }

    {
      for (final Statistic.EpsType loopEpsType : Statistic.EpsType.values()) {
        for (final Statistic.EpsType loopEpsDuration : Statistic.EpsType.values()) {
          final String key = "EPS-" + loopEpsType.toString() + loopEpsDuration.toString();
          final String storedValue = localDB.get(LocalDB.DB.PWM_STATS, key);
          if (storedValue != null && storedValue.length() > 0) {
            try {
              final EventRateMeter eventRateMeter =
                  JsonUtil.deserialize(storedValue, EventRateMeter.class);
              epsMeterMap.put(loopEpsType.toString() + loopEpsDuration.toString(), eventRateMeter);
            } catch (Exception e) {
              LOGGER.error(
                  "unexpected error reading last EPS rate for "
                      + loopEpsType
                      + " from LocalDB: "
                      + e.getMessage());
            }
          }
        }
      }
    }

    {
      final String storedInitialString =
          localDB.get(LocalDB.DB.PWM_STATS, DB_KEY_INITIAL_DAILY_KEY);
      if (storedInitialString != null && storedInitialString.length() > 0) {
        initialDailyKey = new DailyKey(storedInitialString);
      }
    }

    {
      currentDailyKey = new DailyKey(new Date());
      final String storedDailyStr = localDB.get(LocalDB.DB.PWM_STATS, currentDailyKey.toString());
      if (storedDailyStr != null && storedDailyStr.length() > 0) {
        statsDaily = StatisticsBundle.input(storedDailyStr);
      }
    }

    try {
      localDB.put(
          LocalDB.DB.PWM_STATS,
          DB_KEY_TEMP,
          PwmConstants.DEFAULT_DATETIME_FORMAT.format(new Date()));
    } catch (IllegalStateException e) {
      LOGGER.error("unable to write to localDB, will remain closed, error: " + e.getMessage());
      status = STATUS.CLOSED;
      return;
    }

    localDB.put(LocalDB.DB.PWM_STATS, DB_KEY_VERSION, DB_VALUE_VERSION);
    localDB.put(LocalDB.DB.PWM_STATS, DB_KEY_INITIAL_DAILY_KEY, initialDailyKey.toString());

    { // setup a timer to roll over at 0 Zula and one to write current stats every 10 seconds
      final String threadName = Helper.makeThreadName(pwmApplication, this.getClass()) + " timer";
      daemonTimer = new Timer(threadName, true);
      daemonTimer.schedule(new FlushTask(), 10 * 1000, DB_WRITE_FREQUENCY_MS);
      daemonTimer.schedule(new NightlyTask(), Helper.nextZuluZeroTime());
    }

    if (pwmApplication.getApplicationMode() == PwmApplication.MODE.RUNNING) {
      if (pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.PUBLISH_STATS_ENABLE)) {
        long lastPublishTimestamp = pwmApplication.getInstallTime().getTime();
        {
          final String lastPublishDateStr =
              localDB.get(LocalDB.DB.PWM_STATS, KEY_CLOUD_PUBLISH_TIMESTAMP);
          if (lastPublishDateStr != null && lastPublishDateStr.length() > 0) {
            try {
              lastPublishTimestamp = Long.parseLong(lastPublishDateStr);
            } catch (Exception e) {
              LOGGER.error(
                  "unexpected error reading last publish timestamp from PwmDB: " + e.getMessage());
            }
          }
        }
        final Date nextPublishTime =
            new Date(
                lastPublishTimestamp
                    + PwmConstants.STATISTICS_PUBLISH_FREQUENCY_MS
                    + (long) PwmRandom.getInstance().nextInt(3600 * 1000));
        daemonTimer.schedule(
            new PublishTask(), nextPublishTime, PwmConstants.STATISTICS_PUBLISH_FREQUENCY_MS);
      }
    }

    status = STATUS.OPEN;
  }
Example #15
0
  public void init(final PwmApplication pwmApplication) throws PwmException {
    settings.maxAgeMs =
        1000
            * pwmApplication
                .getConfig()
                .readSettingAsLong(PwmSetting.PASSWORD_SHAREDHISTORY_MAX_AGE); // convert to MS;
    settings.caseInsensitive =
        Boolean.parseBoolean(
            pwmApplication
                .getConfig()
                .readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_CASE_INSENSITIVE));
    settings.hashName =
        pwmApplication.getConfig().readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_HASH_NAME);
    settings.hashIterations =
        Integer.parseInt(
            pwmApplication
                .getConfig()
                .readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_HASH_ITERATIONS));
    settings.version =
        "2"
            + "_"
            + settings.hashName
            + "_"
            + settings.hashIterations
            + "_"
            + settings.caseInsensitive;

    final int SALT_LENGTH =
        Integer.parseInt(
            pwmApplication
                .getConfig()
                .readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_SALT_LENGTH));
    this.localDB = pwmApplication.getLocalDB();

    boolean needsClearing = false;
    if (localDB == null) {
      LOGGER.info("LocalDB is not available, will remain closed");
      status = STATUS.CLOSED;
      return;
    }

    if (settings.maxAgeMs < 1) {
      LOGGER.debug("max age=" + settings.maxAgeMs + ", will remain closed");
      needsClearing = true;
    }

    {
      this.salt = localDB.get(META_DB, KEY_SALT);
      if (salt == null || salt.length() < SALT_LENGTH) {
        LOGGER.warn("stored global salt value is not present, creating new salt");
        this.salt = PwmRandom.getInstance().alphaNumericString(SALT_LENGTH);
        localDB.put(META_DB, KEY_SALT, this.salt);
        needsClearing = true;
      }
    }

    if (needsClearing) {
      LOGGER.trace("clearing wordlist");
      try {
        localDB.truncate(WORDS_DB);
      } catch (Exception e) {
        LOGGER.error("error during wordlist truncate", e);
      }
    }

    new Thread(
            new Runnable() {
              public void run() {
                LOGGER.debug("starting up in background thread");
                init(pwmApplication, settings.maxAgeMs);
              }
            },
            Helper.makeThreadName(pwmApplication, this.getClass()) + " initializer")
        .start();
  }
Example #16
0
  public static void doProfileUpdate(
      final PwmRequest pwmRequest,
      final Map<FormConfiguration, String> formValues,
      final ChaiUser theUser)
      throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final UserInfoBean uiBean = pwmRequest.getPwmSession().getUserInfoBean();

    // verify form meets the form requirements (may be redundant, but shouldn't hurt)
    verifyFormAttributes(pwmRequest, formValues, false);

    // write values.
    LOGGER.info(
        "updating profile for " + pwmRequest.getPwmSession().getUserInfoBean().getUserIdentity());

    pwmRequest.getPwmSession().getSessionManager().getChaiProvider();

    Helper.writeFormValuesToLdap(
        pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), theUser, formValues, false);

    final UserIdentity userIdentity = uiBean.getUserIdentity();

    // re-populate the uiBean because we have changed some values.
    final UserStatusReader userStatusReader =
        new UserStatusReader(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel());
    userStatusReader.populateActorUserInfoBean(pwmRequest.getPwmSession(), userIdentity);

    // clear cached read attributes.
    pwmRequest.getPwmSession().getSessionManager().clearUserDataReader();

    { // execute configured actions
      final List<ActionConfiguration> actions =
          pwmApplication
              .getConfig()
              .readSettingAsAction(PwmSetting.UPDATE_PROFILE_WRITE_ATTRIBUTES);
      if (actions != null && !actions.isEmpty()) {
        LOGGER.debug(pwmRequest, "executing configured actions to user " + userIdentity);

        final ActionExecutor actionExecutor =
            new ActionExecutor.ActionExecutorSettings(pwmApplication, userIdentity)
                .setExpandPwmMacros(true)
                .createActionExecutor();

        actionExecutor.executeActions(actions, pwmSession);
      }
    }

    sendProfileUpdateEmailNotice(pwmSession, pwmApplication);

    // mark the event log
    pwmApplication
        .getAuditManager()
        .submit(AuditEvent.UPDATE_PROFILE, pwmSession.getUserInfoBean(), pwmSession);

    // mark the uiBean so we user isn't recycled to the update profile page by the CommandServlet
    uiBean.setRequiresUpdateProfile(false);

    // clear out the updateProfileBean
    pwmSession.clearUpdateProfileBean();

    // success, so forward to success page
    pwmApplication.getStatisticsManager().incrementValue(Statistic.UPDATE_ATTRIBUTES);
  }
Example #17
0
  private void postInitTasks() {
    final Date startTime = new Date();

    LOGGER.debug("loaded configuration: \n" + configuration.toDebugString());

    // detect if config has been modified since previous startup
    try {
      final String previousHash = readAppAttribute(AppAttribute.CONFIG_HASH);
      final String currentHash = configuration.configurationHash();
      if (previousHash == null || !previousHash.equals(currentHash)) {
        writeAppAttribute(AppAttribute.CONFIG_HASH, currentHash);
        LOGGER.warn(
            "configuration checksum does not match previously seen checksum, configuration has been modified since last startup");
        if (this.getAuditManager() != null) {
          final String modifyMessage =
              "configuration was modified directly (not using ConfigEditor UI)";
          this.getAuditManager()
              .submit(
                  SystemAuditRecord.create(
                      AuditEvent.MODIFY_CONFIGURATION, modifyMessage, this.getInstanceID()));
        }
      }
    } catch (Exception e) {
      LOGGER.debug(
          "unable to detect if configuration has been modified since previous startup: "
              + e.getMessage());
    }

    if (this.getConfig() != null) {
      final Map<AppProperty, String> nonDefaultProperties =
          getConfig().readAllNonDefaultAppProperties();
      if (nonDefaultProperties != null && !nonDefaultProperties.isEmpty()) {
        final Map<String, String> tempMap = new LinkedHashMap<>();
        for (final AppProperty loopProperty : nonDefaultProperties.keySet()) {
          tempMap.put(loopProperty.getKey(), nonDefaultProperties.get(loopProperty));
        }
        LOGGER.trace(
            "non-default app properties read from configuration: "
                + JsonUtil.serializeMap(tempMap));
      } else {
        LOGGER.trace("no non-default app properties in configuration");
      }
    }

    // send system audit event
    final SystemAuditRecord auditRecord =
        SystemAuditRecord.create(AuditEvent.STARTUP, null, getInstanceID());
    try {
      getAuditManager().submit(auditRecord);
    } catch (PwmException e) {
      LOGGER.warn("unable to submit alert event " + JsonUtil.serialize(auditRecord));
    }

    try {
      Map<PwmAboutProperty, String> infoMap = Helper.makeInfoBean(this);
      LOGGER.trace("application info: " + JsonUtil.serializeMap(infoMap));
    } catch (Exception e) {
      LOGGER.error("error generating about application bean: " + e.getMessage());
    }

    try {
      this.getIntruderManager()
          .clear(RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME);
    } catch (Exception e) {
      LOGGER.debug(
          "error while clearing configmanager-intruder-username from intruder table: "
              + e.getMessage());
    }

    LOGGER.trace(
        "completed post init tasks in " + TimeDuration.fromCurrent(startTime).asCompactString());
  }
  protected void handleUpdateRequest(
      final PwmRequest pwmRequest, final GuestRegistrationBean guestRegistrationBean)
      throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException {
    // Fetch the session state bean.
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmApplication.getConfig();

    final List<FormConfiguration> formItems =
        pwmApplication.getConfig().readSettingAsForm(PwmSetting.GUEST_UPDATE_FORM);
    final String expirationAttribute =
        config.readSettingAsString(PwmSetting.GUEST_EXPIRATION_ATTRIBUTE);

    try {
      // read the values from the request
      final Map<FormConfiguration, String> formValues =
          FormUtility.readFormValuesFromRequest(pwmRequest, formItems, pwmRequest.getLocale());

      // see if the values meet form requirements.
      FormUtility.validateFormValues(config, formValues, ssBean.getLocale());

      // read current values from user.
      final ChaiUser theGuest =
          pwmSession
              .getSessionManager()
              .getActor(pwmApplication, guestRegistrationBean.getUpdateUserIdentity());

      // check unique fields against ldap
      FormUtility.validateFormValueUniqueness(
          pwmApplication,
          formValues,
          ssBean.getLocale(),
          Collections.singletonList(guestRegistrationBean.getUpdateUserIdentity()),
          false);

      final Date expirationDate = readExpirationFromRequest(pwmRequest);

      // Update user attributes
      Helper.writeFormValuesToLdap(pwmApplication, pwmSession, theGuest, formValues, false);

      // Write expirationDate
      if (expirationDate != null) {
        theGuest.writeDateAttribute(expirationAttribute, expirationDate);
      }

      // send email.
      final UserStatusReader userStatusReader =
          new UserStatusReader(pwmApplication, pwmSession.getLabel());
      final UserInfoBean guestUserInfoBean = new UserInfoBean();
      userStatusReader.populateUserInfoBean(
          guestUserInfoBean,
          pwmSession.getSessionStateBean().getLocale(),
          guestRegistrationBean.getUpdateUserIdentity(),
          theGuest.getChaiProvider());
      this.sendUpdateGuestEmailConfirmation(pwmRequest, guestUserInfoBean);

      pwmApplication.getStatisticsManager().incrementValue(Statistic.UPDATED_GUESTS);

      // everything good so forward to confirmation page.
      pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_UpdateGuest);
      return;
    } catch (PwmOperationalException e) {
      LOGGER.error(pwmSession, e.getErrorInformation().toDebugStr());
      pwmRequest.setResponseError(e.getErrorInformation());
    } catch (ChaiOperationException e) {
      final ErrorInformation info =
          new ErrorInformation(
              PwmError.ERROR_UNKNOWN, "unexpected error writing to ldap: " + e.getMessage());
      LOGGER.error(pwmSession, info);
      pwmRequest.setResponseError(info);
    }
    this.forwardToUpdateJSP(pwmRequest, guestRegistrationBean);
  }
Example #19
0
  private void init(final PwmApplication pwmApplication, final long maxAgeMs) {
    status = STATUS.OPENING;
    final long startTime = System.currentTimeMillis();

    try {
      checkDbVersion();
    } catch (Exception e) {
      LOGGER.error("error checking db version", e);
      status = STATUS.CLOSED;
      return;
    }

    try {
      final String oldestEntryStr = localDB.get(META_DB, KEY_OLDEST_ENTRY);
      if (oldestEntryStr == null || oldestEntryStr.length() < 1) {
        oldestEntry = 0;
        LOGGER.trace("no oldestEntry timestamp stored, will rescan");
      } else {
        oldestEntry = Long.parseLong(oldestEntryStr);
        LOGGER.trace(
            "oldest timestamp loaded from localDB, age is "
                + TimeDuration.fromCurrent(oldestEntry).asCompactString());
      }
    } catch (LocalDBException e) {
      LOGGER.error(
          "unexpected error loading oldest-entry meta record, will remain closed: "
              + e.getMessage(),
          e);
      status = STATUS.CLOSED;
      return;
    }

    try {
      final int size = localDB.size(WORDS_DB);
      final StringBuilder sb = new StringBuilder();
      sb.append("open with ").append(size).append(" words (");
      sb.append(new TimeDuration(System.currentTimeMillis(), startTime).asCompactString())
          .append(")");
      sb.append(", maxAgeMs=").append(new TimeDuration(maxAgeMs).asCompactString());
      sb.append(", oldestEntry=")
          .append(new TimeDuration(System.currentTimeMillis(), oldestEntry).asCompactString());
      LOGGER.info(sb.toString());
    } catch (LocalDBException e) {
      LOGGER.error(
          "unexpected error examining size of DB, will remain closed: " + e.getMessage(), e);
      status = STATUS.CLOSED;
      return;
    }

    status = STATUS.OPEN;
    // populateFromWordlist();  //only used for debugging!!!

    if (pwmApplication.getApplicationMode() == PwmApplication.MODE.RUNNING
        || pwmApplication.getApplicationMode() == PwmApplication.MODE.CONFIGURATION) {
      long frequencyMs = maxAgeMs > MAX_CLEANER_FREQUENCY ? MAX_CLEANER_FREQUENCY : maxAgeMs;
      frequencyMs = frequencyMs < MIN_CLEANER_FREQUENCY ? MIN_CLEANER_FREQUENCY : frequencyMs;

      LOGGER.debug(
          "scheduling cleaner task to run once every "
              + new TimeDuration(frequencyMs).asCompactString());
      final String threadName = Helper.makeThreadName(pwmApplication, this.getClass()) + " timer";
      cleanerTimer = new Timer(threadName, true);
      cleanerTimer.schedule(new CleanerTask(), 1000, frequencyMs);
    }
  }