private void updateCacheFromLdap()
throws ChaiUnavailableException, ChaiOperationException, PwmOperationalException,
PwmUnrecoverableException {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"beginning process to updating user cache records from ldap");
if (status != STATUS.OPEN) {
return;
}
cancelFlag = false;
reportStatus = new ReportStatusInfo(settings.getSettingsHash());
reportStatus.setInProgress(true);
reportStatus.setStartDate(new Date());
try {
final Queue<UserIdentity> allUsers = new LinkedList<>(getListOfUsers());
reportStatus.setTotal(allUsers.size());
while (status == STATUS.OPEN && !allUsers.isEmpty() && !cancelFlag) {
final Date startUpdateTime = new Date();
final UserIdentity userIdentity = allUsers.poll();
try {
if (updateCachedRecordFromLdap(userIdentity)) {
reportStatus.setUpdated(reportStatus.getUpdated() + 1);
}
} catch (Exception e) {
String errorMsg =
"error while updating report cache for " + userIdentity.toString() + ", cause: ";
errorMsg +=
e instanceof PwmException
? ((PwmException) e).getErrorInformation().toDebugStr()
: e.getMessage();
final ErrorInformation errorInformation;
errorInformation = new ErrorInformation(PwmError.ERROR_REPORTING_ERROR, errorMsg);
LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, errorInformation.toDebugStr());
reportStatus.setLastError(errorInformation);
reportStatus.setErrors(reportStatus.getErrors() + 1);
}
reportStatus.setCount(reportStatus.getCount() + 1);
reportStatus.getEventRateMeter().markEvents(1);
final TimeDuration totalUpdateTime = TimeDuration.fromCurrent(startUpdateTime);
if (settings.isAutoCalcRest()) {
avgTracker.addSample(totalUpdateTime.getTotalMilliseconds());
Helper.pause(avgTracker.avgAsLong());
} else {
Helper.pause(settings.getRestTime().getTotalMilliseconds());
}
}
if (cancelFlag) {
reportStatus.setLastError(
new ErrorInformation(
PwmError.ERROR_SERVICE_NOT_AVAILABLE, "report cancelled by operator"));
}
} finally {
reportStatus.setFinishDate(new Date());
reportStatus.setInProgress(false);
}
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"update user cache process completed: " + JsonUtil.serialize(reportStatus));
}
@Override
public void init(PwmApplication pwmApplication) throws PwmException {
status = STATUS.OPENING;
this.pwmApplication = pwmApplication;
if (pwmApplication.getApplicationMode() == PwmApplication.MODE.READ_ONLY) {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"application mode is read-only, will remain closed");
status = STATUS.CLOSED;
return;
}
if (pwmApplication.getLocalDB() == null
|| LocalDB.Status.OPEN != pwmApplication.getLocalDB().status()) {
LOGGER.debug(PwmConstants.REPORTING_SESSION_LABEL, "LocalDB is not open, will remain closed");
status = STATUS.CLOSED;
return;
}
if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.REPORTING_ENABLE)) {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"reporting module is not enabled, will remain closed");
status = STATUS.CLOSED;
clear();
return;
}
try {
userCacheService = new UserCacheService();
userCacheService.init(pwmApplication);
} catch (Exception e) {
LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, "unable to init cache service");
status = STATUS.CLOSED;
return;
}
settings = ReportSettings.readSettingsFromConfig(pwmApplication.getConfig());
summaryData = ReportSummaryData.newSummaryData(settings.getTrackDays());
executorService =
Executors.newSingleThreadScheduledExecutor(
Helper.makePwmThreadFactory(
Helper.makeThreadName(pwmApplication, this.getClass()) + "-", true));
String startupMsg = "report service started";
LOGGER.debug(startupMsg);
executorService.submit(new InitializationTask());
status = STATUS.OPEN;
}
@Override
public void run() {
try {
initTempData();
} catch (LocalDBException | PwmUnrecoverableException e) {
LOGGER.error(
PwmConstants.REPORTING_SESSION_LABEL, "error during initialization: " + e.getMessage());
status = STATUS.CLOSED;
return;
}
final long secondsUntilNextDredge =
settings.getJobOffsetSeconds()
+ TimeDuration.fromCurrent(Helper.nextZuluZeroTime()).getTotalSeconds();
executorService.scheduleAtFixedRate(
new DredgeTask(),
secondsUntilNextDredge,
TimeDuration.DAY.getTotalSeconds(),
TimeUnit.SECONDS);
executorService.scheduleAtFixedRate(
new RolloverTask(),
secondsUntilNextDredge + 1,
TimeDuration.DAY.getTotalSeconds(),
TimeUnit.SECONDS);
executorService.submit(new RolloverTask());
}
@Override
void doCommand() throws Exception {
final PwmApplication pwmApplication = cliEnvironment.getPwmApplication();
final File outputFile =
(File) cliEnvironment.getOptions().get(CliParameters.REQUIRED_NEW_OUTPUT_FILE.getName());
Helper.pause(2000);
final long startTime = System.currentTimeMillis();
final UserSearchEngine userSearchEngine =
new UserSearchEngine(pwmApplication, SessionLabel.SYSTEM_LABEL);
final UserSearchEngine.SearchConfiguration searchConfiguration =
new UserSearchEngine.SearchConfiguration();
searchConfiguration.setEnableValueEscaping(false);
searchConfiguration.setUsername("*");
final String systemRecordDelimiter = System.getProperty("line.separator");
final Writer writer =
new BufferedWriter(new PrintWriter(outputFile, PwmConstants.DEFAULT_CHARSET.toString()));
final Map<UserIdentity, Map<String, String>> results =
userSearchEngine.performMultiUserSearch(
searchConfiguration, Integer.MAX_VALUE, Collections.<String>emptyList());
out(
"searching "
+ results.size()
+ " users for stored responses to write to "
+ outputFile.getAbsolutePath()
+ "....");
int counter = 0;
for (final UserIdentity identity : results.keySet()) {
final ChaiUser user = pwmApplication.getProxiedChaiUser(identity);
final ResponseSet responseSet =
pwmApplication.getCrService().readUserResponseSet(null, identity, user);
if (responseSet != null) {
counter++;
out("found responses for '" + user + "', writing to output.");
final RestChallengesServer.JsonChallengesData outputData =
new RestChallengesServer.JsonChallengesData();
outputData.challenges = responseSet.asChallengeBeans(true);
outputData.helpdeskChallenges = responseSet.asHelpdeskChallengeBeans(true);
outputData.minimumRandoms = responseSet.getChallengeSet().minimumResponses();
outputData.username = identity.toDelimitedKey();
writer.write(JsonUtil.serialize(outputData));
writer.write(systemRecordDelimiter);
} else {
out("skipping '" + user.toString() + "', no stored responses.");
}
}
writer.close();
out(
"output complete, "
+ counter
+ " responses exported in "
+ TimeDuration.fromCurrent(startTime).asCompactString());
}
private String hashWord(final String word) throws NoSuchAlgorithmException {
final MessageDigest md = MessageDigest.getInstance(settings.hashName);
final String wordWithSalt = salt + word;
final int hashLoopCount = settings.hashIterations;
byte[] hashedAnswer = md.digest((wordWithSalt).getBytes());
for (int i = 0; i < hashLoopCount; i++) {
hashedAnswer = md.digest(hashedAnswer);
}
return Helper.binaryArrayToHex(hashedAnswer);
}
public void outputSummaryToCsv(final OutputStream outputStream, final Locale locale)
throws IOException {
final List<ReportSummaryData.PresentationRow> outputList =
summaryData.asPresentableCollection(pwmApplication.getConfig(), locale);
final CSVPrinter csvPrinter = Helper.makeCsvPrinter(outputStream);
for (final ReportSummaryData.PresentationRow presentationRow : outputList) {
final List<String> headerRow = new ArrayList<>();
headerRow.add(presentationRow.getLabel());
headerRow.add(presentationRow.getCount());
headerRow.add(presentationRow.getPct());
csvPrinter.printRecord(headerRow);
}
csvPrinter.close();
}
public int outputStatsToCsv(
final OutputStream outputStream, final Locale locale, final boolean includeHeader)
throws IOException {
LOGGER.trace("beginning output stats to csv process");
final Date startTime = new Date();
final StatisticsManager statsManger = pwmApplication.getStatisticsManager();
final CSVPrinter csvPrinter = Helper.makeCsvPrinter(outputStream);
if (includeHeader) {
final List<String> headers = new ArrayList<>();
headers.add("KEY");
headers.add("YEAR");
headers.add("DAY");
for (Statistic stat : Statistic.values()) {
headers.add(stat.getLabel(locale));
}
csvPrinter.printRecord(headers);
}
int counter = 0;
final Map<StatisticsManager.DailyKey, String> keys =
statsManger.getAvailableKeys(PwmConstants.DEFAULT_LOCALE);
for (final StatisticsManager.DailyKey loopKey : keys.keySet()) {
counter++;
final StatisticsBundle bundle = statsManger.getStatBundleForKey(loopKey.toString());
final List<String> lineOutput = new ArrayList<>();
lineOutput.add(loopKey.toString());
lineOutput.add(String.valueOf(loopKey.year));
lineOutput.add(String.valueOf(loopKey.day));
for (final Statistic stat : Statistic.values()) {
lineOutput.add(bundle.getStatistic(stat));
}
csvPrinter.printRecord(lineOutput);
}
csvPrinter.flush();
LOGGER.trace(
"completed output stats to csv process; output "
+ counter
+ " records in "
+ TimeDuration.fromCurrent(startTime).asCompactString());
return counter;
}
public static LocalDB initializeLocalDB(final PwmApplication pwmApplication) {
if (pwmApplication.getApplicationMode() == MODE.ERROR
|| pwmApplication.getApplicationMode() == MODE.NEW) {
LOGGER.warn(
"skipping LocalDB open due to application mode " + pwmApplication.getApplicationMode());
return null;
}
final File databaseDirectory;
// see if META-INF isn't already there, then use WEB-INF.
try {
final String localDBLocationSetting =
pwmApplication.getConfig().readSettingAsString(PwmSetting.PWMDB_LOCATION);
databaseDirectory =
Helper.figureFilepath(localDBLocationSetting, pwmApplication.applicationPath);
} catch (Exception e) {
pwmApplication.lastLocalDBFailure =
new ErrorInformation(
PwmError.ERROR_LOCALDB_UNAVAILABLE,
"error locating configured LocalDB directory: " + e.getMessage());
LOGGER.warn(pwmApplication.lastLocalDBFailure.toDebugStr());
return null;
}
LOGGER.debug("using localDB path " + databaseDirectory);
// initialize the localDB
try {
final boolean readOnly = pwmApplication.getApplicationMode() == MODE.READ_ONLY;
return LocalDBFactory.getInstance(
databaseDirectory, readOnly, pwmApplication, pwmApplication.getConfig());
} catch (Exception e) {
pwmApplication.lastLocalDBFailure =
new ErrorInformation(
PwmError.ERROR_LOCALDB_UNAVAILABLE,
"unable to initialize LocalDB: " + e.getMessage());
LOGGER.warn(pwmApplication.lastLocalDBFailure.toDebugStr());
}
return null;
}
public void outputToCsv(
final OutputStream outputStream, final boolean includeHeader, final Locale locale)
throws IOException, ChaiUnavailableException, ChaiOperationException,
PwmUnrecoverableException, PwmOperationalException {
final CSVPrinter csvPrinter = Helper.makeCsvPrinter(outputStream);
final Configuration config = pwmApplication.getConfig();
final Class localeClass = password.pwm.i18n.Admin.class;
if (includeHeader) {
final List<String> headerRow = new ArrayList<>();
headerRow.add(
LocaleHelper.getLocalizedMessage(locale, "Field_Report_UserDN", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_LDAP_Profile", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(locale, "Field_Report_Username", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(locale, "Field_Report_Email", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(locale, "Field_Report_UserGuid", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(locale, "Field_Report_LastLogin", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_PwdExpireTime", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_PwdChangeTime", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_ResponseSaveTime", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_HasResponses", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_HasHelpdeskResponses", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_ResponseStorageMethod", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(locale, "Field_Report_PwdExpired", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_PwdPreExpired", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_PwdViolatesPolicy", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_PwdWarnPeriod", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_RequiresPasswordUpdate", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_RequiresResponseUpdate", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_RequiresProfileUpdate", config, localeClass));
headerRow.add(
LocaleHelper.getLocalizedMessage(
locale, "Field_Report_RecordCacheTime", config, localeClass));
csvPrinter.printRecord(headerRow);
}
ClosableIterator<UserCacheRecord> cacheBeanIterator = null;
try {
cacheBeanIterator = this.iterator();
while (cacheBeanIterator.hasNext()) {
final UserCacheRecord userCacheRecord = cacheBeanIterator.next();
outputRecordRow(config, locale, userCacheRecord, csvPrinter);
}
} finally {
if (cacheBeanIterator != null) {
cacheBeanIterator.close();
}
}
csvPrinter.flush();
}
@Override
protected void processAction(final PwmRequest pwmRequest)
throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
if ((pwmSession.getSessionBean(ConfigGuideBean.class)).getStep() == STEP.START) {
pwmSession.clearSessionBeans();
pwmSession.getSessionStateBean().setTheme(null);
}
final ConfigGuideBean configGuideBean = pwmSession.getSessionBean(ConfigGuideBean.class);
if (pwmApplication.getApplicationMode() != PwmApplication.MODE.NEW) {
final ErrorInformation errorInformation =
new ErrorInformation(
PwmError.ERROR_SERVICE_NOT_AVAILABLE, "ConfigGuide unavailable unless in NEW mode");
LOGGER.error(pwmSession, errorInformation.toDebugStr());
pwmRequest.respondWithError(errorInformation);
return;
}
if (!configGuideBean.getFormData().containsKey(PARAM_APP_SITEURL)) {
final URI uri = URI.create(pwmRequest.getHttpServletRequest().getRequestURL().toString());
final int port = Helper.portForUriSchema(uri);
final String newUri =
uri.getScheme() + "://" + uri.getHost() + ":" + port + pwmRequest.getContextPath();
configGuideBean.getFormData().put(PARAM_APP_SITEURL, newUri);
}
pwmSession.setSessionTimeout(
pwmRequest.getHttpServletRequest().getSession(),
Integer.parseInt(
pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT)));
if (configGuideBean.getStep() == STEP.LDAP_CERT) {
final String ldapServerString =
((List<String>)
configGuideBean
.getStoredConfiguration()
.readSetting(PwmSetting.LDAP_SERVER_URLS, LDAP_PROFILE_KEY)
.toNativeObject())
.get(0);
try {
final URI ldapServerUri = new URI(ldapServerString);
if ("ldaps".equalsIgnoreCase(ldapServerUri.getScheme())) {
configGuideBean.setLdapCertificates(X509Utils.readRemoteCertificates(ldapServerUri));
configGuideBean.setCertsTrustedbyKeystore(
X509Utils.testIfLdapServerCertsInDefaultKeystore(ldapServerUri));
} else {
configGuideBean.setLdapCertificates(null);
configGuideBean.setCertsTrustedbyKeystore(false);
}
} catch (Exception e) {
LOGGER.error("error reading/testing ldap server certificates: " + e.getMessage());
}
}
final ConfigGuideAction action = readProcessAction(pwmRequest);
if (action != null) {
pwmRequest.validatePwmFormID();
switch (action) {
case ldapHealth:
restLdapHealth(pwmRequest, configGuideBean);
return;
case updateForm:
restUpdateLdapForm(pwmRequest, configGuideBean);
return;
case gotoStep:
restGotoStep(pwmRequest, configGuideBean);
return;
case useConfiguredCerts:
restUseConfiguredCerts(pwmRequest, configGuideBean);
return;
case uploadConfig:
restUploadConfig(pwmRequest);
return;
case extendSchema:
restExtendSchema(pwmRequest, configGuideBean);
return;
case viewAdminMatches:
restViewAdminMatches(pwmRequest, configGuideBean);
return;
case browseLdap:
restBrowseLdap(pwmRequest, configGuideBean);
}
}
if (!pwmRequest.getPwmResponse().getHttpServletResponse().isCommitted()) {
forwardToJSP(pwmRequest);
}
}
private void initialize(final boolean initLogging) throws PwmUnrecoverableException {
final Date startTime = new Date();
// initialize log4j
if (initLogging) {
final String log4jFileName =
configuration.readSettingAsString(PwmSetting.EVENTS_JAVA_LOG4JCONFIG_FILE);
final File log4jFile = Helper.figureFilepath(log4jFileName, applicationPath);
final String consoleLevel, fileLevel;
switch (getApplicationMode()) {
case ERROR:
case NEW:
consoleLevel = PwmLogLevel.TRACE.toString();
fileLevel = PwmLogLevel.TRACE.toString();
break;
default:
consoleLevel = configuration.readSettingAsString(PwmSetting.EVENTS_JAVA_STDOUT_LEVEL);
fileLevel = configuration.readSettingAsString(PwmSetting.EVENTS_FILE_LEVEL);
break;
}
PwmLogManager.initializeLogger(
this, configuration, log4jFile, consoleLevel, applicationPath, fileLevel);
switch (getApplicationMode()) {
case RUNNING:
break;
case ERROR:
LOGGER.fatal(
"starting up in ERROR mode! Check log or health check information for cause");
break;
default:
LOGGER.trace(
"setting log level to TRACE because application mode is " + getApplicationMode());
break;
}
}
LOGGER.info(
"initializing, application mode="
+ getApplicationMode()
+ ", applicationPath="
+ (applicationPath == null ? "null" : applicationPath.getAbsolutePath())
+ ", configurationFile="
+ (configurationFile == null ? "null" : configurationFile.getAbsolutePath()));
this.localDB = Initializer.initializeLocalDB(this);
this.localDBLogger = PwmLogManager.initializeLocalDBLogger(this);
// log the loaded configuration
LOGGER.info("configuration load completed");
// read the pwm servlet instance id
instanceID = fetchInstanceID(localDB, this);
LOGGER.info("using '" + getInstanceID() + "' for instance's ID (instanceID)");
// read the pwm installation date
installTime = fetchInstallDate(startupTime);
LOGGER.debug(
"this application instance first installed on "
+ PwmConstants.DEFAULT_DATETIME_FORMAT.format(installTime));
initServices();
final TimeDuration totalTime = TimeDuration.fromCurrent(startTime);
LOGGER.info(
PwmConstants.PWM_APP_NAME
+ " "
+ PwmConstants.SERVLET_VERSION
+ " open for bidness! ("
+ totalTime.asCompactString()
+ ")");
StatisticsManager.incrementStat(this, Statistic.PWM_STARTUPS);
LOGGER.debug(
"buildTime="
+ PwmConstants.BUILD_TIME
+ ", javaLocale="
+ Locale.getDefault()
+ ", DefaultLocale="
+ PwmConstants.DEFAULT_LOCALE);
final Thread postInitThread =
new Thread() {
@Override
public void run() {
postInitTasks();
}
};
postInitThread.setDaemon(true);
postInitThread.setName(Helper.makeThreadName(this, PwmApplication.class));
postInitThread.start();
}
private Connection openDB(final DBConfiguration dbConfiguration) throws DatabaseException {
final String connectionURL = dbConfiguration.getConnectionString();
final String jdbcClassName = dbConfiguration.getDriverClassname();
try {
final byte[] jdbcDriverBytes = dbConfiguration.getJdbcDriver();
if (jdbcDriverBytes != null) {
LOGGER.debug("loading JDBC database driver stored in configuration");
final JarClassLoader jarClassLoader = new JarClassLoader();
jarClassLoader.add(new ByteArrayInputStream(jdbcDriverBytes));
final JclObjectFactory jclObjectFactory = JclObjectFactory.getInstance();
// Create object of loaded class
driver = (Driver) jclObjectFactory.create(jarClassLoader, jdbcClassName);
LOGGER.debug(
"successfully loaded JDBC database driver '"
+ jdbcClassName
+ "' from application configuration");
}
} catch (Throwable e) {
final String errorMsg =
"error registering JDBC database driver stored in configuration: " + e.getMessage();
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
LOGGER.error(errorMsg, e);
throw new DatabaseException(errorInformation);
}
if (driver == null) {
try {
LOGGER.debug("loading JDBC database driver from classpath: " + jdbcClassName);
driver = (Driver) Class.forName(jdbcClassName).newInstance();
LOGGER.debug("successfully loaded JDBC database driver from classpath: " + jdbcClassName);
} catch (Throwable e) {
final String errorMsg =
e.getClass().getName()
+ " error loading JDBC database driver from classpath: "
+ e.getMessage();
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
throw new DatabaseException(errorInformation);
}
}
try {
LOGGER.debug("opening connection to database " + connectionURL);
final Properties connectionProperties = new Properties();
if (dbConfiguration.getUsername() != null && !dbConfiguration.getUsername().isEmpty()) {
connectionProperties.setProperty("user", dbConfiguration.getUsername());
}
if (dbConfiguration.getPassword() != null) {
connectionProperties.setProperty(
"password", dbConfiguration.getPassword().getStringValue());
}
final Connection connection = driver.connect(connectionURL, connectionProperties);
final Map<PwmAboutProperty, String> debugProps = getConnectionDebugProperties(connection);
;
LOGGER.debug(
"successfully opened connection to database "
+ connectionURL
+ ", properties: "
+ JsonUtil.serializeMap(debugProps));
connection.setAutoCommit(true);
return connection;
} catch (Throwable e) {
final String errorMsg =
"error connecting to database: " + Helper.readHostileExceptionMessage(e);
final ErrorInformation errorInformation =
new ErrorInformation(PwmError.ERROR_DB_UNAVAILABLE, errorMsg);
if (e instanceof IOException) {
LOGGER.error(errorInformation);
} else {
LOGGER.error(errorMsg, e);
}
throw new DatabaseException(errorInformation);
}
}
public void run() {
writeDbValues();
resetDailyStats();
daemonTimer.schedule(new NightlyTask(), Helper.nextZuluZeroTime());
}
public void init(PwmApplication pwmApplication) throws PwmException {
for (final Statistic.EpsType type : Statistic.EpsType.values()) {
for (final Statistic.EpsDuration duration : Statistic.EpsDuration.values()) {
epsMeterMap.put(
type.toString() + duration.toString(), new EventRateMeter(duration.getTimeDuration()));
}
}
status = STATUS.OPENING;
this.localDB = pwmApplication.getLocalDB();
this.pwmApplication = pwmApplication;
if (localDB == null) {
LOGGER.error("LocalDB is not available, will remain closed");
status = STATUS.CLOSED;
return;
}
{
final String storedCummulativeBundleStr =
localDB.get(LocalDB.DB.PWM_STATS, DB_KEY_CUMULATIVE);
if (storedCummulativeBundleStr != null && storedCummulativeBundleStr.length() > 0) {
statsCummulative = StatisticsBundle.input(storedCummulativeBundleStr);
}
}
{
for (final Statistic.EpsType loopEpsType : Statistic.EpsType.values()) {
for (final Statistic.EpsType loopEpsDuration : Statistic.EpsType.values()) {
final String key = "EPS-" + loopEpsType.toString() + loopEpsDuration.toString();
final String storedValue = localDB.get(LocalDB.DB.PWM_STATS, key);
if (storedValue != null && storedValue.length() > 0) {
try {
final EventRateMeter eventRateMeter =
JsonUtil.deserialize(storedValue, EventRateMeter.class);
epsMeterMap.put(loopEpsType.toString() + loopEpsDuration.toString(), eventRateMeter);
} catch (Exception e) {
LOGGER.error(
"unexpected error reading last EPS rate for "
+ loopEpsType
+ " from LocalDB: "
+ e.getMessage());
}
}
}
}
}
{
final String storedInitialString =
localDB.get(LocalDB.DB.PWM_STATS, DB_KEY_INITIAL_DAILY_KEY);
if (storedInitialString != null && storedInitialString.length() > 0) {
initialDailyKey = new DailyKey(storedInitialString);
}
}
{
currentDailyKey = new DailyKey(new Date());
final String storedDailyStr = localDB.get(LocalDB.DB.PWM_STATS, currentDailyKey.toString());
if (storedDailyStr != null && storedDailyStr.length() > 0) {
statsDaily = StatisticsBundle.input(storedDailyStr);
}
}
try {
localDB.put(
LocalDB.DB.PWM_STATS,
DB_KEY_TEMP,
PwmConstants.DEFAULT_DATETIME_FORMAT.format(new Date()));
} catch (IllegalStateException e) {
LOGGER.error("unable to write to localDB, will remain closed, error: " + e.getMessage());
status = STATUS.CLOSED;
return;
}
localDB.put(LocalDB.DB.PWM_STATS, DB_KEY_VERSION, DB_VALUE_VERSION);
localDB.put(LocalDB.DB.PWM_STATS, DB_KEY_INITIAL_DAILY_KEY, initialDailyKey.toString());
{ // setup a timer to roll over at 0 Zula and one to write current stats every 10 seconds
final String threadName = Helper.makeThreadName(pwmApplication, this.getClass()) + " timer";
daemonTimer = new Timer(threadName, true);
daemonTimer.schedule(new FlushTask(), 10 * 1000, DB_WRITE_FREQUENCY_MS);
daemonTimer.schedule(new NightlyTask(), Helper.nextZuluZeroTime());
}
if (pwmApplication.getApplicationMode() == PwmApplication.MODE.RUNNING) {
if (pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.PUBLISH_STATS_ENABLE)) {
long lastPublishTimestamp = pwmApplication.getInstallTime().getTime();
{
final String lastPublishDateStr =
localDB.get(LocalDB.DB.PWM_STATS, KEY_CLOUD_PUBLISH_TIMESTAMP);
if (lastPublishDateStr != null && lastPublishDateStr.length() > 0) {
try {
lastPublishTimestamp = Long.parseLong(lastPublishDateStr);
} catch (Exception e) {
LOGGER.error(
"unexpected error reading last publish timestamp from PwmDB: " + e.getMessage());
}
}
}
final Date nextPublishTime =
new Date(
lastPublishTimestamp
+ PwmConstants.STATISTICS_PUBLISH_FREQUENCY_MS
+ (long) PwmRandom.getInstance().nextInt(3600 * 1000));
daemonTimer.schedule(
new PublishTask(), nextPublishTime, PwmConstants.STATISTICS_PUBLISH_FREQUENCY_MS);
}
}
status = STATUS.OPEN;
}
public void init(final PwmApplication pwmApplication) throws PwmException {
settings.maxAgeMs =
1000
* pwmApplication
.getConfig()
.readSettingAsLong(PwmSetting.PASSWORD_SHAREDHISTORY_MAX_AGE); // convert to MS;
settings.caseInsensitive =
Boolean.parseBoolean(
pwmApplication
.getConfig()
.readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_CASE_INSENSITIVE));
settings.hashName =
pwmApplication.getConfig().readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_HASH_NAME);
settings.hashIterations =
Integer.parseInt(
pwmApplication
.getConfig()
.readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_HASH_ITERATIONS));
settings.version =
"2"
+ "_"
+ settings.hashName
+ "_"
+ settings.hashIterations
+ "_"
+ settings.caseInsensitive;
final int SALT_LENGTH =
Integer.parseInt(
pwmApplication
.getConfig()
.readAppProperty(AppProperty.SECURITY_SHAREDHISTORY_SALT_LENGTH));
this.localDB = pwmApplication.getLocalDB();
boolean needsClearing = false;
if (localDB == null) {
LOGGER.info("LocalDB is not available, will remain closed");
status = STATUS.CLOSED;
return;
}
if (settings.maxAgeMs < 1) {
LOGGER.debug("max age=" + settings.maxAgeMs + ", will remain closed");
needsClearing = true;
}
{
this.salt = localDB.get(META_DB, KEY_SALT);
if (salt == null || salt.length() < SALT_LENGTH) {
LOGGER.warn("stored global salt value is not present, creating new salt");
this.salt = PwmRandom.getInstance().alphaNumericString(SALT_LENGTH);
localDB.put(META_DB, KEY_SALT, this.salt);
needsClearing = true;
}
}
if (needsClearing) {
LOGGER.trace("clearing wordlist");
try {
localDB.truncate(WORDS_DB);
} catch (Exception e) {
LOGGER.error("error during wordlist truncate", e);
}
}
new Thread(
new Runnable() {
public void run() {
LOGGER.debug("starting up in background thread");
init(pwmApplication, settings.maxAgeMs);
}
},
Helper.makeThreadName(pwmApplication, this.getClass()) + " initializer")
.start();
}
public static void doProfileUpdate(
final PwmRequest pwmRequest,
final Map<FormConfiguration, String> formValues,
final ChaiUser theUser)
throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final UserInfoBean uiBean = pwmRequest.getPwmSession().getUserInfoBean();
// verify form meets the form requirements (may be redundant, but shouldn't hurt)
verifyFormAttributes(pwmRequest, formValues, false);
// write values.
LOGGER.info(
"updating profile for " + pwmRequest.getPwmSession().getUserInfoBean().getUserIdentity());
pwmRequest.getPwmSession().getSessionManager().getChaiProvider();
Helper.writeFormValuesToLdap(
pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), theUser, formValues, false);
final UserIdentity userIdentity = uiBean.getUserIdentity();
// re-populate the uiBean because we have changed some values.
final UserStatusReader userStatusReader =
new UserStatusReader(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel());
userStatusReader.populateActorUserInfoBean(pwmRequest.getPwmSession(), userIdentity);
// clear cached read attributes.
pwmRequest.getPwmSession().getSessionManager().clearUserDataReader();
{ // execute configured actions
final List<ActionConfiguration> actions =
pwmApplication
.getConfig()
.readSettingAsAction(PwmSetting.UPDATE_PROFILE_WRITE_ATTRIBUTES);
if (actions != null && !actions.isEmpty()) {
LOGGER.debug(pwmRequest, "executing configured actions to user " + userIdentity);
final ActionExecutor actionExecutor =
new ActionExecutor.ActionExecutorSettings(pwmApplication, userIdentity)
.setExpandPwmMacros(true)
.createActionExecutor();
actionExecutor.executeActions(actions, pwmSession);
}
}
sendProfileUpdateEmailNotice(pwmSession, pwmApplication);
// mark the event log
pwmApplication
.getAuditManager()
.submit(AuditEvent.UPDATE_PROFILE, pwmSession.getUserInfoBean(), pwmSession);
// mark the uiBean so we user isn't recycled to the update profile page by the CommandServlet
uiBean.setRequiresUpdateProfile(false);
// clear out the updateProfileBean
pwmSession.clearUpdateProfileBean();
// success, so forward to success page
pwmApplication.getStatisticsManager().incrementValue(Statistic.UPDATE_ATTRIBUTES);
}
private void postInitTasks() {
final Date startTime = new Date();
LOGGER.debug("loaded configuration: \n" + configuration.toDebugString());
// detect if config has been modified since previous startup
try {
final String previousHash = readAppAttribute(AppAttribute.CONFIG_HASH);
final String currentHash = configuration.configurationHash();
if (previousHash == null || !previousHash.equals(currentHash)) {
writeAppAttribute(AppAttribute.CONFIG_HASH, currentHash);
LOGGER.warn(
"configuration checksum does not match previously seen checksum, configuration has been modified since last startup");
if (this.getAuditManager() != null) {
final String modifyMessage =
"configuration was modified directly (not using ConfigEditor UI)";
this.getAuditManager()
.submit(
SystemAuditRecord.create(
AuditEvent.MODIFY_CONFIGURATION, modifyMessage, this.getInstanceID()));
}
}
} catch (Exception e) {
LOGGER.debug(
"unable to detect if configuration has been modified since previous startup: "
+ e.getMessage());
}
if (this.getConfig() != null) {
final Map<AppProperty, String> nonDefaultProperties =
getConfig().readAllNonDefaultAppProperties();
if (nonDefaultProperties != null && !nonDefaultProperties.isEmpty()) {
final Map<String, String> tempMap = new LinkedHashMap<>();
for (final AppProperty loopProperty : nonDefaultProperties.keySet()) {
tempMap.put(loopProperty.getKey(), nonDefaultProperties.get(loopProperty));
}
LOGGER.trace(
"non-default app properties read from configuration: "
+ JsonUtil.serializeMap(tempMap));
} else {
LOGGER.trace("no non-default app properties in configuration");
}
}
// send system audit event
final SystemAuditRecord auditRecord =
SystemAuditRecord.create(AuditEvent.STARTUP, null, getInstanceID());
try {
getAuditManager().submit(auditRecord);
} catch (PwmException e) {
LOGGER.warn("unable to submit alert event " + JsonUtil.serialize(auditRecord));
}
try {
Map<PwmAboutProperty, String> infoMap = Helper.makeInfoBean(this);
LOGGER.trace("application info: " + JsonUtil.serializeMap(infoMap));
} catch (Exception e) {
LOGGER.error("error generating about application bean: " + e.getMessage());
}
try {
this.getIntruderManager()
.clear(RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME);
} catch (Exception e) {
LOGGER.debug(
"error while clearing configmanager-intruder-username from intruder table: "
+ e.getMessage());
}
LOGGER.trace(
"completed post init tasks in " + TimeDuration.fromCurrent(startTime).asCompactString());
}
protected void handleUpdateRequest(
final PwmRequest pwmRequest, final GuestRegistrationBean guestRegistrationBean)
throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException {
// Fetch the session state bean.
final PwmSession pwmSession = pwmRequest.getPwmSession();
final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final Configuration config = pwmApplication.getConfig();
final List<FormConfiguration> formItems =
pwmApplication.getConfig().readSettingAsForm(PwmSetting.GUEST_UPDATE_FORM);
final String expirationAttribute =
config.readSettingAsString(PwmSetting.GUEST_EXPIRATION_ATTRIBUTE);
try {
// read the values from the request
final Map<FormConfiguration, String> formValues =
FormUtility.readFormValuesFromRequest(pwmRequest, formItems, pwmRequest.getLocale());
// see if the values meet form requirements.
FormUtility.validateFormValues(config, formValues, ssBean.getLocale());
// read current values from user.
final ChaiUser theGuest =
pwmSession
.getSessionManager()
.getActor(pwmApplication, guestRegistrationBean.getUpdateUserIdentity());
// check unique fields against ldap
FormUtility.validateFormValueUniqueness(
pwmApplication,
formValues,
ssBean.getLocale(),
Collections.singletonList(guestRegistrationBean.getUpdateUserIdentity()),
false);
final Date expirationDate = readExpirationFromRequest(pwmRequest);
// Update user attributes
Helper.writeFormValuesToLdap(pwmApplication, pwmSession, theGuest, formValues, false);
// Write expirationDate
if (expirationDate != null) {
theGuest.writeDateAttribute(expirationAttribute, expirationDate);
}
// send email.
final UserStatusReader userStatusReader =
new UserStatusReader(pwmApplication, pwmSession.getLabel());
final UserInfoBean guestUserInfoBean = new UserInfoBean();
userStatusReader.populateUserInfoBean(
guestUserInfoBean,
pwmSession.getSessionStateBean().getLocale(),
guestRegistrationBean.getUpdateUserIdentity(),
theGuest.getChaiProvider());
this.sendUpdateGuestEmailConfirmation(pwmRequest, guestUserInfoBean);
pwmApplication.getStatisticsManager().incrementValue(Statistic.UPDATED_GUESTS);
// everything good so forward to confirmation page.
pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_UpdateGuest);
return;
} catch (PwmOperationalException e) {
LOGGER.error(pwmSession, e.getErrorInformation().toDebugStr());
pwmRequest.setResponseError(e.getErrorInformation());
} catch (ChaiOperationException e) {
final ErrorInformation info =
new ErrorInformation(
PwmError.ERROR_UNKNOWN, "unexpected error writing to ldap: " + e.getMessage());
LOGGER.error(pwmSession, info);
pwmRequest.setResponseError(info);
}
this.forwardToUpdateJSP(pwmRequest, guestRegistrationBean);
}
private void init(final PwmApplication pwmApplication, final long maxAgeMs) {
status = STATUS.OPENING;
final long startTime = System.currentTimeMillis();
try {
checkDbVersion();
} catch (Exception e) {
LOGGER.error("error checking db version", e);
status = STATUS.CLOSED;
return;
}
try {
final String oldestEntryStr = localDB.get(META_DB, KEY_OLDEST_ENTRY);
if (oldestEntryStr == null || oldestEntryStr.length() < 1) {
oldestEntry = 0;
LOGGER.trace("no oldestEntry timestamp stored, will rescan");
} else {
oldestEntry = Long.parseLong(oldestEntryStr);
LOGGER.trace(
"oldest timestamp loaded from localDB, age is "
+ TimeDuration.fromCurrent(oldestEntry).asCompactString());
}
} catch (LocalDBException e) {
LOGGER.error(
"unexpected error loading oldest-entry meta record, will remain closed: "
+ e.getMessage(),
e);
status = STATUS.CLOSED;
return;
}
try {
final int size = localDB.size(WORDS_DB);
final StringBuilder sb = new StringBuilder();
sb.append("open with ").append(size).append(" words (");
sb.append(new TimeDuration(System.currentTimeMillis(), startTime).asCompactString())
.append(")");
sb.append(", maxAgeMs=").append(new TimeDuration(maxAgeMs).asCompactString());
sb.append(", oldestEntry=")
.append(new TimeDuration(System.currentTimeMillis(), oldestEntry).asCompactString());
LOGGER.info(sb.toString());
} catch (LocalDBException e) {
LOGGER.error(
"unexpected error examining size of DB, will remain closed: " + e.getMessage(), e);
status = STATUS.CLOSED;
return;
}
status = STATUS.OPEN;
// populateFromWordlist(); //only used for debugging!!!
if (pwmApplication.getApplicationMode() == PwmApplication.MODE.RUNNING
|| pwmApplication.getApplicationMode() == PwmApplication.MODE.CONFIGURATION) {
long frequencyMs = maxAgeMs > MAX_CLEANER_FREQUENCY ? MAX_CLEANER_FREQUENCY : maxAgeMs;
frequencyMs = frequencyMs < MIN_CLEANER_FREQUENCY ? MIN_CLEANER_FREQUENCY : frequencyMs;
LOGGER.debug(
"scheduling cleaner task to run once every "
+ new TimeDuration(frequencyMs).asCompactString());
final String threadName = Helper.makeThreadName(pwmApplication, this.getClass()) + " timer";
cleanerTimer = new Timer(threadName, true);
cleanerTimer.schedule(new CleanerTask(), 1000, frequencyMs);
}
}