private void updateCacheFromLdap()
throws ChaiUnavailableException, ChaiOperationException, PwmOperationalException,
PwmUnrecoverableException {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"beginning process to updating user cache records from ldap");
if (status != STATUS.OPEN) {
return;
}
cancelFlag = false;
reportStatus = new ReportStatusInfo(settings.getSettingsHash());
reportStatus.setInProgress(true);
reportStatus.setStartDate(new Date());
try {
final Queue<UserIdentity> allUsers = new LinkedList<>(getListOfUsers());
reportStatus.setTotal(allUsers.size());
while (status == STATUS.OPEN && !allUsers.isEmpty() && !cancelFlag) {
final Date startUpdateTime = new Date();
final UserIdentity userIdentity = allUsers.poll();
try {
if (updateCachedRecordFromLdap(userIdentity)) {
reportStatus.setUpdated(reportStatus.getUpdated() + 1);
}
} catch (Exception e) {
String errorMsg =
"error while updating report cache for " + userIdentity.toString() + ", cause: ";
errorMsg +=
e instanceof PwmException
? ((PwmException) e).getErrorInformation().toDebugStr()
: e.getMessage();
final ErrorInformation errorInformation;
errorInformation = new ErrorInformation(PwmError.ERROR_REPORTING_ERROR, errorMsg);
LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, errorInformation.toDebugStr());
reportStatus.setLastError(errorInformation);
reportStatus.setErrors(reportStatus.getErrors() + 1);
}
reportStatus.setCount(reportStatus.getCount() + 1);
reportStatus.getEventRateMeter().markEvents(1);
final TimeDuration totalUpdateTime = TimeDuration.fromCurrent(startUpdateTime);
if (settings.isAutoCalcRest()) {
avgTracker.addSample(totalUpdateTime.getTotalMilliseconds());
Helper.pause(avgTracker.avgAsLong());
} else {
Helper.pause(settings.getRestTime().getTotalMilliseconds());
}
}
if (cancelFlag) {
reportStatus.setLastError(
new ErrorInformation(
PwmError.ERROR_SERVICE_NOT_AVAILABLE, "report cancelled by operator"));
}
} finally {
reportStatus.setFinishDate(new Date());
reportStatus.setInProgress(false);
}
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"update user cache process completed: " + JsonUtil.serialize(reportStatus));
}
private void restBrowseLdap(final PwmRequest pwmRequest, final ConfigGuideBean configGuideBean)
throws IOException, ServletException, PwmUnrecoverableException {
final StoredConfigurationImpl storedConfiguration =
StoredConfigurationImpl.copy(configGuideBean.getStoredConfiguration());
if (configGuideBean.getStep() == STEP.LDAP_ADMIN) {
storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_DN, LDAP_PROFILE_KEY, null);
storedConfiguration.resetSetting(PwmSetting.LDAP_PROXY_USER_PASSWORD, LDAP_PROFILE_KEY, null);
}
final Date startTime = new Date();
final Map<String, String> inputMap =
pwmRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation);
final String profile = inputMap.get("profile");
final String dn = inputMap.containsKey("dn") ? inputMap.get("dn") : "";
final LdapBrowser ldapBrowser = new LdapBrowser(storedConfiguration);
final LdapBrowser.LdapBrowseResult result = ldapBrowser.doBrowse(profile, dn);
ldapBrowser.close();
LOGGER.trace(
pwmRequest,
"performed ldapBrowse operation in "
+ TimeDuration.fromCurrent(startTime).asCompactString()
+ ", result="
+ JsonUtil.serialize(result));
pwmRequest.outputJsonResult(new RestResultBean(result));
}
@Override
public void run() {
try {
initTempData();
} catch (LocalDBException | PwmUnrecoverableException e) {
LOGGER.error(
PwmConstants.REPORTING_SESSION_LABEL, "error during initialization: " + e.getMessage());
status = STATUS.CLOSED;
return;
}
final long secondsUntilNextDredge =
settings.getJobOffsetSeconds()
+ TimeDuration.fromCurrent(Helper.nextZuluZeroTime()).getTotalSeconds();
executorService.scheduleAtFixedRate(
new DredgeTask(),
secondsUntilNextDredge,
TimeDuration.DAY.getTotalSeconds(),
TimeUnit.SECONDS);
executorService.scheduleAtFixedRate(
new RolloverTask(),
secondsUntilNextDredge + 1,
TimeDuration.DAY.getTotalSeconds(),
TimeUnit.SECONDS);
executorService.submit(new RolloverTask());
}
public UserCacheRecord next() {
try {
UserCacheRecord returnBean = null;
while (returnBean == null && this.storageKeyIterator.hasNext()) {
UserCacheService.StorageKey key = this.storageKeyIterator.next();
returnBean = userCacheService.readStorageKey(key);
if (returnBean != null) {
if (returnBean.getCacheTimestamp() == null) {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"purging record due to missing cache timestamp: "
+ JsonUtil.serialize(returnBean));
userCacheService.removeStorageKey(key);
} else if (TimeDuration.fromCurrent(returnBean.getCacheTimestamp())
.isLongerThan(settings.getMaxCacheAge())) {
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"purging record due to old age timestamp: " + JsonUtil.serialize(returnBean));
userCacheService.removeStorageKey(key);
} else {
return returnBean;
}
}
}
} catch (LocalDBException e) {
throw new IllegalStateException(
"unexpected iterator traversal error while reading LocalDB: " + e.getMessage());
}
return null;
}
public static PwmPasswordPolicy readPasswordPolicyForUser(
final PwmApplication pwmApplication,
final SessionLabel pwmSession,
final UserIdentity userIdentity,
final ChaiUser theUser,
final Locale locale)
throws PwmUnrecoverableException {
final long startTime = System.currentTimeMillis();
final PasswordPolicySource ppSource =
PasswordPolicySource.valueOf(
pwmApplication.getConfig().readSettingAsString(PwmSetting.PASSWORD_POLICY_SOURCE));
final PwmPasswordPolicy returnPolicy;
switch (ppSource) {
case MERGE:
final PwmPasswordPolicy pwmPolicy =
determineConfiguredPolicyProfileForUser(
pwmApplication, pwmSession, userIdentity, locale);
final PwmPasswordPolicy userPolicy = readLdapPasswordPolicy(pwmApplication, theUser);
LOGGER.trace(
pwmSession,
"read user policy for '"
+ theUser.getEntryDN()
+ "', policy: "
+ userPolicy.toString());
returnPolicy = pwmPolicy.merge(userPolicy);
LOGGER.debug(
pwmSession,
"merged user password policy of '"
+ theUser.getEntryDN()
+ "' with PWM configured policy: "
+ returnPolicy.toString());
break;
case LDAP:
returnPolicy = readLdapPasswordPolicy(pwmApplication, theUser);
LOGGER.debug(
pwmSession,
"discovered assigned password policy for "
+ theUser.getEntryDN()
+ " "
+ returnPolicy.toString());
break;
case PWM:
returnPolicy =
determineConfiguredPolicyProfileForUser(
pwmApplication, pwmSession, userIdentity, locale);
break;
default:
throw new IllegalStateException("unknown policy source defined: " + ppSource.name());
}
LOGGER.trace(
pwmSession,
"readPasswordPolicyForUser completed in "
+ TimeDuration.fromCurrent(startTime).asCompactString());
return returnPolicy;
}
public void clear() throws LocalDBException, PwmUnrecoverableException {
final Date startTime = new Date();
LOGGER.info(PwmConstants.REPORTING_SESSION_LABEL, "clearing cached report data");
if (userCacheService != null) {
userCacheService.clear();
}
summaryData = ReportSummaryData.newSummaryData(settings.getTrackDays());
reportStatus = new ReportStatusInfo(settings.getSettingsHash());
saveTempData();
LOGGER.info(
PwmConstants.REPORTING_SESSION_LABEL,
"finished clearing report " + TimeDuration.fromCurrent(startTime).asCompactString());
}
private void updateRestingCacheData() {
final long startTime = System.currentTimeMillis();
int examinedRecords = 0;
ClosableIterator<UserCacheRecord> iterator = null;
try {
LOGGER.trace(PwmConstants.REPORTING_SESSION_LABEL, "checking size of stored cache records");
final int totalRecords = userCacheService.size();
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"beginning cache review process of " + totalRecords + " records");
iterator = iterator();
Date lastLogOutputTime = new Date();
while (iterator.hasNext() && status == STATUS.OPEN) {
final UserCacheRecord record = iterator.next(); // (purge routine is embedded in next();
if (summaryData != null && record != null) {
summaryData.update(record);
}
examinedRecords++;
if (TimeDuration.fromCurrent(lastLogOutputTime).isLongerThan(30, TimeUnit.SECONDS)) {
final TimeDuration progressDuration = TimeDuration.fromCurrent(startTime);
LOGGER.trace(
PwmConstants.REPORTING_SESSION_LABEL,
"cache review process in progress, examined "
+ examinedRecords
+ " records in "
+ progressDuration.asCompactString());
lastLogOutputTime = new Date();
}
}
final TimeDuration totalTime = TimeDuration.fromCurrent(startTime);
LOGGER.debug(
PwmConstants.REPORTING_SESSION_LABEL,
"completed cache review process of "
+ examinedRecords
+ " cached report records in "
+ totalTime.asCompactString());
} finally {
if (iterator != null) {
iterator.close();
}
}
}
private boolean updateCachedRecordFromLdap(
final UserIdentity userIdentity,
final UserInfoBean userInfoBean,
final UserCacheService.StorageKey storageKey)
throws ChaiUnavailableException, PwmUnrecoverableException, LocalDBException {
final UserCacheRecord userCacheRecord = userCacheService.readStorageKey(storageKey);
TimeDuration cacheAge = null;
if (userCacheRecord != null && userCacheRecord.getCacheTimestamp() != null) {
cacheAge = TimeDuration.fromCurrent(userCacheRecord.getCacheTimestamp());
}
boolean updateCache = false;
if (userInfoBean != null) {
updateCache = true;
} else {
if (cacheAge == null) {
LOGGER.trace(
PwmConstants.REPORTING_SESSION_LABEL,
"stored cache for "
+ userIdentity
+ " is missing cache storage timestamp, will update");
updateCache = true;
} else if (cacheAge.isLongerThan(settings.getMinCacheAge())) {
LOGGER.trace(
PwmConstants.REPORTING_SESSION_LABEL,
"stored cache for "
+ userIdentity
+ " is "
+ cacheAge.asCompactString()
+ " old, will update");
updateCache = true;
}
}
if (updateCache) {
if (userCacheRecord != null) {
if (summaryData != null
&& summaryData.getEpoch() != null
&& summaryData.getEpoch().equals(userCacheRecord.getSummaryEpoch())) {
summaryData.remove(userCacheRecord);
}
}
final UserInfoBean newUserBean;
if (userInfoBean != null) {
newUserBean = userInfoBean;
} else {
newUserBean = new UserInfoBean();
final UserStatusReader.Settings readerSettings = new UserStatusReader.Settings();
readerSettings.setSkipReportUpdate(true);
final ChaiProvider chaiProvider =
pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
final UserStatusReader userStatusReader =
new UserStatusReader(
pwmApplication, PwmConstants.REPORTING_SESSION_LABEL, readerSettings);
userStatusReader.populateUserInfoBean(
newUserBean, PwmConstants.DEFAULT_LOCALE, userIdentity, chaiProvider);
}
final UserCacheRecord newUserCacheRecord = userCacheService.updateUserCache(newUserBean);
if (summaryData != null && summaryData.getEpoch() != null && newUserCacheRecord != null) {
if (!summaryData.getEpoch().equals(newUserCacheRecord.getSummaryEpoch())) {
newUserCacheRecord.setSummaryEpoch(summaryData.getEpoch());
userCacheService.store(newUserCacheRecord);
}
summaryData.update(newUserCacheRecord);
}
}
return updateCache;
}