コード例 #1
0
  protected User getCurrentUser() {
    final Object principal = getSubject().getPrincipal();
    final User user = userService.load(principal.toString());

    if (user == null) {
      LOG.error(
          "Loading the current user failed, this should not happen. Did you call this method in an unauthenticated REST resource?");
    }

    return user;
  }
コード例 #2
0
  @Override
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
      throws AuthenticationException {
    SessionIdToken sessionIdToken = (SessionIdToken) token;
    final Subject subject =
        new Subject.Builder().sessionId(sessionIdToken.getSessionId()).buildSubject();
    final Session session = subject.getSession(false);
    if (session == null) {
      LOG.debug(
          "Invalid session {}. Either it has expired or did not exist.",
          sessionIdToken.getSessionId());
      return null;
    }

    final Object username = subject.getPrincipal();
    final User user = userService.load(String.valueOf(username));
    if (user == null) {
      LOG.debug("No user named {} found for session {}", username, sessionIdToken.getSessionId());
      return null;
    }
    if (user.isExternalUser() && !ldapAuthenticator.isEnabled()) {
      throw new LockedAccountException("LDAP authentication is currently disabled.");
    }

    if (LOG.isDebugEnabled()) {
      LOG.debug("Found session {} for user name {}", session.getId(), username);
    }

    @SuppressWarnings("unchecked")
    final MultivaluedMap<String, String> requestHeaders =
        (MultivaluedMap<String, String>) ThreadContext.get("REQUEST_HEADERS");
    // extend session unless the relevant header was passed.
    if (requestHeaders == null
        || !"true".equalsIgnoreCase(requestHeaders.getFirst("X-Graylog-No-Session-Extension"))) {
      session.touch();
    } else {
      LOG.debug("Not extending session because the request indicated not to.");
    }
    ThreadContext.bind(subject);

    return new SimpleAccount(user.getName(), null, "session authenticator");
  }
コード例 #3
0
  @Override
  public void doRun() {
    final ContentPackLoaderConfig contentPackLoaderConfig =
        clusterConfigService.getOrDefault(
            ContentPackLoaderConfig.class, ContentPackLoaderConfig.EMPTY);

    final List<Path> files = getFiles(contentPacksDir, FILENAME_GLOB);
    final Map<String, ConfigurationBundle> contentPacks = new HashMap<>(files.size());

    final Set<String> loadedContentPacks =
        new HashSet<>(contentPackLoaderConfig.loadedContentPacks());
    final Set<String> appliedContentPacks =
        new HashSet<>(contentPackLoaderConfig.appliedContentPacks());
    final Map<String, String> checksums = new HashMap<>(contentPackLoaderConfig.checksums());

    for (Path file : files) {
      final String fileName = file.getFileName().toString();

      LOG.debug("Reading content pack from {}", file);
      final byte[] bytes;
      try {
        bytes = Files.readAllBytes(file);
      } catch (IOException e) {
        LOG.warn("Couldn't read " + file + ". Skipping.", e);
        continue;
      }

      final String encodedFileName = encodeFileNameForMongo(fileName);
      final String checksum = HASH_FUNCTION.hashBytes(bytes).toString();
      final String storedChecksum = checksums.get(encodedFileName);
      if (storedChecksum == null) {
        checksums.put(encodedFileName, checksum);
      } else if (!checksum.equals(storedChecksum)) {
        LOG.info(
            "Checksum of {} changed (expected: {}, actual: {})", file, storedChecksum, checksum);
        continue;
      }

      if (contentPackLoaderConfig.loadedContentPacks().contains(fileName)) {
        LOG.debug("Skipping already loaded content pack {} (SHA-256: {})", file, storedChecksum);
        continue;
      }

      LOG.debug("Parsing content pack from {}", file);
      final ConfigurationBundle contentPack;
      try {
        contentPack = objectMapper.readValue(bytes, ConfigurationBundle.class);
      } catch (IOException e) {
        LOG.warn("Couldn't parse content pack in file " + file + ". Skipping", e);
        continue;
      }

      final ConfigurationBundle existingContentPack =
          bundleService.findByNameAndCategory(contentPack.getName(), contentPack.getCategory());
      if (existingContentPack != null) {
        LOG.debug(
            "Content pack {}/{} already exists in database. Skipping.",
            contentPack.getCategory(),
            contentPack.getName());
        contentPacks.put(fileName, existingContentPack);
        continue;
      }

      final ConfigurationBundle insertedContentPack;
      try {
        insertedContentPack = bundleService.insert(contentPack);
        LOG.debug(
            "Successfully inserted content pack {} into database with ID {}",
            file,
            insertedContentPack.getId());
      } catch (MongoException e) {
        LOG.error("Error while inserting content pack " + file + " into database. Skipping.", e);
        continue;
      }

      contentPacks.put(fileName, insertedContentPack);
      loadedContentPacks.add(fileName);
    }

    LOG.debug("Applying selected content packs");
    for (Map.Entry<String, ConfigurationBundle> entry : contentPacks.entrySet()) {
      final String fileName = entry.getKey();
      final ConfigurationBundle contentPack = entry.getValue();

      if (contentPacksAutoLoad.contains(fileName) && appliedContentPacks.contains(fileName)) {
        LOG.debug(
            "Content pack {}/{} ({}) already applied. Skipping.",
            contentPack.getName(),
            contentPack.getCategory(),
            fileName);
        continue;
      }

      if (contentPacksAutoLoad.contains(fileName)) {
        LOG.debug(
            "Applying content pack {}/{} ({})",
            contentPack.getName(),
            contentPack.getCategory(),
            fileName);
        bundleService.applyConfigurationBundle(contentPack, userService.getAdminUser());
        appliedContentPacks.add(fileName);
      }
    }

    final ContentPackLoaderConfig changedContentPackLoaderConfig =
        ContentPackLoaderConfig.create(loadedContentPacks, appliedContentPacks, checksums);
    if (!contentPackLoaderConfig.equals(changedContentPackLoaderConfig)) {
      clusterConfigService.write(changedContentPackLoaderConfig);
    }
  }