protected User getCurrentUser() { final Object principal = getSubject().getPrincipal(); final User user = userService.load(principal.toString()); if (user == null) { LOG.error( "Loading the current user failed, this should not happen. Did you call this method in an unauthenticated REST resource?"); } return user; }
@Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { SessionIdToken sessionIdToken = (SessionIdToken) token; final Subject subject = new Subject.Builder().sessionId(sessionIdToken.getSessionId()).buildSubject(); final Session session = subject.getSession(false); if (session == null) { LOG.debug( "Invalid session {}. Either it has expired or did not exist.", sessionIdToken.getSessionId()); return null; } final Object username = subject.getPrincipal(); final User user = userService.load(String.valueOf(username)); if (user == null) { LOG.debug("No user named {} found for session {}", username, sessionIdToken.getSessionId()); return null; } if (user.isExternalUser() && !ldapAuthenticator.isEnabled()) { throw new LockedAccountException("LDAP authentication is currently disabled."); } if (LOG.isDebugEnabled()) { LOG.debug("Found session {} for user name {}", session.getId(), username); } @SuppressWarnings("unchecked") final MultivaluedMap<String, String> requestHeaders = (MultivaluedMap<String, String>) ThreadContext.get("REQUEST_HEADERS"); // extend session unless the relevant header was passed. if (requestHeaders == null || !"true".equalsIgnoreCase(requestHeaders.getFirst("X-Graylog-No-Session-Extension"))) { session.touch(); } else { LOG.debug("Not extending session because the request indicated not to."); } ThreadContext.bind(subject); return new SimpleAccount(user.getName(), null, "session authenticator"); }
@Override public void doRun() { final ContentPackLoaderConfig contentPackLoaderConfig = clusterConfigService.getOrDefault( ContentPackLoaderConfig.class, ContentPackLoaderConfig.EMPTY); final List<Path> files = getFiles(contentPacksDir, FILENAME_GLOB); final Map<String, ConfigurationBundle> contentPacks = new HashMap<>(files.size()); final Set<String> loadedContentPacks = new HashSet<>(contentPackLoaderConfig.loadedContentPacks()); final Set<String> appliedContentPacks = new HashSet<>(contentPackLoaderConfig.appliedContentPacks()); final Map<String, String> checksums = new HashMap<>(contentPackLoaderConfig.checksums()); for (Path file : files) { final String fileName = file.getFileName().toString(); LOG.debug("Reading content pack from {}", file); final byte[] bytes; try { bytes = Files.readAllBytes(file); } catch (IOException e) { LOG.warn("Couldn't read " + file + ". Skipping.", e); continue; } final String encodedFileName = encodeFileNameForMongo(fileName); final String checksum = HASH_FUNCTION.hashBytes(bytes).toString(); final String storedChecksum = checksums.get(encodedFileName); if (storedChecksum == null) { checksums.put(encodedFileName, checksum); } else if (!checksum.equals(storedChecksum)) { LOG.info( "Checksum of {} changed (expected: {}, actual: {})", file, storedChecksum, checksum); continue; } if (contentPackLoaderConfig.loadedContentPacks().contains(fileName)) { LOG.debug("Skipping already loaded content pack {} (SHA-256: {})", file, storedChecksum); continue; } LOG.debug("Parsing content pack from {}", file); final ConfigurationBundle contentPack; try { contentPack = objectMapper.readValue(bytes, ConfigurationBundle.class); } catch (IOException e) { LOG.warn("Couldn't parse content pack in file " + file + ". Skipping", e); continue; } final ConfigurationBundle existingContentPack = bundleService.findByNameAndCategory(contentPack.getName(), contentPack.getCategory()); if (existingContentPack != null) { LOG.debug( "Content pack {}/{} already exists in database. Skipping.", contentPack.getCategory(), contentPack.getName()); contentPacks.put(fileName, existingContentPack); continue; } final ConfigurationBundle insertedContentPack; try { insertedContentPack = bundleService.insert(contentPack); LOG.debug( "Successfully inserted content pack {} into database with ID {}", file, insertedContentPack.getId()); } catch (MongoException e) { LOG.error("Error while inserting content pack " + file + " into database. Skipping.", e); continue; } contentPacks.put(fileName, insertedContentPack); loadedContentPacks.add(fileName); } LOG.debug("Applying selected content packs"); for (Map.Entry<String, ConfigurationBundle> entry : contentPacks.entrySet()) { final String fileName = entry.getKey(); final ConfigurationBundle contentPack = entry.getValue(); if (contentPacksAutoLoad.contains(fileName) && appliedContentPacks.contains(fileName)) { LOG.debug( "Content pack {}/{} ({}) already applied. Skipping.", contentPack.getName(), contentPack.getCategory(), fileName); continue; } if (contentPacksAutoLoad.contains(fileName)) { LOG.debug( "Applying content pack {}/{} ({})", contentPack.getName(), contentPack.getCategory(), fileName); bundleService.applyConfigurationBundle(contentPack, userService.getAdminUser()); appliedContentPacks.add(fileName); } } final ContentPackLoaderConfig changedContentPackLoaderConfig = ContentPackLoaderConfig.create(loadedContentPacks, appliedContentPacks, checksums); if (!contentPackLoaderConfig.equals(changedContentPackLoaderConfig)) { clusterConfigService.write(changedContentPackLoaderConfig); } }