@GET @Produces(MediaType.APPLICATION_JSON + ";charset=UTF-8") @Path("/client") public Response doGetAppClientData( @QueryParam("pageUrl") String pageUrl, @PathParam(value = "eTagUri") final String eTagUri, @Context HttpServletRequest request, @Context HttpServletResponse response) throws PwmUnrecoverableException, IOException, ChaiUnavailableException { final int maxCacheAgeSeconds = 60 * 5; final RestRequestBean restRequestBean; try { restRequestBean = RestServerHelper.initializeRestRequest( request, response, ServicePermissions.PUBLIC, null); } catch (PwmUnrecoverableException e) { return RestResultBean.fromError(e.getErrorInformation()).asJsonResponse(); } final String eTagValue = makeClientEtag( restRequestBean.getPwmApplication(), restRequestBean.getPwmSession(), request); // check the incoming header; final String ifNoneMatchValue = request.getHeader("If-None-Match"); if (ifNoneMatchValue != null && ifNoneMatchValue.equals(eTagValue) && eTagValue.equals(eTagUri)) { return Response.notModified().build(); } response.setHeader("ETag", eTagValue); response.setDateHeader("Expires", System.currentTimeMillis() + (maxCacheAgeSeconds * 1000)); response.setHeader("Cache-Control", "public, max-age=" + maxCacheAgeSeconds); final AppData appData = makeAppData( restRequestBean.getPwmApplication(), restRequestBean.getPwmSession(), request, response, pageUrl); final RestResultBean restResultBean = new RestResultBean(); restResultBean.setData(appData); return restResultBean.asJsonResponse(); }
@GET @Path("/intruder") @Produces(MediaType.APPLICATION_JSON + ";charset=UTF-8") public Response doGetAppIntruderData(@QueryParam("maximum") int maximum) throws ChaiUnavailableException, PwmUnrecoverableException { maximum = maximum > 0 ? maximum : 10 * 1000; final RestRequestBean restRequestBean; try { final ServicePermissions servicePermissions = new ServicePermissions(); servicePermissions.setAdminOnly(true); servicePermissions.setAuthRequired(true); servicePermissions.setBlockExternal(true); restRequestBean = RestServerHelper.initializeRestRequest(request, response, servicePermissions, null); } catch (PwmUnrecoverableException e) { return RestResultBean.fromError(e.getErrorInformation()).asJsonResponse(); } if (!restRequestBean .getPwmSession() .getSessionManager() .checkPermission(restRequestBean.getPwmApplication(), Permission.PWMADMIN)) { final ErrorInformation errorInfo = PwmError.ERROR_UNAUTHORIZED.toInfo(); return RestResultBean.fromError(errorInfo, restRequestBean).asJsonResponse(); } final TreeMap<String, Object> returnData = new TreeMap<>(); try { for (final RecordType recordType : RecordType.values()) { returnData.put( recordType.toString(), restRequestBean .getPwmApplication() .getIntruderManager() .getRecords(recordType, maximum)); } } catch (PwmOperationalException e) { final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_UNKNOWN, e.getMessage()); return RestResultBean.fromError(errorInfo, restRequestBean).asJsonResponse(); } final RestResultBean restResultBean = new RestResultBean(); restResultBean.setData(returnData); return restResultBean.asJsonResponse(); }
@GET @Path("/audit") @Produces(MediaType.APPLICATION_JSON + ";charset=UTF-8") public Response doGetAppAuditData(@QueryParam("maximum") int maximum) throws ChaiUnavailableException, PwmUnrecoverableException { maximum = maximum > 0 ? maximum : 10 * 1000; final RestRequestBean restRequestBean; try { final ServicePermissions servicePermissions = new ServicePermissions(); servicePermissions.setAdminOnly(true); servicePermissions.setAuthRequired(true); servicePermissions.setBlockExternal(true); restRequestBean = RestServerHelper.initializeRestRequest(request, response, servicePermissions, null); } catch (PwmUnrecoverableException e) { return RestResultBean.fromError(e.getErrorInformation()).asJsonResponse(); } final ArrayList<UserAuditRecord> userRecords = new ArrayList<>(); final ArrayList<HelpdeskAuditRecord> helpdeskRecords = new ArrayList<>(); final ArrayList<SystemAuditRecord> systemRecords = new ArrayList<>(); final Iterator<AuditRecord> iterator = restRequestBean.getPwmApplication().getAuditManager().readVault(); int counter = 0; while (iterator.hasNext() && counter <= maximum) { final AuditRecord loopRecord = iterator.next(); counter++; if (loopRecord instanceof SystemAuditRecord) { systemRecords.add((SystemAuditRecord) loopRecord); } else if (loopRecord instanceof HelpdeskAuditRecord) { helpdeskRecords.add((HelpdeskAuditRecord) loopRecord); } else if (loopRecord instanceof UserAuditRecord) { userRecords.add((UserAuditRecord) loopRecord); } } final HashMap<String, List> outputMap = new HashMap<>(); outputMap.put("user", userRecords); outputMap.put("helpdesk", helpdeskRecords); outputMap.put("system", systemRecords); final RestResultBean restResultBean = new RestResultBean(); restResultBean.setData(outputMap); LOGGER.debug(restRequestBean.getPwmSession(), "output " + counter + " audit records."); return restResultBean.asJsonResponse(); }
@GET @Produces(MediaType.APPLICATION_JSON + ";charset=UTF-8") @Path("/strings/{bundle}") public Response doGetStringData(@PathParam(value = "bundle") final String bundleName) throws PwmUnrecoverableException, IOException, ChaiUnavailableException { final int maxCacheAgeSeconds = 60 * 5; final RestRequestBean restRequestBean; try { restRequestBean = RestServerHelper.initializeRestRequest( request, response, ServicePermissions.PUBLIC, null); } catch (PwmUnrecoverableException e) { return RestResultBean.fromError(e.getErrorInformation()).asJsonResponse(); } final String eTagValue = makeClientEtag( restRequestBean.getPwmApplication(), restRequestBean.getPwmSession(), request); response.setHeader("ETag", eTagValue); response.setDateHeader("Expires", System.currentTimeMillis() + (maxCacheAgeSeconds * 1000)); response.setHeader("Cache-Control", "public, max-age=" + maxCacheAgeSeconds); try { final LinkedHashMap<String, String> displayData = new LinkedHashMap<>( makeDisplayData( restRequestBean.getPwmApplication(), restRequestBean.getPwmSession(), bundleName)); final RestResultBean restResultBean = new RestResultBean(); restResultBean.setData(displayData); return restResultBean.asJsonResponse(); } catch (Exception e) { final String errorMSg = "error during rest /strings call for bundle " + bundleName + ", error: " + e.getMessage(); final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMSg); return RestResultBean.fromError(errorInformation).asJsonResponse(); } }
@GET @Path("/session") @Produces(MediaType.APPLICATION_JSON + ";charset=UTF-8") public Response doGetAppSessionData(@QueryParam("maximum") int maximum) throws ChaiUnavailableException, PwmUnrecoverableException { maximum = maximum > 0 ? maximum : 10 * 1000; final RestRequestBean restRequestBean; try { final ServicePermissions servicePermissions = new ServicePermissions(); servicePermissions.setAdminOnly(true); servicePermissions.setAuthRequired(true); servicePermissions.setBlockExternal(true); restRequestBean = RestServerHelper.initializeRestRequest(request, response, servicePermissions, null); } catch (PwmUnrecoverableException e) { return RestResultBean.fromError(e.getErrorInformation()).asJsonResponse(); } if (!restRequestBean .getPwmSession() .getSessionManager() .checkPermission(restRequestBean.getPwmApplication(), Permission.PWMADMIN)) { final ErrorInformation errorInfo = PwmError.ERROR_UNAUTHORIZED.toInfo(); return RestResultBean.fromError(errorInfo, restRequestBean).asJsonResponse(); } final ArrayList<SessionStateInfoBean> gridData = new ArrayList<>(); int counter = 0; final Iterator<SessionStateInfoBean> infos = restRequestBean.getPwmApplication().getSessionTrackService().getSessionInfoIterator(); while (counter < maximum && infos.hasNext()) { gridData.add(infos.next()); counter++; } final RestResultBean restResultBean = new RestResultBean(); restResultBean.setData(gridData); return restResultBean.asJsonResponse(); }
private void restLdapHealth(final PwmRequest pwmRequest, final ConfigGuideBean configGuideBean) throws IOException, PwmUnrecoverableException { final Configuration tempConfiguration = new Configuration(configGuideBean.getStoredConfiguration()); final PwmApplication tempApplication = new PwmApplication.PwmEnvironment( tempConfiguration, pwmRequest.getPwmApplication().getApplicationPath()) .setApplicationMode(PwmApplication.MODE.NEW) .setInternalRuntimeInstance(true) .setWebInfPath(pwmRequest.getPwmApplication().getWebInfPath()) .createPwmApplication(); final LDAPStatusChecker ldapStatusChecker = new LDAPStatusChecker(); final List<HealthRecord> records = new ArrayList<>(); final LdapProfile ldapProfile = tempConfiguration.getDefaultLdapProfile(); switch (configGuideBean.getStep()) { case LDAP_SERVER: { try { checkLdapServer(configGuideBean); records.add(password.pwm.health.HealthRecord.forMessage(HealthMessage.LDAP_OK)); } catch (Exception e) { records.add( new HealthRecord( HealthStatus.WARN, HealthTopic.LDAP, "Can not connect to remote server: " + e.getMessage())); } } break; case LDAP_ADMIN: { records.addAll( ldapStatusChecker.checkBasicLdapConnectivity( tempApplication, tempConfiguration, ldapProfile, false)); if (records.isEmpty()) { records.add(password.pwm.health.HealthRecord.forMessage(HealthMessage.LDAP_OK)); } } break; case LDAP_CONTEXT: { records.addAll( ldapStatusChecker.checkBasicLdapConnectivity( tempApplication, tempConfiguration, ldapProfile, true)); if (records.isEmpty()) { records.add( new HealthRecord( HealthStatus.GOOD, HealthTopic.LDAP, "LDAP Contextless Login Root validated")); } try { final UserMatchViewerFunction userMatchViewerFunction = new UserMatchViewerFunction(); final Collection<UserIdentity> results = userMatchViewerFunction.discoverMatchingUsers( pwmRequest.getPwmApplication(), 2, configGuideBean.getStoredConfiguration(), PwmSetting.QUERY_MATCH_PWM_ADMIN, null); if (results.isEmpty()) { records.add( new HealthRecord(HealthStatus.WARN, HealthTopic.LDAP, "No matching admin users")); } else { records.add( new HealthRecord(HealthStatus.GOOD, HealthTopic.LDAP, "Admin group validated")); } } catch (PwmException e) { records.add( new HealthRecord( HealthStatus.WARN, HealthTopic.LDAP, "Error during admin group validation: " + e.getErrorInformation().toDebugStr())); } catch (Exception e) { records.add( new HealthRecord( HealthStatus.WARN, HealthTopic.LDAP, "Error during admin group validation: " + e.getMessage())); } } break; case LDAP_TESTUSER: { final String testUserValue = configGuideBean.getFormData().get(PARAM_LDAP_TEST_USER); if (testUserValue != null && !testUserValue.isEmpty()) { records.addAll( ldapStatusChecker.checkBasicLdapConnectivity( tempApplication, tempConfiguration, ldapProfile, false)); records.addAll( ldapStatusChecker.doLdapTestUserCheck( tempConfiguration, ldapProfile, tempApplication)); } else { records.add( new HealthRecord(HealthStatus.CAUTION, HealthTopic.LDAP, "No test user specified")); } } break; } HealthData jsonOutput = new HealthData(); jsonOutput.records = password.pwm.ws.server.rest.bean.HealthRecord.fromHealthRecords( records, pwmRequest.getLocale(), tempConfiguration); jsonOutput.timestamp = new Date(); jsonOutput.overall = HealthMonitor.getMostSevereHealthStatus(records).toString(); final RestResultBean restResultBean = new RestResultBean(); restResultBean.setData(jsonOutput); pwmRequest.outputJsonResult(restResultBean); }