Search in sources :

Example 6 with Parameter

use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.

the class StreamAlertResource method list.

@GET
@Timed
@ApiOperation(value = "Get the most recent alarms of this stream.")
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid ObjectId.") })
public AlertListSummary list(@ApiParam(name = "streamId", value = "The stream id this new alert condition belongs to.", required = true) @PathParam("streamId") String streamId, @ApiParam(name = "since", value = "Optional parameter to define a lower date boundary. (UNIX timestamp)") @QueryParam("since") @DefaultValue("0") @Min(0) int sinceTs, @ApiParam(name = "limit", value = "Maximum number of alerts to return.") @QueryParam("limit") @DefaultValue("300") @Min(1) int limit) throws NotFoundException {
    checkPermission(RestPermissions.STREAMS_READ, streamId);
    final DateTime since = new DateTime(sinceTs * 1000L, DateTimeZone.UTC);
    final Stream stream = streamService.load(streamId);
    final List<AlertSummary> conditions = toSummaryList(alertService.loadRecentOfStream(stream.getId(), since, limit));
    return AlertListSummary.create(alertService.totalCountForStream(streamId), conditions);
}
Also used : Stream(org.graylog2.plugin.streams.Stream) AlertSummary(org.graylog2.rest.models.streams.alerts.AlertSummary) DateTime(org.joda.time.DateTime) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 7 with Parameter

use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.

the class AlertResource method listRecent.

@GET
@Timed
@ApiOperation(value = "Get the most recent alarms of all streams.")
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid ObjectId.") })
public AlertListSummary listRecent(@ApiParam(name = "since", value = "Optional parameter to define a lower date boundary. (UNIX timestamp)", required = false) @QueryParam("since") @DefaultValue("0") @Min(0) int sinceTs, @ApiParam(name = "limit", value = "Maximum number of alerts to return.", required = false) @QueryParam("limit") @DefaultValue("300") @Min(1) int limit) throws NotFoundException {
    final DateTime since = new DateTime(sinceTs * 1000L, DateTimeZone.UTC);
    final List<AlertSummary> alerts = getAlertSummaries(alertService.loadRecentOfStreams(getAllowedStreamIds(), since, limit).stream());
    return AlertListSummary.create(alerts.size(), alerts);
}
Also used : AlertSummary(org.graylog2.rest.models.streams.alerts.AlertSummary) DateTime(org.joda.time.DateTime) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 8 with Parameter

use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.

the class HTTPAlarmCallbackTest method checkConfigurationFailsWithEmptyURL.

@Test
public void checkConfigurationFailsWithEmptyURL() throws Exception {
    final Map<String, Object> configMap = ImmutableMap.of("url", "");
    final Configuration configuration = new Configuration(configMap);
    alarmCallback.initialize(configuration);
    expectedException.expect(ConfigurationException.class);
    expectedException.expectMessage("URL parameter is missing.");
    alarmCallback.checkConfiguration();
}
Also used : Configuration(org.graylog2.plugin.configuration.Configuration) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.Test)

Example 9 with Parameter

use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.

the class LdapUserAuthenticator method doGetAuthenticationInfo.

@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authtoken) throws AuthenticationException {
    // safe, we only handle this type
    final UsernamePasswordToken token = (UsernamePasswordToken) authtoken;
    final LdapSettings ldapSettings = ldapSettingsService.load();
    if (ldapSettings == null || !ldapSettings.isEnabled()) {
        LOG.trace("LDAP is disabled, skipping");
        return null;
    }
    final LdapConnectionConfig config = new LdapConnectionConfig();
    config.setLdapHost(ldapSettings.getUri().getHost());
    config.setLdapPort(ldapSettings.getUri().getPort());
    config.setUseSsl(ldapSettings.getUri().getScheme().startsWith("ldaps"));
    config.setUseTls(ldapSettings.isUseStartTls());
    if (ldapSettings.isTrustAllCertificates()) {
        config.setTrustManagers(new TrustAllX509TrustManager());
    }
    config.setName(ldapSettings.getSystemUserName());
    config.setCredentials(ldapSettings.getSystemPassword());
    final String principal = (String) token.getPrincipal();
    final char[] tokenPassword = firstNonNull(token.getPassword(), new char[0]);
    final String password = String.valueOf(tokenPassword);
    // do not try to look a token up in LDAP if there is no principal or password
    if (isNullOrEmpty(principal) || isNullOrEmpty(password)) {
        LOG.debug("Principal or password were empty. Not trying to look up a token in LDAP.");
        return null;
    }
    try (final LdapNetworkConnection connection = ldapConnector.connect(config)) {
        if (null == connection) {
            LOG.error("Couldn't connect to LDAP directory");
            return null;
        }
        final LdapEntry userEntry = ldapConnector.search(connection, ldapSettings.getSearchBase(), ldapSettings.getSearchPattern(), ldapSettings.getDisplayNameAttribute(), principal, ldapSettings.isActiveDirectory(), ldapSettings.getGroupSearchBase(), ldapSettings.getGroupIdAttribute(), ldapSettings.getGroupSearchPattern());
        if (userEntry == null) {
            LOG.debug("User {} not found in LDAP", principal);
            return null;
        }
        // needs to use the DN of the entry, not the parameter for the lookup filter we used to find the entry!
        final boolean authenticated = ldapConnector.authenticate(connection, userEntry.getDn(), password);
        if (!authenticated) {
            LOG.info("Invalid credentials for user {} (DN {})", principal, userEntry.getDn());
            return null;
        }
        // user found and authenticated, sync the user entry with mongodb
        final User user = syncFromLdapEntry(userEntry, ldapSettings, principal);
        if (user == null) {
            // in case there was an error reading, creating or modifying the user in mongodb, we do not authenticate the user.
            LOG.error("Unable to sync LDAP user {} (DN {})", userEntry.getBindPrincipal(), userEntry.getDn());
            return null;
        }
        return new SimpleAccount(principal, null, "ldap realm");
    } catch (LdapException e) {
        LOG.error("LDAP error", e);
    } catch (CursorException e) {
        LOG.error("Unable to read LDAP entry", e);
    } catch (Exception e) {
        LOG.error("Error during LDAP user account sync. Cannot log in user {}", principal, e);
    }
    // Return null by default to ensure a login failure if anything goes wrong.
    return null;
}
Also used : SimpleAccount(org.apache.shiro.authc.SimpleAccount) User(org.graylog2.plugin.database.users.User) LdapConnectionConfig(org.apache.directory.ldap.client.api.LdapConnectionConfig) LdapEntry(org.graylog2.shared.security.ldap.LdapEntry) LdapNetworkConnection(org.apache.directory.ldap.client.api.LdapNetworkConnection) TrustAllX509TrustManager(org.graylog2.security.TrustAllX509TrustManager) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) NotFoundException(org.graylog2.database.NotFoundException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) ValidationException(org.graylog2.plugin.database.ValidationException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) CursorException(org.apache.directory.api.ldap.model.cursor.CursorException) LdapException(org.apache.directory.api.ldap.model.exception.LdapException) LdapSettings(org.graylog2.shared.security.ldap.LdapSettings)

Example 10 with Parameter

use of org.graylog2.contentpacks.model.parameters.Parameter in project graylog2-server by Graylog2.

the class HTTPAlarmCallbackTest method checkConfigurationFailsWithMissingURL.

@Test
public void checkConfigurationFailsWithMissingURL() throws Exception {
    final Map<String, Object> configMap = ImmutableMap.of();
    final Configuration configuration = new Configuration(configMap);
    alarmCallback.initialize(configuration);
    expectedException.expect(ConfigurationException.class);
    expectedException.expectMessage("URL parameter is missing.");
    alarmCallback.checkConfiguration();
}
Also used : Configuration(org.graylog2.plugin.configuration.Configuration) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)4 ApiOperation (io.swagger.annotations.ApiOperation)3 Timed (com.codahale.metrics.annotation.Timed)2 ImmutableMap (com.google.common.collect.ImmutableMap)2 ApiResponses (io.swagger.annotations.ApiResponses)2 Collections (java.util.Collections)2 Map (java.util.Map)2 Set (java.util.Set)2 Collectors (java.util.stream.Collectors)2 Nullable (javax.annotation.Nullable)2 GET (javax.ws.rs.GET)2 CursorException (org.apache.directory.api.ldap.model.cursor.CursorException)2 LdapException (org.apache.directory.api.ldap.model.exception.LdapException)2 Query (org.graylog.plugins.views.search.Query)2 ValueReference (org.graylog2.contentpacks.model.entities.references.ValueReference)2 AlertSummary (org.graylog2.rest.models.streams.alerts.AlertSummary)2 DateTime (org.joda.time.DateTime)2 JsonAutoDetect (com.fasterxml.jackson.annotation.JsonAutoDetect)1 JsonCreator (com.fasterxml.jackson.annotation.JsonCreator)1 JsonIgnore (com.fasterxml.jackson.annotation.JsonIgnore)1