use of password.pwm.config.Configuration in project pwm by pwm-project.
the class LDAPStatusChecker method checkUserPermission.
private static List<HealthRecord> checkUserPermission(final PwmApplication pwmApplication, final UserPermission userPermission, final PwmSetting pwmSetting) throws PwmUnrecoverableException {
final String settingDebugName = pwmSetting.toMenuLocationDebug(null, PwmConstants.DEFAULT_LOCALE);
final List<HealthRecord> returnList = new ArrayList<>();
final Configuration config = pwmApplication.getConfig();
final List<String> ldapProfilesToCheck = new ArrayList<>();
{
final String configuredLdapProfileID = userPermission.getLdapProfileID();
if (configuredLdapProfileID == null || configuredLdapProfileID.isEmpty() || configuredLdapProfileID.equals(PwmConstants.PROFILE_ID_ALL)) {
ldapProfilesToCheck.addAll(config.getLdapProfiles().keySet());
} else {
if (config.getLdapProfiles().keySet().contains(configuredLdapProfileID)) {
ldapProfilesToCheck.add(configuredLdapProfileID);
} else {
return Collections.singletonList(HealthRecord.forMessage(HealthMessage.Config_UserPermissionValidity, settingDebugName, "specified ldap profile ID invalid: " + configuredLdapProfileID));
}
}
}
for (final String ldapProfileID : ldapProfilesToCheck) {
switch(userPermission.getType()) {
case ldapGroup:
{
final String groupDN = userPermission.getLdapBase();
if (groupDN != null && !isExampleDN(groupDN)) {
final String errorMsg = validateDN(pwmApplication, groupDN, ldapProfileID);
if (errorMsg != null) {
returnList.add(HealthRecord.forMessage(HealthMessage.Config_UserPermissionValidity, settingDebugName, "groupDN: " + errorMsg));
}
}
}
break;
case ldapQuery:
{
final String baseDN = userPermission.getLdapBase();
if (baseDN != null && !isExampleDN(baseDN)) {
final String errorMsg = validateDN(pwmApplication, baseDN, ldapProfileID);
if (errorMsg != null) {
returnList.add(HealthRecord.forMessage(HealthMessage.Config_UserPermissionValidity, settingDebugName, "baseDN: " + errorMsg));
}
}
}
break;
default:
JavaHelper.unhandledSwitchStatement(userPermission.getType());
}
}
return returnList;
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class LDAPStatusChecker method checkLdapDNSyntaxValues.
private static List<HealthRecord> checkLdapDNSyntaxValues(final PwmApplication pwmApplication) {
final List<HealthRecord> returnList = new ArrayList<>();
final Configuration config = pwmApplication.getConfig();
try {
for (final PwmSetting pwmSetting : PwmSetting.values()) {
if (!pwmSetting.isHidden() && pwmSetting.getCategory() == PwmSettingCategory.LDAP_PROFILE && pwmSetting.getFlags().contains(PwmSettingFlag.ldapDNsyntax)) {
for (final String profile : config.getLdapProfiles().keySet()) {
if (pwmSetting.getSyntax() == PwmSettingSyntax.STRING) {
final String value = config.getLdapProfiles().get(profile).readSettingAsString(pwmSetting);
if (value != null && !value.isEmpty()) {
final String errorMsg = validateDN(pwmApplication, value, profile);
if (errorMsg != null) {
returnList.add(HealthRecord.forMessage(HealthMessage.Config_DNValueValidity, pwmSetting.toMenuLocationDebug(profile, PwmConstants.DEFAULT_LOCALE), errorMsg));
}
}
} else if (pwmSetting.getSyntax() == PwmSettingSyntax.STRING_ARRAY) {
final List<String> values = config.getLdapProfiles().get(profile).readSettingAsStringArray(pwmSetting);
if (values != null) {
for (final String value : values) {
final String errorMsg = validateDN(pwmApplication, value, profile);
if (errorMsg != null) {
returnList.add(HealthRecord.forMessage(HealthMessage.Config_DNValueValidity, pwmSetting.toMenuLocationDebug(profile, PwmConstants.DEFAULT_LOCALE), errorMsg));
}
}
}
}
}
}
}
} catch (PwmUnrecoverableException e) {
LOGGER.warn("error while checking DN ldap syntax values: " + e.getMessage());
}
return returnList;
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class LDAPStatusChecker method checkUserPermissionValues.
private static List<HealthRecord> checkUserPermissionValues(final PwmApplication pwmApplication) {
final List<HealthRecord> returnList = new ArrayList<>();
final Configuration config = pwmApplication.getConfig();
for (final PwmSetting pwmSetting : PwmSetting.values()) {
if (!pwmSetting.isHidden() && pwmSetting.getSyntax() == PwmSettingSyntax.USER_PERMISSION) {
if (!pwmSetting.getCategory().hasProfiles()) {
final List<UserPermission> userPermissions = config.readSettingAsUserPermission(pwmSetting);
for (final UserPermission userPermission : userPermissions) {
try {
returnList.addAll(checkUserPermission(pwmApplication, userPermission, pwmSetting));
} catch (PwmUnrecoverableException e) {
LOGGER.error("error checking configured permission settings:" + e.getMessage());
}
}
}
}
}
return returnList;
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class ContextManager method initialize.
public void initialize() {
try {
Locale.setDefault(PwmConstants.DEFAULT_LOCALE);
} catch (Exception e) {
outputError("unable to set default locale as Java machine default locale: " + e.getMessage());
}
Configuration configuration = null;
PwmApplicationMode mode = PwmApplicationMode.ERROR;
final ParameterReader parameterReader = new ParameterReader(servletContext);
final File applicationPath;
{
final String applicationPathStr = parameterReader.readApplicationPath();
if (applicationPathStr == null || applicationPathStr.isEmpty()) {
startupErrorInformation = new ErrorInformation(PwmError.ERROR_ENVIRONMENT_ERROR, "application path is not specified");
return;
} else {
applicationPath = new File(applicationPathStr);
}
}
File configurationFile = null;
try {
configurationFile = locateConfigurationFile(applicationPath);
configReader = new ConfigurationReader(configurationFile);
configReader.getStoredConfiguration().lock();
configuration = configReader.getConfiguration();
mode = startupErrorInformation == null ? configReader.getConfigMode() : PwmApplicationMode.ERROR;
if (startupErrorInformation == null) {
startupErrorInformation = configReader.getConfigFileError();
}
if (PwmApplicationMode.ERROR == mode) {
outputError("Startup Error: " + (startupErrorInformation == null ? "un-specified error" : startupErrorInformation.toDebugStr()));
}
} catch (Throwable e) {
handleStartupError("unable to initialize application due to configuration related error: ", e);
}
LOGGER.debug("configuration file was loaded from " + (configurationFile == null ? "null" : configurationFile.getAbsoluteFile()));
final Collection<PwmEnvironment.ApplicationFlag> applicationFlags = parameterReader.readApplicationFlags();
final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = parameterReader.readApplicationParams();
try {
final PwmEnvironment pwmEnvironment = new PwmEnvironment.Builder(configuration, applicationPath).setApplicationMode(mode).setConfigurationFile(configurationFile).setContextManager(this).setFlags(applicationFlags).setParams(applicationParams).createPwmEnvironment();
pwmApplication = new PwmApplication(pwmEnvironment);
} catch (Exception e) {
handleStartupError("unable to initialize application: ", e);
}
final String threadName = JavaHelper.makeThreadName(pwmApplication, this.getClass()) + " timer";
taskMaster = new Timer(threadName, true);
taskMaster.schedule(new RestartFlagWatcher(), 1031, 1031);
boolean reloadOnChange = true;
long fileScanFrequencyMs = 5000;
{
if (pwmApplication != null) {
reloadOnChange = Boolean.parseBoolean(pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_RELOAD_ON_CHANGE));
fileScanFrequencyMs = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_FILE_SCAN_FREQUENCY));
}
if (reloadOnChange) {
taskMaster.schedule(new ConfigFileWatcher(), fileScanFrequencyMs, fileScanFrequencyMs);
}
checkConfigForSaveOnRestart(configReader, pwmApplication);
}
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class IdleTimeoutCalculator method figureMaxSessionTimeout.
public static MaxIdleTimeoutResult figureMaxSessionTimeout(final PwmApplication pwmApplication, final PwmSession pwmSession) throws PwmUnrecoverableException {
final Configuration configuration = pwmApplication.getConfig();
final SortedSet<MaxIdleTimeoutResult> results = new TreeSet<>();
{
final long idleSetting = configuration.readSettingAsLong(PwmSetting.IDLE_TIMEOUT_SECONDS);
results.add(new MaxIdleTimeoutResult(MaxIdleTimeoutResult.reasonFor(PwmSetting.IDLE_TIMEOUT_SECONDS, null), new TimeDuration(idleSetting, TimeUnit.SECONDS)));
}
if (!pwmSession.isAuthenticated()) {
if (pwmApplication.getApplicationMode() == PwmApplicationMode.NEW) {
final long configGuideIdleTimeout = Long.parseLong(configuration.readAppProperty(AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT));
results.add(new MaxIdleTimeoutResult("Configuration Guide Idle Timeout", new TimeDuration(configGuideIdleTimeout, TimeUnit.SECONDS)));
}
if (configuration.readSettingAsBoolean(PwmSetting.PEOPLE_SEARCH_ENABLE_PUBLIC)) {
final long peopleSearchIdleTimeout = configuration.readSettingAsLong(PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS);
if (peopleSearchIdleTimeout > 0) {
results.add(new MaxIdleTimeoutResult(MaxIdleTimeoutResult.reasonFor(PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS, null), new TimeDuration(peopleSearchIdleTimeout, TimeUnit.SECONDS)));
}
}
} else {
final UserInfo userInfo = pwmSession.getUserInfo();
final boolean userIsAdmin = pwmSession.getSessionManager().checkPermission(pwmApplication, Permission.PWMADMIN);
final Set<MaxIdleTimeoutResult> loggedInResults = figureMaxAuthUserTimeout(configuration, userInfo, userIsAdmin);
results.addAll(loggedInResults);
}
return results.last();
}
Aggregations