Search in sources :

Example 1 with Configuration

use of password.pwm.config.Configuration in project pwm by pwm-project.

the class LDAPStatusChecker method checkUserPermission.

private static List<HealthRecord> checkUserPermission(final PwmApplication pwmApplication, final UserPermission userPermission, final PwmSetting pwmSetting) throws PwmUnrecoverableException {
    final String settingDebugName = pwmSetting.toMenuLocationDebug(null, PwmConstants.DEFAULT_LOCALE);
    final List<HealthRecord> returnList = new ArrayList<>();
    final Configuration config = pwmApplication.getConfig();
    final List<String> ldapProfilesToCheck = new ArrayList<>();
    {
        final String configuredLdapProfileID = userPermission.getLdapProfileID();
        if (configuredLdapProfileID == null || configuredLdapProfileID.isEmpty() || configuredLdapProfileID.equals(PwmConstants.PROFILE_ID_ALL)) {
            ldapProfilesToCheck.addAll(config.getLdapProfiles().keySet());
        } else {
            if (config.getLdapProfiles().keySet().contains(configuredLdapProfileID)) {
                ldapProfilesToCheck.add(configuredLdapProfileID);
            } else {
                return Collections.singletonList(HealthRecord.forMessage(HealthMessage.Config_UserPermissionValidity, settingDebugName, "specified ldap profile ID invalid: " + configuredLdapProfileID));
            }
        }
    }
    for (final String ldapProfileID : ldapProfilesToCheck) {
        switch(userPermission.getType()) {
            case ldapGroup:
                {
                    final String groupDN = userPermission.getLdapBase();
                    if (groupDN != null && !isExampleDN(groupDN)) {
                        final String errorMsg = validateDN(pwmApplication, groupDN, ldapProfileID);
                        if (errorMsg != null) {
                            returnList.add(HealthRecord.forMessage(HealthMessage.Config_UserPermissionValidity, settingDebugName, "groupDN: " + errorMsg));
                        }
                    }
                }
                break;
            case ldapQuery:
                {
                    final String baseDN = userPermission.getLdapBase();
                    if (baseDN != null && !isExampleDN(baseDN)) {
                        final String errorMsg = validateDN(pwmApplication, baseDN, ldapProfileID);
                        if (errorMsg != null) {
                            returnList.add(HealthRecord.forMessage(HealthMessage.Config_UserPermissionValidity, settingDebugName, "baseDN: " + errorMsg));
                        }
                    }
                }
                break;
            default:
                JavaHelper.unhandledSwitchStatement(userPermission.getType());
        }
    }
    return returnList;
}
Also used : Configuration(password.pwm.config.Configuration) ChaiConfiguration(com.novell.ldapchai.provider.ChaiConfiguration) ArrayList(java.util.ArrayList)

Example 2 with Configuration

use of password.pwm.config.Configuration in project pwm by pwm-project.

the class LDAPStatusChecker method checkLdapDNSyntaxValues.

private static List<HealthRecord> checkLdapDNSyntaxValues(final PwmApplication pwmApplication) {
    final List<HealthRecord> returnList = new ArrayList<>();
    final Configuration config = pwmApplication.getConfig();
    try {
        for (final PwmSetting pwmSetting : PwmSetting.values()) {
            if (!pwmSetting.isHidden() && pwmSetting.getCategory() == PwmSettingCategory.LDAP_PROFILE && pwmSetting.getFlags().contains(PwmSettingFlag.ldapDNsyntax)) {
                for (final String profile : config.getLdapProfiles().keySet()) {
                    if (pwmSetting.getSyntax() == PwmSettingSyntax.STRING) {
                        final String value = config.getLdapProfiles().get(profile).readSettingAsString(pwmSetting);
                        if (value != null && !value.isEmpty()) {
                            final String errorMsg = validateDN(pwmApplication, value, profile);
                            if (errorMsg != null) {
                                returnList.add(HealthRecord.forMessage(HealthMessage.Config_DNValueValidity, pwmSetting.toMenuLocationDebug(profile, PwmConstants.DEFAULT_LOCALE), errorMsg));
                            }
                        }
                    } else if (pwmSetting.getSyntax() == PwmSettingSyntax.STRING_ARRAY) {
                        final List<String> values = config.getLdapProfiles().get(profile).readSettingAsStringArray(pwmSetting);
                        if (values != null) {
                            for (final String value : values) {
                                final String errorMsg = validateDN(pwmApplication, value, profile);
                                if (errorMsg != null) {
                                    returnList.add(HealthRecord.forMessage(HealthMessage.Config_DNValueValidity, pwmSetting.toMenuLocationDebug(profile, PwmConstants.DEFAULT_LOCALE), errorMsg));
                                }
                            }
                        }
                    }
                }
            }
        }
    } catch (PwmUnrecoverableException e) {
        LOGGER.warn("error while checking DN ldap syntax values: " + e.getMessage());
    }
    return returnList;
}
Also used : PwmSetting(password.pwm.config.PwmSetting) Configuration(password.pwm.config.Configuration) ChaiConfiguration(com.novell.ldapchai.provider.ChaiConfiguration) ArrayList(java.util.ArrayList) List(java.util.List) ArrayList(java.util.ArrayList) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)

Example 3 with Configuration

use of password.pwm.config.Configuration in project pwm by pwm-project.

the class LDAPStatusChecker method checkUserPermissionValues.

private static List<HealthRecord> checkUserPermissionValues(final PwmApplication pwmApplication) {
    final List<HealthRecord> returnList = new ArrayList<>();
    final Configuration config = pwmApplication.getConfig();
    for (final PwmSetting pwmSetting : PwmSetting.values()) {
        if (!pwmSetting.isHidden() && pwmSetting.getSyntax() == PwmSettingSyntax.USER_PERMISSION) {
            if (!pwmSetting.getCategory().hasProfiles()) {
                final List<UserPermission> userPermissions = config.readSettingAsUserPermission(pwmSetting);
                for (final UserPermission userPermission : userPermissions) {
                    try {
                        returnList.addAll(checkUserPermission(pwmApplication, userPermission, pwmSetting));
                    } catch (PwmUnrecoverableException e) {
                        LOGGER.error("error checking configured permission settings:" + e.getMessage());
                    }
                }
            }
        }
    }
    return returnList;
}
Also used : PwmSetting(password.pwm.config.PwmSetting) Configuration(password.pwm.config.Configuration) ChaiConfiguration(com.novell.ldapchai.provider.ChaiConfiguration) ArrayList(java.util.ArrayList) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) UserPermission(password.pwm.config.value.data.UserPermission)

Example 4 with Configuration

use of password.pwm.config.Configuration in project pwm by pwm-project.

the class ContextManager method initialize.

public void initialize() {
    try {
        Locale.setDefault(PwmConstants.DEFAULT_LOCALE);
    } catch (Exception e) {
        outputError("unable to set default locale as Java machine default locale: " + e.getMessage());
    }
    Configuration configuration = null;
    PwmApplicationMode mode = PwmApplicationMode.ERROR;
    final ParameterReader parameterReader = new ParameterReader(servletContext);
    final File applicationPath;
    {
        final String applicationPathStr = parameterReader.readApplicationPath();
        if (applicationPathStr == null || applicationPathStr.isEmpty()) {
            startupErrorInformation = new ErrorInformation(PwmError.ERROR_ENVIRONMENT_ERROR, "application path is not specified");
            return;
        } else {
            applicationPath = new File(applicationPathStr);
        }
    }
    File configurationFile = null;
    try {
        configurationFile = locateConfigurationFile(applicationPath);
        configReader = new ConfigurationReader(configurationFile);
        configReader.getStoredConfiguration().lock();
        configuration = configReader.getConfiguration();
        mode = startupErrorInformation == null ? configReader.getConfigMode() : PwmApplicationMode.ERROR;
        if (startupErrorInformation == null) {
            startupErrorInformation = configReader.getConfigFileError();
        }
        if (PwmApplicationMode.ERROR == mode) {
            outputError("Startup Error: " + (startupErrorInformation == null ? "un-specified error" : startupErrorInformation.toDebugStr()));
        }
    } catch (Throwable e) {
        handleStartupError("unable to initialize application due to configuration related error: ", e);
    }
    LOGGER.debug("configuration file was loaded from " + (configurationFile == null ? "null" : configurationFile.getAbsoluteFile()));
    final Collection<PwmEnvironment.ApplicationFlag> applicationFlags = parameterReader.readApplicationFlags();
    final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = parameterReader.readApplicationParams();
    try {
        final PwmEnvironment pwmEnvironment = new PwmEnvironment.Builder(configuration, applicationPath).setApplicationMode(mode).setConfigurationFile(configurationFile).setContextManager(this).setFlags(applicationFlags).setParams(applicationParams).createPwmEnvironment();
        pwmApplication = new PwmApplication(pwmEnvironment);
    } catch (Exception e) {
        handleStartupError("unable to initialize application: ", e);
    }
    final String threadName = JavaHelper.makeThreadName(pwmApplication, this.getClass()) + " timer";
    taskMaster = new Timer(threadName, true);
    taskMaster.schedule(new RestartFlagWatcher(), 1031, 1031);
    boolean reloadOnChange = true;
    long fileScanFrequencyMs = 5000;
    {
        if (pwmApplication != null) {
            reloadOnChange = Boolean.parseBoolean(pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_RELOAD_ON_CHANGE));
            fileScanFrequencyMs = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_FILE_SCAN_FREQUENCY));
        }
        if (reloadOnChange) {
            taskMaster.schedule(new ConfigFileWatcher(), fileScanFrequencyMs, fileScanFrequencyMs);
        }
        checkConfigForSaveOnRestart(configReader, pwmApplication);
    }
}
Also used : PwmApplication(password.pwm.PwmApplication) Configuration(password.pwm.config.Configuration) PwmEnvironment(password.pwm.PwmEnvironment) PwmApplicationMode(password.pwm.PwmApplicationMode) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) Timer(java.util.Timer) File(java.io.File) ConfigurationReader(password.pwm.config.stored.ConfigurationReader)

Example 5 with Configuration

use of password.pwm.config.Configuration in project pwm by pwm-project.

the class IdleTimeoutCalculator method figureMaxSessionTimeout.

public static MaxIdleTimeoutResult figureMaxSessionTimeout(final PwmApplication pwmApplication, final PwmSession pwmSession) throws PwmUnrecoverableException {
    final Configuration configuration = pwmApplication.getConfig();
    final SortedSet<MaxIdleTimeoutResult> results = new TreeSet<>();
    {
        final long idleSetting = configuration.readSettingAsLong(PwmSetting.IDLE_TIMEOUT_SECONDS);
        results.add(new MaxIdleTimeoutResult(MaxIdleTimeoutResult.reasonFor(PwmSetting.IDLE_TIMEOUT_SECONDS, null), new TimeDuration(idleSetting, TimeUnit.SECONDS)));
    }
    if (!pwmSession.isAuthenticated()) {
        if (pwmApplication.getApplicationMode() == PwmApplicationMode.NEW) {
            final long configGuideIdleTimeout = Long.parseLong(configuration.readAppProperty(AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT));
            results.add(new MaxIdleTimeoutResult("Configuration Guide Idle Timeout", new TimeDuration(configGuideIdleTimeout, TimeUnit.SECONDS)));
        }
        if (configuration.readSettingAsBoolean(PwmSetting.PEOPLE_SEARCH_ENABLE_PUBLIC)) {
            final long peopleSearchIdleTimeout = configuration.readSettingAsLong(PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS);
            if (peopleSearchIdleTimeout > 0) {
                results.add(new MaxIdleTimeoutResult(MaxIdleTimeoutResult.reasonFor(PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS, null), new TimeDuration(peopleSearchIdleTimeout, TimeUnit.SECONDS)));
            }
        }
    } else {
        final UserInfo userInfo = pwmSession.getUserInfo();
        final boolean userIsAdmin = pwmSession.getSessionManager().checkPermission(pwmApplication, Permission.PWMADMIN);
        final Set<MaxIdleTimeoutResult> loggedInResults = figureMaxAuthUserTimeout(configuration, userInfo, userIsAdmin);
        results.addAll(loggedInResults);
    }
    return results.last();
}
Also used : Configuration(password.pwm.config.Configuration) TreeSet(java.util.TreeSet) TimeDuration(password.pwm.util.java.TimeDuration) UserInfo(password.pwm.ldap.UserInfo)

Aggregations

Configuration (password.pwm.config.Configuration)111 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)45 FormConfiguration (password.pwm.config.value.data.FormConfiguration)37 PwmApplication (password.pwm.PwmApplication)33 ErrorInformation (password.pwm.error.ErrorInformation)33 PwmOperationalException (password.pwm.error.PwmOperationalException)25 ActionConfiguration (password.pwm.config.value.data.ActionConfiguration)23 Locale (java.util.Locale)22 PwmSession (password.pwm.http.PwmSession)21 PwmException (password.pwm.error.PwmException)17 EmailItemBean (password.pwm.bean.EmailItemBean)16 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)16 UserInfo (password.pwm.ldap.UserInfo)15 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)14 IOException (java.io.IOException)14 ArrayList (java.util.ArrayList)13 MacroMachine (password.pwm.util.macro.MacroMachine)13 LinkedHashMap (java.util.LinkedHashMap)12 Instant (java.time.Instant)11 UserIdentity (password.pwm.bean.UserIdentity)10