use of password.pwm.config.Configuration in project pwm by pwm-project.
the class AuditService method outputVaultToCsv.
public int outputVaultToCsv(final OutputStream outputStream, final Locale locale, final boolean includeHeader) throws IOException {
final Configuration config = null;
final CSVPrinter csvPrinter = JavaHelper.makeCsvPrinter(outputStream);
csvPrinter.printComment(" " + PwmConstants.PWM_APP_NAME + " audit record output ");
csvPrinter.printComment(" " + JavaHelper.toIsoDate(Instant.now()));
if (includeHeader) {
final List<String> headers = new ArrayList<>();
headers.add("Type");
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_EventCode", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_Timestamp", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_GUID", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_Message", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_Instance", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_PerpetratorID", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_PerpetratorDN", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_TargetID", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_TargetDN", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_SourceAddress", config, password.pwm.i18n.Admin.class));
headers.add(LocaleHelper.getLocalizedMessage(locale, "Field_Audit_SourceHost", config, password.pwm.i18n.Admin.class));
csvPrinter.printRecord(headers);
}
int counter = 0;
for (final Iterator<AuditRecord> recordIterator = readVault(); recordIterator.hasNext(); ) {
final AuditRecord loopRecord = recordIterator.next();
counter++;
final List<String> lineOutput = new ArrayList<>();
lineOutput.add(loopRecord.getEventCode().getType().toString());
lineOutput.add(loopRecord.getEventCode().toString());
lineOutput.add(JavaHelper.toIsoDate(loopRecord.getTimestamp()));
lineOutput.add(loopRecord.getGuid());
lineOutput.add(loopRecord.getMessage() == null ? "" : loopRecord.getMessage());
if (loopRecord instanceof SystemAuditRecord) {
lineOutput.add(((SystemAuditRecord) loopRecord).getInstance());
}
if (loopRecord instanceof UserAuditRecord) {
lineOutput.add(((UserAuditRecord) loopRecord).getPerpetratorID());
lineOutput.add(((UserAuditRecord) loopRecord).getPerpetratorDN());
lineOutput.add("");
lineOutput.add("");
lineOutput.add(((UserAuditRecord) loopRecord).getSourceAddress());
lineOutput.add(((UserAuditRecord) loopRecord).getSourceHost());
}
if (loopRecord instanceof HelpdeskAuditRecord) {
lineOutput.add(((HelpdeskAuditRecord) loopRecord).getPerpetratorID());
lineOutput.add(((HelpdeskAuditRecord) loopRecord).getPerpetratorDN());
lineOutput.add(((HelpdeskAuditRecord) loopRecord).getTargetID());
lineOutput.add(((HelpdeskAuditRecord) loopRecord).getTargetDN());
lineOutput.add(((HelpdeskAuditRecord) loopRecord).getSourceAddress());
lineOutput.add(((HelpdeskAuditRecord) loopRecord).getSourceHost());
}
csvPrinter.printRecord(lineOutput);
}
csvPrinter.flush();
return counter;
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class IntruderManager method init.
@Override
@SuppressWarnings("checkstyle:MethodLength")
public void init(final PwmApplication pwmApplication) throws PwmException {
this.pwmApplication = pwmApplication;
final Configuration config = pwmApplication.getConfig();
status = STATUS.OPENING;
if (pwmApplication.getLocalDB() == null || pwmApplication.getLocalDB().status() != LocalDB.Status.OPEN) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "unable to start IntruderManager, LocalDB unavailable");
LOGGER.error(errorInformation.toDebugStr());
startupError = errorInformation;
status = STATUS.CLOSED;
return;
}
if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.INTRUDER_ENABLE)) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "intruder module not enabled");
LOGGER.debug(errorInformation.toDebugStr());
status = STATUS.CLOSED;
return;
}
final DataStore dataStore;
{
final IntruderStorageMethod intruderStorageMethod = pwmApplication.getConfig().readSettingAsEnum(PwmSetting.INTRUDER_STORAGE_METHOD, IntruderStorageMethod.class);
final String debugMsg;
final DataStorageMethod storageMethodUsed;
switch(intruderStorageMethod) {
case AUTO:
dataStore = DataStoreFactory.autoDbOrLocalDBstore(pwmApplication, DatabaseTable.INTRUDER, LocalDB.DB.INTRUDER);
if (dataStore instanceof DatabaseDataStore) {
debugMsg = "starting using auto-configured data store, Remote Database selected";
storageMethodUsed = DataStorageMethod.DB;
} else {
debugMsg = "starting using auto-configured data store, LocalDB selected";
storageMethodUsed = DataStorageMethod.LOCALDB;
}
break;
case DATABASE:
dataStore = new DatabaseDataStore(pwmApplication.getDatabaseService(), DatabaseTable.INTRUDER);
debugMsg = "starting using Remote Database data store";
storageMethodUsed = DataStorageMethod.DB;
break;
case LOCALDB:
dataStore = new LocalDBDataStore(pwmApplication.getLocalDB(), LocalDB.DB.INTRUDER);
debugMsg = "starting using LocalDB data store";
storageMethodUsed = DataStorageMethod.LOCALDB;
break;
default:
startupError = new ErrorInformation(PwmError.ERROR_UNKNOWN, "unknown storageMethod selected: " + intruderStorageMethod);
status = STATUS.CLOSED;
return;
}
LOGGER.info(debugMsg);
serviceInfo = new ServiceInfoBean(Collections.singletonList(storageMethodUsed));
}
final RecordStore recordStore;
{
recordStore = new DataStoreRecordStore(dataStore, this);
final String threadName = JavaHelper.makeThreadName(pwmApplication, this.getClass()) + " timer";
timer = new Timer(threadName, true);
final long maxRecordAge = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.INTRUDER_RETENTION_TIME_MS));
final long cleanerRunFrequency = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.INTRUDER_CLEANUP_FREQUENCY_MS));
timer.schedule(new TimerTask() {
@Override
public void run() {
try {
recordStore.cleanup(new TimeDuration(maxRecordAge));
} catch (Exception e) {
LOGGER.error("error cleaning recordStore: " + e.getMessage(), e);
}
}
}, 1000, cleanerRunFrequency);
}
try {
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_USER_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_USER_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_USER_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder user checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.USERNAME, new RecordManagerImpl(RecordType.USERNAME, recordStore, settings));
recordManagers.put(RecordType.USER_ID, new RecordManagerImpl(RecordType.USER_ID, recordStore, settings));
}
}
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder user checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.ATTRIBUTE, new RecordManagerImpl(RecordType.ATTRIBUTE, recordStore, settings));
}
}
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder user checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.TOKEN_DEST, new RecordManagerImpl(RecordType.TOKEN_DEST, recordStore, settings));
}
}
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder address checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.ADDRESS, new RecordManagerImpl(RecordType.ADDRESS, recordStore, settings));
}
}
status = STATUS.OPEN;
} catch (Exception e) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "unexpected error starting intruder manager: " + e.getMessage());
LOGGER.error(errorInformation.toDebugStr());
startupError = errorInformation;
close();
}
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class LdapBrowser method doBrowseImpl.
private LdapBrowseResult doBrowseImpl(final String profileID, final String dn) throws PwmUnrecoverableException, ChaiUnavailableException, ChaiOperationException {
final LdapBrowseResult result = new LdapBrowseResult();
{
final Map<String, Boolean> childDNs = new TreeMap<>();
childDNs.putAll(getChildEntries(profileID, dn));
for (final Map.Entry<String, Boolean> entry : childDNs.entrySet()) {
final String childDN = entry.getKey();
final DNInformation dnInformation = new DNInformation();
dnInformation.setDn(childDN);
dnInformation.setEntryName(entryNameFromDN(childDN));
if (entry.getValue()) {
result.getNavigableDNlist().add(dnInformation);
} else {
result.getSelectableDNlist().add(dnInformation);
}
}
result.setMaxResults(childDNs.size() >= getMaxSizeLimit());
}
result.setDn(dn);
result.setProfileID(profileID);
final Configuration configuration = new Configuration(storedConfiguration);
if (configuration.getLdapProfiles().size() > 1) {
result.getProfileList().addAll(configuration.getLdapProfiles().keySet());
}
if (adRootDNList(profileID).contains(dn)) {
result.setParentDN("");
} else if (dn != null && !dn.isEmpty()) {
final ChaiEntry dnEntry = getChaiProvider(profileID).getEntryFactory().newChaiEntry(dn);
final ChaiEntry parentEntry = dnEntry.getParentEntry();
if (parentEntry == null) {
result.setParentDN("");
} else {
result.setParentDN(parentEntry.getEntryDN());
}
}
return result;
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class LdapBrowser method getChaiProvider.
private ChaiProvider getChaiProvider(final String profile) throws PwmUnrecoverableException {
if (!providerCache.containsKey(profile)) {
final Configuration configuration = new Configuration(storedConfiguration);
final LdapProfile ldapProfile = LdapProfile.makeFromStoredConfiguration(storedConfiguration, profile);
final ChaiProvider chaiProvider = LdapOperationsHelper.openProxyChaiProvider(chaiProviderFactory, null, ldapProfile, configuration, null);
providerCache.put(profile, chaiProvider);
}
return providerCache.get(profile);
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class CrService method readUserResponseInfo.
public ResponseInfoBean readUserResponseInfo(final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser) throws ChaiUnavailableException, PwmUnrecoverableException {
final Configuration config = pwmApplication.getConfig();
LOGGER.trace(sessionLabel, "beginning read of user response sequence");
final List<DataStorageMethod> readPreferences = config.helper().getCrReadPreference();
final String debugMsg = "will attempt to read the following storage methods: " + JsonUtil.serializeCollection(readPreferences) + " for response info for user " + theUser.getEntryDN();
LOGGER.debug(sessionLabel, debugMsg);
final String userGUID;
if (readPreferences.contains(DataStorageMethod.DB) || readPreferences.contains(DataStorageMethod.LOCALDB)) {
userGUID = LdapOperationsHelper.readLdapGuidValue(pwmApplication, sessionLabel, userIdentity, false);
} else {
userGUID = null;
}
for (final DataStorageMethod storageMethod : readPreferences) {
final ResponseInfoBean readResponses;
LOGGER.trace(sessionLabel, "attempting read of response info via storage method: " + storageMethod);
readResponses = operatorMap.get(storageMethod).readResponseInfo(theUser, userIdentity, userGUID);
if (readResponses != null) {
LOGGER.debug(sessionLabel, "returning response info read via method " + storageMethod + " for user " + theUser.getEntryDN());
return readResponses;
} else {
LOGGER.trace(sessionLabel, "no responses info read using method " + storageMethod);
}
}
LOGGER.debug(sessionLabel, "no response info found for user " + theUser.getEntryDN());
return null;
}
Aggregations