Search in sources :

Example 1 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class IntruderManager method init.

@Override
@SuppressWarnings("checkstyle:MethodLength")
public void init(final PwmApplication pwmApplication) throws PwmException {
    this.pwmApplication = pwmApplication;
    final Configuration config = pwmApplication.getConfig();
    status = STATUS.OPENING;
    if (pwmApplication.getLocalDB() == null || pwmApplication.getLocalDB().status() != LocalDB.Status.OPEN) {
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "unable to start IntruderManager, LocalDB unavailable");
        LOGGER.error(errorInformation.toDebugStr());
        startupError = errorInformation;
        status = STATUS.CLOSED;
        return;
    }
    if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.INTRUDER_ENABLE)) {
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "intruder module not enabled");
        LOGGER.debug(errorInformation.toDebugStr());
        status = STATUS.CLOSED;
        return;
    }
    final DataStore dataStore;
    {
        final IntruderStorageMethod intruderStorageMethod = pwmApplication.getConfig().readSettingAsEnum(PwmSetting.INTRUDER_STORAGE_METHOD, IntruderStorageMethod.class);
        final String debugMsg;
        final DataStorageMethod storageMethodUsed;
        switch(intruderStorageMethod) {
            case AUTO:
                dataStore = DataStoreFactory.autoDbOrLocalDBstore(pwmApplication, DatabaseTable.INTRUDER, LocalDB.DB.INTRUDER);
                if (dataStore instanceof DatabaseDataStore) {
                    debugMsg = "starting using auto-configured data store, Remote Database selected";
                    storageMethodUsed = DataStorageMethod.DB;
                } else {
                    debugMsg = "starting using auto-configured data store, LocalDB selected";
                    storageMethodUsed = DataStorageMethod.LOCALDB;
                }
                break;
            case DATABASE:
                dataStore = new DatabaseDataStore(pwmApplication.getDatabaseService(), DatabaseTable.INTRUDER);
                debugMsg = "starting using Remote Database data store";
                storageMethodUsed = DataStorageMethod.DB;
                break;
            case LOCALDB:
                dataStore = new LocalDBDataStore(pwmApplication.getLocalDB(), LocalDB.DB.INTRUDER);
                debugMsg = "starting using LocalDB data store";
                storageMethodUsed = DataStorageMethod.LOCALDB;
                break;
            default:
                startupError = new ErrorInformation(PwmError.ERROR_UNKNOWN, "unknown storageMethod selected: " + intruderStorageMethod);
                status = STATUS.CLOSED;
                return;
        }
        LOGGER.info(debugMsg);
        serviceInfo = new ServiceInfoBean(Collections.singletonList(storageMethodUsed));
    }
    final RecordStore recordStore;
    {
        recordStore = new DataStoreRecordStore(dataStore, this);
        final String threadName = JavaHelper.makeThreadName(pwmApplication, this.getClass()) + " timer";
        timer = new Timer(threadName, true);
        final long maxRecordAge = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.INTRUDER_RETENTION_TIME_MS));
        final long cleanerRunFrequency = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.INTRUDER_CLEANUP_FREQUENCY_MS));
        timer.schedule(new TimerTask() {

            @Override
            public void run() {
                try {
                    recordStore.cleanup(new TimeDuration(maxRecordAge));
                } catch (Exception e) {
                    LOGGER.error("error cleaning recordStore: " + e.getMessage(), e);
                }
            }
        }, 1000, cleanerRunFrequency);
    }
    try {
        {
            final IntruderSettings settings = new IntruderSettings();
            settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_USER_MAX_ATTEMPTS));
            settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_USER_RESET_TIME)));
            settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_USER_CHECK_TIME)));
            if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
                LOGGER.info("intruder user checking will remain disabled due to configuration settings");
            } else {
                recordManagers.put(RecordType.USERNAME, new RecordManagerImpl(RecordType.USERNAME, recordStore, settings));
                recordManagers.put(RecordType.USER_ID, new RecordManagerImpl(RecordType.USER_ID, recordStore, settings));
            }
        }
        {
            final IntruderSettings settings = new IntruderSettings();
            settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_MAX_ATTEMPTS));
            settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_RESET_TIME)));
            settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_CHECK_TIME)));
            if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
                LOGGER.info("intruder user checking will remain disabled due to configuration settings");
            } else {
                recordManagers.put(RecordType.ATTRIBUTE, new RecordManagerImpl(RecordType.ATTRIBUTE, recordStore, settings));
            }
        }
        {
            final IntruderSettings settings = new IntruderSettings();
            settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_MAX_ATTEMPTS));
            settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_RESET_TIME)));
            settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_CHECK_TIME)));
            if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
                LOGGER.info("intruder user checking will remain disabled due to configuration settings");
            } else {
                recordManagers.put(RecordType.TOKEN_DEST, new RecordManagerImpl(RecordType.TOKEN_DEST, recordStore, settings));
            }
        }
        {
            final IntruderSettings settings = new IntruderSettings();
            settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_MAX_ATTEMPTS));
            settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_RESET_TIME)));
            settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_CHECK_TIME)));
            if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
                LOGGER.info("intruder address checking will remain disabled due to configuration settings");
            } else {
                recordManagers.put(RecordType.ADDRESS, new RecordManagerImpl(RecordType.ADDRESS, recordStore, settings));
            }
        }
        status = STATUS.OPEN;
    } catch (Exception e) {
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "unexpected error starting intruder manager: " + e.getMessage());
        LOGGER.error(errorInformation.toDebugStr());
        startupError = errorInformation;
        close();
    }
}
Also used : FormConfiguration(password.pwm.config.value.data.FormConfiguration) Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) LocalDBDataStore(password.pwm.util.localdb.LocalDBDataStore) DatabaseDataStore(password.pwm.util.db.DatabaseDataStore) Timer(java.util.Timer) TimerTask(java.util.TimerTask) DataStore(password.pwm.util.DataStore) LocalDBDataStore(password.pwm.util.localdb.LocalDBDataStore) DatabaseDataStore(password.pwm.util.db.DatabaseDataStore) IntruderStorageMethod(password.pwm.config.option.IntruderStorageMethod) TimeDuration(password.pwm.util.java.TimeDuration)

Example 2 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class CrService method readUserResponseInfo.

public ResponseInfoBean readUserResponseInfo(final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser) throws ChaiUnavailableException, PwmUnrecoverableException {
    final Configuration config = pwmApplication.getConfig();
    LOGGER.trace(sessionLabel, "beginning read of user response sequence");
    final List<DataStorageMethod> readPreferences = config.helper().getCrReadPreference();
    final String debugMsg = "will attempt to read the following storage methods: " + JsonUtil.serializeCollection(readPreferences) + " for response info for user " + theUser.getEntryDN();
    LOGGER.debug(sessionLabel, debugMsg);
    final String userGUID;
    if (readPreferences.contains(DataStorageMethod.DB) || readPreferences.contains(DataStorageMethod.LOCALDB)) {
        userGUID = LdapOperationsHelper.readLdapGuidValue(pwmApplication, sessionLabel, userIdentity, false);
    } else {
        userGUID = null;
    }
    for (final DataStorageMethod storageMethod : readPreferences) {
        final ResponseInfoBean readResponses;
        LOGGER.trace(sessionLabel, "attempting read of response info via storage method: " + storageMethod);
        readResponses = operatorMap.get(storageMethod).readResponseInfo(theUser, userIdentity, userGUID);
        if (readResponses != null) {
            LOGGER.debug(sessionLabel, "returning response info read via method " + storageMethod + " for user " + theUser.getEntryDN());
            return readResponses;
        } else {
            LOGGER.trace(sessionLabel, "no responses info read using method " + storageMethod);
        }
    }
    LOGGER.debug(sessionLabel, "no response info found for user " + theUser.getEntryDN());
    return null;
}
Also used : Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) ResponseInfoBean(password.pwm.bean.ResponseInfoBean)

Example 3 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class CrService method readUserResponseSet.

public ResponseSet readUserResponseSet(final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser) throws ChaiUnavailableException, PwmUnrecoverableException {
    final Configuration config = pwmApplication.getConfig();
    LOGGER.trace(sessionLabel, "beginning read of user response sequence");
    final List<DataStorageMethod> readPreferences = config.helper().getCrReadPreference();
    final String debugMsg = "will attempt to read the following storage methods: " + JsonUtil.serializeCollection(readPreferences) + " for user " + theUser.getEntryDN();
    LOGGER.debug(sessionLabel, debugMsg);
    final String userGUID;
    if (readPreferences.contains(DataStorageMethod.DB) || readPreferences.contains(DataStorageMethod.LOCALDB)) {
        userGUID = LdapOperationsHelper.readLdapGuidValue(pwmApplication, sessionLabel, userIdentity, false);
    } else {
        userGUID = null;
    }
    for (final DataStorageMethod storageMethod : readPreferences) {
        final ResponseSet readResponses;
        LOGGER.trace(sessionLabel, "attempting read of responses via storage method: " + storageMethod);
        readResponses = operatorMap.get(storageMethod).readResponseSet(theUser, userIdentity, userGUID);
        if (readResponses != null) {
            LOGGER.debug(sessionLabel, "returning responses read via method " + storageMethod + " for user " + theUser.getEntryDN());
            return readResponses;
        } else {
            LOGGER.trace(sessionLabel, "no responses read using method " + storageMethod);
        }
    }
    LOGGER.debug(sessionLabel, "no responses found for user " + theUser.getEntryDN());
    return null;
}
Also used : Configuration(password.pwm.config.Configuration) ResponseSet(com.novell.ldapchai.cr.ResponseSet) DataStorageMethod(password.pwm.config.option.DataStorageMethod)

Example 4 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class CrService method writeResponses.

public void writeResponses(final UserIdentity userIdentity, final ChaiUser theUser, final String userGUID, final ResponseInfoBean responseInfoBean) throws PwmOperationalException, ChaiUnavailableException, ChaiValidationException {
    int attempts = 0;
    int successes = 0;
    final Map<DataStorageMethod, String> errorMessages = new LinkedHashMap<>();
    final Configuration config = pwmApplication.getConfig();
    final List<DataStorageMethod> writeMethods = config.helper().getCrWritePreference();
    for (final DataStorageMethod loopWriteMethod : writeMethods) {
        try {
            attempts++;
            operatorMap.get(loopWriteMethod).writeResponses(userIdentity, theUser, userGUID, responseInfoBean);
            LOGGER.debug("saved responses using storage method " + loopWriteMethod + " for user " + theUser.getEntryDN());
            errorMessages.put(loopWriteMethod, "Success");
            successes++;
        } catch (PwmUnrecoverableException e) {
            final String errorMsg = "error saving responses via " + loopWriteMethod + ", error: " + e.getMessage();
            errorMessages.put(loopWriteMethod, errorMsg);
            LOGGER.error(errorMsg);
        }
    }
    if (attempts == 0) {
        final String errorMsg = "no response save methods are available or configured";
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_RESPONSES, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
    if (attempts != successes) {
        final String errorMsg = "response storage only partially successful; attempts=" + attempts + ", successes=" + successes + ", detail=" + JsonUtil.serializeMap(errorMessages);
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_RESPONSES, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) LinkedHashMap(java.util.LinkedHashMap) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 5 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class TokenService method init.

public void init(final PwmApplication pwmApplication) throws PwmException {
    LOGGER.trace("opening");
    status = STATUS.OPENING;
    this.pwmApplication = pwmApplication;
    this.configuration = pwmApplication.getConfig();
    storageMethod = configuration.getTokenStorageMethod();
    if (storageMethod == null) {
        final String errorMsg = "no storage method specified";
        errorInformation = new ErrorInformation(PwmError.ERROR_INVALID_CONFIG, errorMsg);
        status = STATUS.CLOSED;
        throw new PwmOperationalException(errorInformation);
    }
    try {
        DataStorageMethod usedStorageMethod = null;
        switch(storageMethod) {
            case STORE_LOCALDB:
                {
                    final DataStore dataStore = new LocalDBDataStore(pwmApplication.getLocalDB(), LocalDB.DB.TOKENS);
                    tokenMachine = new DataStoreTokenMachine(pwmApplication, this, dataStore);
                    usedStorageMethod = DataStorageMethod.LOCALDB;
                    break;
                }
            case STORE_DB:
                {
                    final DataStore dataStore = new DatabaseDataStore(pwmApplication.getDatabaseService(), DatabaseTable.TOKENS);
                    tokenMachine = new DataStoreTokenMachine(pwmApplication, this, dataStore);
                    usedStorageMethod = DataStorageMethod.DB;
                    break;
                }
            case STORE_CRYPTO:
                tokenMachine = new CryptoTokenMachine(this);
                usedStorageMethod = DataStorageMethod.CRYPTO;
                break;
            case STORE_LDAP:
                tokenMachine = new LdapTokenMachine(this, pwmApplication);
                usedStorageMethod = DataStorageMethod.LDAP;
                break;
            default:
                JavaHelper.unhandledSwitchStatement(storageMethod);
        }
        serviceInfo = new ServiceInfoBean(Collections.singletonList(usedStorageMethod));
    } catch (PwmException e) {
        final String errorMsg = "unable to start token manager: " + e.getErrorInformation().getDetailedErrorMsg();
        final ErrorInformation newErrorInformation = new ErrorInformation(e.getError(), errorMsg);
        errorInformation = newErrorInformation;
        LOGGER.error(newErrorInformation.toDebugStr());
        status = STATUS.CLOSED;
        return;
    }
    executorService = Executors.newSingleThreadScheduledExecutor(JavaHelper.makePwmThreadFactory(JavaHelper.makeThreadName(pwmApplication, this.getClass()) + "-", true));
    final TimerTask cleanerTask = new CleanerTask();
    {
        final int cleanerFrequencySeconds = Integer.parseInt(configuration.readAppProperty(AppProperty.TOKEN_CLEANER_INTERVAL_SECONDS));
        final TimeDuration cleanerFrequency = new TimeDuration(cleanerFrequencySeconds, TimeUnit.SECONDS);
        executorService.scheduleAtFixedRate(cleanerTask, 10, cleanerFrequencySeconds, TimeUnit.SECONDS);
        LOGGER.trace("token cleanup will occur every " + cleanerFrequency.asCompactString());
    }
    verifyPwModifyTime = Boolean.parseBoolean(configuration.readAppProperty(AppProperty.TOKEN_VERIFY_PW_MODIFY_TIME));
    status = STATUS.OPEN;
    LOGGER.debug("open");
}
Also used : DataStorageMethod(password.pwm.config.option.DataStorageMethod) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) LocalDBDataStore(password.pwm.util.localdb.LocalDBDataStore) DatabaseDataStore(password.pwm.util.db.DatabaseDataStore) TimerTask(java.util.TimerTask) DataStore(password.pwm.util.DataStore) LocalDBDataStore(password.pwm.util.localdb.LocalDBDataStore) DatabaseDataStore(password.pwm.util.db.DatabaseDataStore) TimeDuration(password.pwm.util.java.TimeDuration)

Aggregations

DataStorageMethod (password.pwm.config.option.DataStorageMethod)13 Configuration (password.pwm.config.Configuration)8 ErrorInformation (password.pwm.error.ErrorInformation)7 PwmOperationalException (password.pwm.error.PwmOperationalException)7 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)7 PwmException (password.pwm.error.PwmException)4 TreeMap (java.util.TreeMap)3 TimeDuration (password.pwm.util.java.TimeDuration)3 DbOtpOperator (password.pwm.util.operations.otp.DbOtpOperator)3 LdapOtpOperator (password.pwm.util.operations.otp.LdapOtpOperator)3 LocalDbOtpOperator (password.pwm.util.operations.otp.LocalDbOtpOperator)3 OtpOperator (password.pwm.util.operations.otp.OtpOperator)3 Answer (com.novell.ldapchai.cr.Answer)2 IOException (java.io.IOException)2 BigInteger (java.math.BigInteger)2 Map (java.util.Map)2 TimerTask (java.util.TimerTask)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)2 DataStore (password.pwm.util.DataStore)2