use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.
the class IntruderManager method init.
@Override
@SuppressWarnings("checkstyle:MethodLength")
public void init(final PwmApplication pwmApplication) throws PwmException {
this.pwmApplication = pwmApplication;
final Configuration config = pwmApplication.getConfig();
status = STATUS.OPENING;
if (pwmApplication.getLocalDB() == null || pwmApplication.getLocalDB().status() != LocalDB.Status.OPEN) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "unable to start IntruderManager, LocalDB unavailable");
LOGGER.error(errorInformation.toDebugStr());
startupError = errorInformation;
status = STATUS.CLOSED;
return;
}
if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.INTRUDER_ENABLE)) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "intruder module not enabled");
LOGGER.debug(errorInformation.toDebugStr());
status = STATUS.CLOSED;
return;
}
final DataStore dataStore;
{
final IntruderStorageMethod intruderStorageMethod = pwmApplication.getConfig().readSettingAsEnum(PwmSetting.INTRUDER_STORAGE_METHOD, IntruderStorageMethod.class);
final String debugMsg;
final DataStorageMethod storageMethodUsed;
switch(intruderStorageMethod) {
case AUTO:
dataStore = DataStoreFactory.autoDbOrLocalDBstore(pwmApplication, DatabaseTable.INTRUDER, LocalDB.DB.INTRUDER);
if (dataStore instanceof DatabaseDataStore) {
debugMsg = "starting using auto-configured data store, Remote Database selected";
storageMethodUsed = DataStorageMethod.DB;
} else {
debugMsg = "starting using auto-configured data store, LocalDB selected";
storageMethodUsed = DataStorageMethod.LOCALDB;
}
break;
case DATABASE:
dataStore = new DatabaseDataStore(pwmApplication.getDatabaseService(), DatabaseTable.INTRUDER);
debugMsg = "starting using Remote Database data store";
storageMethodUsed = DataStorageMethod.DB;
break;
case LOCALDB:
dataStore = new LocalDBDataStore(pwmApplication.getLocalDB(), LocalDB.DB.INTRUDER);
debugMsg = "starting using LocalDB data store";
storageMethodUsed = DataStorageMethod.LOCALDB;
break;
default:
startupError = new ErrorInformation(PwmError.ERROR_UNKNOWN, "unknown storageMethod selected: " + intruderStorageMethod);
status = STATUS.CLOSED;
return;
}
LOGGER.info(debugMsg);
serviceInfo = new ServiceInfoBean(Collections.singletonList(storageMethodUsed));
}
final RecordStore recordStore;
{
recordStore = new DataStoreRecordStore(dataStore, this);
final String threadName = JavaHelper.makeThreadName(pwmApplication, this.getClass()) + " timer";
timer = new Timer(threadName, true);
final long maxRecordAge = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.INTRUDER_RETENTION_TIME_MS));
final long cleanerRunFrequency = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.INTRUDER_CLEANUP_FREQUENCY_MS));
timer.schedule(new TimerTask() {
@Override
public void run() {
try {
recordStore.cleanup(new TimeDuration(maxRecordAge));
} catch (Exception e) {
LOGGER.error("error cleaning recordStore: " + e.getMessage(), e);
}
}
}, 1000, cleanerRunFrequency);
}
try {
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_USER_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_USER_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_USER_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder user checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.USERNAME, new RecordManagerImpl(RecordType.USERNAME, recordStore, settings));
recordManagers.put(RecordType.USER_ID, new RecordManagerImpl(RecordType.USER_ID, recordStore, settings));
}
}
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ATTRIBUTE_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder user checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.ATTRIBUTE, new RecordManagerImpl(RecordType.ATTRIBUTE, recordStore, settings));
}
}
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_TOKEN_DEST_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder user checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.TOKEN_DEST, new RecordManagerImpl(RecordType.TOKEN_DEST, recordStore, settings));
}
}
{
final IntruderSettings settings = new IntruderSettings();
settings.setCheckCount((int) config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_MAX_ATTEMPTS));
settings.setResetDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_RESET_TIME)));
settings.setCheckDuration(new TimeDuration(1000 * config.readSettingAsLong(PwmSetting.INTRUDER_ADDRESS_CHECK_TIME)));
if (settings.getCheckCount() == 0 || settings.getCheckDuration().getTotalMilliseconds() == 0 || settings.getResetDuration().getTotalMilliseconds() == 0) {
LOGGER.info("intruder address checking will remain disabled due to configuration settings");
} else {
recordManagers.put(RecordType.ADDRESS, new RecordManagerImpl(RecordType.ADDRESS, recordStore, settings));
}
}
status = STATUS.OPEN;
} catch (Exception e) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "unexpected error starting intruder manager: " + e.getMessage());
LOGGER.error(errorInformation.toDebugStr());
startupError = errorInformation;
close();
}
}
use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.
the class CrService method readUserResponseInfo.
public ResponseInfoBean readUserResponseInfo(final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser) throws ChaiUnavailableException, PwmUnrecoverableException {
final Configuration config = pwmApplication.getConfig();
LOGGER.trace(sessionLabel, "beginning read of user response sequence");
final List<DataStorageMethod> readPreferences = config.helper().getCrReadPreference();
final String debugMsg = "will attempt to read the following storage methods: " + JsonUtil.serializeCollection(readPreferences) + " for response info for user " + theUser.getEntryDN();
LOGGER.debug(sessionLabel, debugMsg);
final String userGUID;
if (readPreferences.contains(DataStorageMethod.DB) || readPreferences.contains(DataStorageMethod.LOCALDB)) {
userGUID = LdapOperationsHelper.readLdapGuidValue(pwmApplication, sessionLabel, userIdentity, false);
} else {
userGUID = null;
}
for (final DataStorageMethod storageMethod : readPreferences) {
final ResponseInfoBean readResponses;
LOGGER.trace(sessionLabel, "attempting read of response info via storage method: " + storageMethod);
readResponses = operatorMap.get(storageMethod).readResponseInfo(theUser, userIdentity, userGUID);
if (readResponses != null) {
LOGGER.debug(sessionLabel, "returning response info read via method " + storageMethod + " for user " + theUser.getEntryDN());
return readResponses;
} else {
LOGGER.trace(sessionLabel, "no responses info read using method " + storageMethod);
}
}
LOGGER.debug(sessionLabel, "no response info found for user " + theUser.getEntryDN());
return null;
}
use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.
the class CrService method readUserResponseSet.
public ResponseSet readUserResponseSet(final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser) throws ChaiUnavailableException, PwmUnrecoverableException {
final Configuration config = pwmApplication.getConfig();
LOGGER.trace(sessionLabel, "beginning read of user response sequence");
final List<DataStorageMethod> readPreferences = config.helper().getCrReadPreference();
final String debugMsg = "will attempt to read the following storage methods: " + JsonUtil.serializeCollection(readPreferences) + " for user " + theUser.getEntryDN();
LOGGER.debug(sessionLabel, debugMsg);
final String userGUID;
if (readPreferences.contains(DataStorageMethod.DB) || readPreferences.contains(DataStorageMethod.LOCALDB)) {
userGUID = LdapOperationsHelper.readLdapGuidValue(pwmApplication, sessionLabel, userIdentity, false);
} else {
userGUID = null;
}
for (final DataStorageMethod storageMethod : readPreferences) {
final ResponseSet readResponses;
LOGGER.trace(sessionLabel, "attempting read of responses via storage method: " + storageMethod);
readResponses = operatorMap.get(storageMethod).readResponseSet(theUser, userIdentity, userGUID);
if (readResponses != null) {
LOGGER.debug(sessionLabel, "returning responses read via method " + storageMethod + " for user " + theUser.getEntryDN());
return readResponses;
} else {
LOGGER.trace(sessionLabel, "no responses read using method " + storageMethod);
}
}
LOGGER.debug(sessionLabel, "no responses found for user " + theUser.getEntryDN());
return null;
}
use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.
the class CrService method writeResponses.
public void writeResponses(final UserIdentity userIdentity, final ChaiUser theUser, final String userGUID, final ResponseInfoBean responseInfoBean) throws PwmOperationalException, ChaiUnavailableException, ChaiValidationException {
int attempts = 0;
int successes = 0;
final Map<DataStorageMethod, String> errorMessages = new LinkedHashMap<>();
final Configuration config = pwmApplication.getConfig();
final List<DataStorageMethod> writeMethods = config.helper().getCrWritePreference();
for (final DataStorageMethod loopWriteMethod : writeMethods) {
try {
attempts++;
operatorMap.get(loopWriteMethod).writeResponses(userIdentity, theUser, userGUID, responseInfoBean);
LOGGER.debug("saved responses using storage method " + loopWriteMethod + " for user " + theUser.getEntryDN());
errorMessages.put(loopWriteMethod, "Success");
successes++;
} catch (PwmUnrecoverableException e) {
final String errorMsg = "error saving responses via " + loopWriteMethod + ", error: " + e.getMessage();
errorMessages.put(loopWriteMethod, errorMsg);
LOGGER.error(errorMsg);
}
}
if (attempts == 0) {
final String errorMsg = "no response save methods are available or configured";
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_RESPONSES, errorMsg);
throw new PwmOperationalException(errorInfo);
}
if (attempts != successes) {
final String errorMsg = "response storage only partially successful; attempts=" + attempts + ", successes=" + successes + ", detail=" + JsonUtil.serializeMap(errorMessages);
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_RESPONSES, errorMsg);
throw new PwmOperationalException(errorInfo);
}
}
use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.
the class TokenService method init.
public void init(final PwmApplication pwmApplication) throws PwmException {
LOGGER.trace("opening");
status = STATUS.OPENING;
this.pwmApplication = pwmApplication;
this.configuration = pwmApplication.getConfig();
storageMethod = configuration.getTokenStorageMethod();
if (storageMethod == null) {
final String errorMsg = "no storage method specified";
errorInformation = new ErrorInformation(PwmError.ERROR_INVALID_CONFIG, errorMsg);
status = STATUS.CLOSED;
throw new PwmOperationalException(errorInformation);
}
try {
DataStorageMethod usedStorageMethod = null;
switch(storageMethod) {
case STORE_LOCALDB:
{
final DataStore dataStore = new LocalDBDataStore(pwmApplication.getLocalDB(), LocalDB.DB.TOKENS);
tokenMachine = new DataStoreTokenMachine(pwmApplication, this, dataStore);
usedStorageMethod = DataStorageMethod.LOCALDB;
break;
}
case STORE_DB:
{
final DataStore dataStore = new DatabaseDataStore(pwmApplication.getDatabaseService(), DatabaseTable.TOKENS);
tokenMachine = new DataStoreTokenMachine(pwmApplication, this, dataStore);
usedStorageMethod = DataStorageMethod.DB;
break;
}
case STORE_CRYPTO:
tokenMachine = new CryptoTokenMachine(this);
usedStorageMethod = DataStorageMethod.CRYPTO;
break;
case STORE_LDAP:
tokenMachine = new LdapTokenMachine(this, pwmApplication);
usedStorageMethod = DataStorageMethod.LDAP;
break;
default:
JavaHelper.unhandledSwitchStatement(storageMethod);
}
serviceInfo = new ServiceInfoBean(Collections.singletonList(usedStorageMethod));
} catch (PwmException e) {
final String errorMsg = "unable to start token manager: " + e.getErrorInformation().getDetailedErrorMsg();
final ErrorInformation newErrorInformation = new ErrorInformation(e.getError(), errorMsg);
errorInformation = newErrorInformation;
LOGGER.error(newErrorInformation.toDebugStr());
status = STATUS.CLOSED;
return;
}
executorService = Executors.newSingleThreadScheduledExecutor(JavaHelper.makePwmThreadFactory(JavaHelper.makeThreadName(pwmApplication, this.getClass()) + "-", true));
final TimerTask cleanerTask = new CleanerTask();
{
final int cleanerFrequencySeconds = Integer.parseInt(configuration.readAppProperty(AppProperty.TOKEN_CLEANER_INTERVAL_SECONDS));
final TimeDuration cleanerFrequency = new TimeDuration(cleanerFrequencySeconds, TimeUnit.SECONDS);
executorService.scheduleAtFixedRate(cleanerTask, 10, cleanerFrequencySeconds, TimeUnit.SECONDS);
LOGGER.trace("token cleanup will occur every " + cleanerFrequency.asCompactString());
}
verifyPwModifyTime = Boolean.parseBoolean(configuration.readAppProperty(AppProperty.TOKEN_VERIFY_PW_MODIFY_TIME));
status = STATUS.OPEN;
LOGGER.debug("open");
}
Aggregations