Search in sources :

Example 6 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class ReportSummaryData method update.

@SuppressWarnings("checkstyle:MethodLength")
private void update(final UserCacheRecord userCacheRecord, final boolean adding) {
    final int modifier = adding ? 1 : -1;
    totalUsers.addAndGet(modifier);
    updateMeanTime(userCacheRecord.cacheTimestamp, adding);
    if (userCacheRecord.hasResponses) {
        hasResponses.addAndGet(modifier);
    }
    if (userCacheRecord.hasHelpdeskResponses) {
        hasHelpdeskResponses.addAndGet(modifier);
    }
    if (userCacheRecord.responseSetTime != null) {
        hasResponseSetTime.addAndGet(modifier);
        for (final Map.Entry<Integer, AtomicInteger> entry : responseSetDays.entrySet()) {
            final Integer day = entry.getKey();
            entry.getValue().addAndGet(calcTimeWindow(userCacheRecord.responseSetTime, MS_DAY * day, adding));
        }
    }
    if (userCacheRecord.passwordExpirationTime != null) {
        hasPasswordExpirationTime.addAndGet(modifier);
        for (final Map.Entry<Integer, AtomicInteger> entry : pwExpireDays.entrySet()) {
            final Integer day = entry.getKey();
            entry.getValue().addAndGet(calcTimeWindow(userCacheRecord.passwordExpirationTime, MS_DAY * day, adding));
        }
    }
    if (userCacheRecord.accountExpirationTime != null) {
        hasAccountExpirationTime.addAndGet(modifier);
        for (final Map.Entry<Integer, AtomicInteger> entry : accountExpireDays.entrySet()) {
            final Integer day = entry.getKey();
            entry.getValue().addAndGet(calcTimeWindow(userCacheRecord.accountExpirationTime, MS_DAY * day, adding));
        }
    }
    if (userCacheRecord.lastLoginTime != null) {
        hasLoginTime.addAndGet(modifier);
        for (final Map.Entry<Integer, AtomicInteger> entry : loginDays.entrySet()) {
            final Integer day = entry.getKey();
            entry.getValue().addAndGet(calcTimeWindow(userCacheRecord.lastLoginTime, MS_DAY * day, adding));
        }
    }
    if (userCacheRecord.passwordChangeTime != null) {
        hasChangePwTime.addAndGet(modifier);
        for (final Map.Entry<Integer, AtomicInteger> entry : changePwDays.entrySet()) {
            final Integer day = entry.getKey();
            entry.getValue().addAndGet(calcTimeWindow(userCacheRecord.passwordChangeTime, MS_DAY * day, adding));
        }
    }
    if (userCacheRecord.passwordStatus != null) {
        if (adding) {
            if (userCacheRecord.passwordStatus.isExpired()) {
                pwExpired.incrementAndGet();
            }
            if (userCacheRecord.passwordStatus.isPreExpired()) {
                pwPreExpired.incrementAndGet();
            }
            if (userCacheRecord.passwordStatus.isWarnPeriod()) {
                pwWarnPeriod.incrementAndGet();
            }
        } else {
            if (userCacheRecord.passwordStatus.isExpired()) {
                pwExpired.decrementAndGet();
            }
            if (userCacheRecord.passwordStatus.isPreExpired()) {
                pwPreExpired.decrementAndGet();
            }
            if (userCacheRecord.passwordStatus.isWarnPeriod()) {
                pwWarnPeriod.decrementAndGet();
            }
        }
    }
    if (userCacheRecord.responseStorageMethod != null) {
        final DataStorageMethod method = userCacheRecord.responseStorageMethod;
        responseStorage.putIfAbsent(method, new AtomicInteger(0));
        if (adding) {
            responseStorage.get(method).incrementAndGet();
        } else {
            responseStorage.get(method).decrementAndGet();
        }
    }
    if (userCacheRecord.getLdapProfile() != null) {
        final String userProfile = userCacheRecord.getLdapProfile();
        if (!ldapProfile.containsKey(userProfile)) {
            ldapProfile.put(userProfile, new AtomicInteger(0));
        }
        if (adding) {
            ldapProfile.get(userProfile).incrementAndGet();
        } else {
            ldapProfile.get(userProfile).decrementAndGet();
        }
    }
    if (userCacheRecord.responseFormatType != null) {
        final Answer.FormatType type = userCacheRecord.responseFormatType;
        responseFormatType.putIfAbsent(type, new AtomicInteger(0));
        if (adding) {
            responseFormatType.get(type).incrementAndGet();
        } else {
            responseFormatType.get(type).decrementAndGet();
        }
    }
    if (userCacheRecord.isHasOtpSecret()) {
        hasOtpSecret.addAndGet(modifier);
    }
    if (userCacheRecord.getOtpSecretSetTime() != null) {
        hasOtpSecretSetTime.addAndGet(modifier);
        for (final Map.Entry<Integer, AtomicInteger> entry : otpSetDays.entrySet()) {
            final int day = entry.getKey();
            entry.getValue().addAndGet(calcTimeWindow(userCacheRecord.getOtpSecretSetTime(), MS_DAY * day, adding));
        }
    }
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) BigInteger(java.math.BigInteger) Answer(com.novell.ldapchai.cr.Answer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) DataStorageMethod(password.pwm.config.option.DataStorageMethod) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) TreeMap(java.util.TreeMap) Map(java.util.Map)

Example 7 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class AuditService method init.

public void init(final PwmApplication pwmApplication) throws PwmException {
    this.status = STATUS.OPENING;
    this.pwmApplication = pwmApplication;
    settings = new AuditSettings(pwmApplication.getConfig());
    if (pwmApplication.getApplicationMode() == null || pwmApplication.getApplicationMode() == PwmApplicationMode.READ_ONLY) {
        this.status = STATUS.CLOSED;
        LOGGER.warn("unable to start - Application is in read-only mode");
        return;
    }
    if (pwmApplication.getLocalDB() == null || pwmApplication.getLocalDB().status() != LocalDB.Status.OPEN) {
        this.status = STATUS.CLOSED;
        LOGGER.warn("unable to start - LocalDB is not available");
        return;
    }
    final List<String> syslogConfigString = pwmApplication.getConfig().readSettingAsStringArray(PwmSetting.AUDIT_SYSLOG_SERVERS);
    if (syslogConfigString != null && !syslogConfigString.isEmpty()) {
        try {
            syslogManager = new SyslogAuditService(pwmApplication);
        } catch (Exception e) {
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SYSLOG_WRITE_ERROR, "startup error: " + e.getMessage());
            LOGGER.error(errorInformation.toDebugStr());
        }
    }
    {
        final UserEventStorageMethod userEventStorageMethod = pwmApplication.getConfig().readSettingAsEnum(PwmSetting.EVENTS_USER_STORAGE_METHOD, UserEventStorageMethod.class);
        final String debugMsg;
        final DataStorageMethod storageMethodUsed;
        switch(userEventStorageMethod) {
            case AUTO:
                if (pwmApplication.getConfig().hasDbConfigured()) {
                    debugMsg = "starting using auto-configured data store, Remote Database selected";
                    this.userHistoryStore = new DatabaseUserHistory(pwmApplication);
                    storageMethodUsed = DataStorageMethod.DB;
                } else {
                    debugMsg = "starting using auto-configured data store, LDAP selected";
                    this.userHistoryStore = new LdapXmlUserHistory(pwmApplication);
                    storageMethodUsed = DataStorageMethod.LDAP;
                }
                break;
            case DATABASE:
                this.userHistoryStore = new DatabaseUserHistory(pwmApplication);
                debugMsg = "starting using Remote Database data store";
                storageMethodUsed = DataStorageMethod.DB;
                break;
            case LDAP:
                this.userHistoryStore = new LdapXmlUserHistory(pwmApplication);
                debugMsg = "starting using LocalDB data store";
                storageMethodUsed = DataStorageMethod.LDAP;
                break;
            default:
                lastError = new ErrorInformation(PwmError.ERROR_UNKNOWN, "unknown storageMethod selected: " + userEventStorageMethod);
                status = STATUS.CLOSED;
                return;
        }
        LOGGER.info(debugMsg);
        serviceInfo = new ServiceInfoBean(Collections.singletonList(storageMethodUsed));
    }
    {
        final TimeDuration maxRecordAge = new TimeDuration(pwmApplication.getConfig().readSettingAsLong(PwmSetting.EVENTS_AUDIT_MAX_AGE) * 1000);
        final long maxRecords = pwmApplication.getConfig().readSettingAsLong(PwmSetting.EVENTS_AUDIT_MAX_EVENTS);
        final AuditVault.Settings settings = new AuditVault.Settings(maxRecords, maxRecordAge);
        if (pwmApplication.getLocalDB() != null && pwmApplication.getApplicationMode() != PwmApplicationMode.READ_ONLY) {
            if (maxRecords < 1) {
                LOGGER.debug("localDB audit vault will remain closed due to max records setting");
                pwmApplication.getLocalDB().truncate(LocalDB.DB.AUDIT_EVENTS);
            } else {
                auditVault = new LocalDbAuditVault();
                auditVault.init(pwmApplication, pwmApplication.getLocalDB(), settings);
            }
        } else {
            LOGGER.debug("localDB audit vault will remain closed due to application mode");
        }
    }
    this.status = STATUS.OPEN;
}
Also used : UserEventStorageMethod(password.pwm.config.option.UserEventStorageMethod) DataStorageMethod(password.pwm.config.option.DataStorageMethod) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) IOException(java.io.IOException) ErrorInformation(password.pwm.error.ErrorInformation) TimeDuration(password.pwm.util.java.TimeDuration)

Example 8 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class ReportSummaryData method asPresentableCollection.

public List<PresentationRow> asPresentableCollection(final Configuration config, final Locale locale) {
    final ArrayList<PresentationRow> returnCollection = new ArrayList<>();
    final PresentationRowBuilder builder = new PresentationRowBuilder(config, this.totalUsers.get(), locale);
    returnCollection.add(builder.makeNoPctRow("Field_Report_Sum_Total", this.totalUsers.get(), null));
    if (totalUsers.get() == 0) {
        return returnCollection;
    }
    if (config.getLdapProfiles().keySet().size() > 1) {
        for (final Map.Entry<String, AtomicInteger> entry : new TreeMap<>(ldapProfile).entrySet()) {
            final String userProfile = entry.getKey();
            final int count = entry.getValue().get();
            final String displayName = config.getLdapProfiles().containsKey(userProfile) ? config.getLdapProfiles().get(userProfile).getDisplayName(locale) : userProfile;
            returnCollection.add(builder.makeRow("Field_Report_Sum_LdapProfile", count, displayName));
        }
    }
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveLoginTime", this.hasLoginTime.get()));
    for (final Integer day : new TreeSet<>(loginDays.keySet())) {
        if (day < 0) {
            returnCollection.add(builder.makeRow("Field_Report_Sum_LoginTimePrevious", this.loginDays.get(day).get(), String.valueOf(Math.abs(day))));
        }
    }
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveAccountExpirationTime", this.hasAccountExpirationTime.get()));
    for (final Integer day : new TreeSet<>(accountExpireDays.keySet())) {
        final String key = day < 0 ? "Field_Report_Sum_AccountExpirationPrevious" : "Field_Report_Sum_AccountExpirationNext";
        returnCollection.add(builder.makeRow(key, this.accountExpireDays.get(day).get(), String.valueOf(Math.abs(day))));
    }
    returnCollection.add(builder.makeRow("Field_Report_Sum_HavePwExpirationTime", this.hasPasswordExpirationTime.get()));
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveExpiredPw", this.pwExpired.get()));
    returnCollection.add(builder.makeRow("Field_Report_Sum_HavePreExpiredPw", this.pwPreExpired.get()));
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveExpiredPwWarn", this.pwWarnPeriod.get()));
    for (final Integer day : new TreeSet<>(pwExpireDays.keySet())) {
        final String key = day < 0 ? "Field_Report_Sum_PwExpirationPrevious" : "Field_Report_Sum_PwExpirationNext";
        returnCollection.add(builder.makeRow(key, this.pwExpireDays.get(day).get(), String.valueOf(Math.abs(day))));
    }
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveChgPw", this.hasChangePwTime.get()));
    for (final Integer day : new TreeSet<>(changePwDays.keySet())) {
        if (day < 0) {
            returnCollection.add(builder.makeRow("Field_Report_Sum_ChgPwPrevious", this.changePwDays.get(day).get(), String.valueOf(Math.abs(day))));
        }
    }
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveResponses", this.hasResponses.get()));
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveHelpdeskResponses", this.hasHelpdeskResponses.get()));
    for (final DataStorageMethod storageMethod : new TreeSet<>(this.getResponseStorage().keySet())) {
        final int count = this.getResponseStorage().get(storageMethod);
        returnCollection.add(builder.makeRow("Field_Report_Sum_StorageMethod", count, storageMethod.toString()));
    }
    for (final Answer.FormatType formatType : new TreeSet<>(this.getResponseFormatType().keySet())) {
        final int count = this.getResponseFormatType().get(formatType);
        returnCollection.add(builder.makeRow("Field_Report_Sum_ResponseFormatType", count, formatType.toString()));
    }
    returnCollection.add(builder.makeRow("Field_Report_Sum_HaveResponseTime", this.hasResponseSetTime.get()));
    for (final Integer day : new TreeSet<>(responseSetDays.keySet())) {
        if (day < 0) {
            returnCollection.add(builder.makeRow("Field_Report_Sum_ResponseTimePrevious", this.responseSetDays.get(day).get(), String.valueOf(Math.abs(day))));
        }
    }
    if (this.hasOtpSecret.get() > 0) {
        returnCollection.add(builder.makeRow("Field_Report_Sum_HaveOtpSecret", this.hasOtpSecret.get()));
        returnCollection.add(builder.makeRow("Field_Report_Sum_HaveOtpSecretSetTime", this.hasOtpSecretSetTime.get()));
        for (final Integer day : new TreeSet<>(otpSetDays.keySet())) {
            if (day < 0) {
                returnCollection.add(builder.makeRow("Field_Report_Sum_OtpSecretTimePrevious", this.otpSetDays.get(day).get(), String.valueOf(Math.abs(day))));
            }
        }
    }
    return returnCollection;
}
Also used : ArrayList(java.util.ArrayList) DataStorageMethod(password.pwm.config.option.DataStorageMethod) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) BigInteger(java.math.BigInteger) Answer(com.novell.ldapchai.cr.Answer) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) TreeSet(java.util.TreeSet) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) TreeMap(java.util.TreeMap) Map(java.util.Map)

Example 9 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class CrService method clearResponses.

public void clearResponses(final SessionLabel sessionLabel, final UserIdentity userIdentity, final ChaiUser theUser, final String userGUID) throws PwmOperationalException, ChaiUnavailableException {
    final Configuration config = pwmApplication.getConfig();
    int attempts = 0;
    int successes = 0;
    LOGGER.trace(sessionLabel, "beginning clear response operation for user " + theUser.getEntryDN() + " guid=" + userGUID);
    final List<DataStorageMethod> writeMethods = config.helper().getCrWritePreference();
    for (final DataStorageMethod loopWriteMethod : writeMethods) {
        try {
            attempts++;
            operatorMap.get(loopWriteMethod).clearResponses(userIdentity, theUser, userGUID);
            successes++;
        } catch (PwmUnrecoverableException e) {
            LOGGER.error(sessionLabel, "error clearing responses via " + loopWriteMethod + ", error: " + e.getMessage());
        }
    }
    if (attempts == 0) {
        final String errorMsg = "no response save methods are available or configured";
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_CLEARING_RESPONSES, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
    if (attempts != successes) {
        // should be impossible to read here, but just in case.
        final String errorMsg = "response clear partially successful; attempts=" + attempts + ", successes=" + successes;
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_CLEARING_RESPONSES, errorMsg);
        throw new PwmOperationalException(errorInfo);
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 10 with DataStorageMethod

use of password.pwm.config.option.DataStorageMethod in project pwm by pwm-project.

the class OtpService method readOTPUserConfiguration.

public OTPUserRecord readOTPUserConfiguration(final SessionLabel sessionLabel, final UserIdentity userIdentity) throws PwmUnrecoverableException, ChaiUnavailableException {
    OTPUserRecord otpConfig = null;
    final Configuration config = pwmApplication.getConfig();
    final Date methodStartTime = new Date();
    final List<DataStorageMethod> otpSecretStorageLocations = config.getOtpSecretStorageLocations(PwmSetting.OTP_SECRET_READ_PREFERENCE);
    if (otpSecretStorageLocations != null) {
        final String userGUID = readGuidIfNeeded(pwmApplication, sessionLabel, otpSecretStorageLocations, userIdentity);
        final Iterator<DataStorageMethod> locationIterator = otpSecretStorageLocations.iterator();
        while (otpConfig == null && locationIterator.hasNext()) {
            final DataStorageMethod location = locationIterator.next();
            final OtpOperator operator = operatorMap.get(location);
            if (operator != null) {
                try {
                    otpConfig = operator.readOtpUserConfiguration(userIdentity, userGUID);
                } catch (Exception e) {
                    LOGGER.error(sessionLabel, "unexpected error reading stored otp configuration from " + location + " for user " + userIdentity + ", error: " + e.getMessage());
                }
            } else {
                LOGGER.warn(sessionLabel, String.format("storage location %s not implemented", location.toString()));
            }
        }
    }
    LOGGER.trace(sessionLabel, "readOTPUserConfiguration completed in " + TimeDuration.fromCurrent(methodStartTime).asCompactString() + (otpConfig == null ? ", no otp record found" : ", recordType=" + otpConfig.getType() + ", identifier=" + otpConfig.getIdentifier() + ", timestamp=" + JavaHelper.toIsoDate(otpConfig.getTimestamp())));
    return otpConfig;
}
Also used : OtpOperator(password.pwm.util.operations.otp.OtpOperator) LocalDbOtpOperator(password.pwm.util.operations.otp.LocalDbOtpOperator) LdapOtpOperator(password.pwm.util.operations.otp.LdapOtpOperator) DbOtpOperator(password.pwm.util.operations.otp.DbOtpOperator) Configuration(password.pwm.config.Configuration) DataStorageMethod(password.pwm.config.option.DataStorageMethod) OTPUserRecord(password.pwm.util.operations.otp.OTPUserRecord) Date(java.util.Date) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)

Aggregations

DataStorageMethod (password.pwm.config.option.DataStorageMethod)13 Configuration (password.pwm.config.Configuration)8 ErrorInformation (password.pwm.error.ErrorInformation)7 PwmOperationalException (password.pwm.error.PwmOperationalException)7 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)7 PwmException (password.pwm.error.PwmException)4 TreeMap (java.util.TreeMap)3 TimeDuration (password.pwm.util.java.TimeDuration)3 DbOtpOperator (password.pwm.util.operations.otp.DbOtpOperator)3 LdapOtpOperator (password.pwm.util.operations.otp.LdapOtpOperator)3 LocalDbOtpOperator (password.pwm.util.operations.otp.LocalDbOtpOperator)3 OtpOperator (password.pwm.util.operations.otp.OtpOperator)3 Answer (com.novell.ldapchai.cr.Answer)2 IOException (java.io.IOException)2 BigInteger (java.math.BigInteger)2 Map (java.util.Map)2 TimerTask (java.util.TimerTask)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)2 DataStore (password.pwm.util.DataStore)2