Examples with AuditRecordFactory password.pwm.svc.event.AuditRecordFactory used on opensource projects

Search in sources :

Example 16 with AuditRecordFactory

use of password.pwm.svc.event.AuditRecordFactory in project pwm by pwm-project.

the class IntruderManager method mark.

public void mark(final RecordType recordType, final String subject, final SessionLabel sessionLabel) throws PwmUnrecoverableException {
    if (recordType == null) {
        throw new IllegalArgumentException("recordType is required");
    }
    if (subject == null || subject.length() < 1) {
        return;
    }
    if (recordType == RecordType.ADDRESS) {
        try {
            final InetAddress inetAddress = InetAddress.getByName(subject);
            if (inetAddress.isAnyLocalAddress() || inetAddress.isLoopbackAddress() || inetAddress.isLinkLocalAddress()) {
                LOGGER.debug("disregarding local address intruder attempt from: " + subject);
                return;
            }
        } catch (Exception e) {
            LOGGER.error("error examining address: " + subject);
        }
    }
    final RecordManager manager = recordManagers.get(recordType);
    manager.markSubject(subject);
    if (recordType == RecordType.USER_ID) {
        final UserIdentity userIdentity = UserIdentity.fromKey(subject, pwmApplication);
        final UserAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.INTRUDER_USER_ATTEMPT, userIdentity, sessionLabel);
        pwmApplication.getAuditManager().submit(auditRecord);
    } else {
        // send intruder attempt audit event
        final Map<String, Object> messageObj = new LinkedHashMap<>();
        messageObj.put("type", recordType);
        messageObj.put("subject", subject);
        final String message = JsonUtil.serializeMap(messageObj);
        final SystemAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createSystemAuditRecord(AuditEvent.INTRUDER_ATTEMPT, message);
        pwmApplication.getAuditManager().submit(auditRecord);
    }
    try {
        check(recordType, subject);
    } catch (PwmUnrecoverableException e) {
        if (!manager.isAlerted(subject)) {
            if (recordType == RecordType.USER_ID) {
                final UserIdentity userIdentity = UserIdentity.fromKey(subject, pwmApplication);
                final UserAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.INTRUDER_USER_LOCK, userIdentity, sessionLabel);
                pwmApplication.getAuditManager().submit(auditRecord);
                sendAlert(manager.readIntruderRecord(subject), sessionLabel);
            } else {
                // send intruder attempt lock event
                final Map<String, Object> messageObj = new LinkedHashMap<>();
                messageObj.put("type", recordType);
                messageObj.put("subject", subject);
                final String message = JsonUtil.serializeMap(messageObj);
                final SystemAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createSystemAuditRecord(AuditEvent.INTRUDER_LOCK, message);
                pwmApplication.getAuditManager().submit(auditRecord);
            }
            manager.markAlerted(subject);
            final StatisticsManager statisticsManager = pwmApplication.getStatisticsManager();
            if (statisticsManager != null && statisticsManager.status() == STATUS.OPEN) {
                statisticsManager.incrementValue(Statistic.INTRUDER_ATTEMPTS);
                statisticsManager.updateEps(EpsStatistic.INTRUDER_ATTEMPTS, 1);
                statisticsManager.incrementValue(recordType.getLockStatistic());
            }
        }
        throw e;
    }
    delayPenalty(manager.readIntruderRecord(subject), sessionLabel == null ? null : sessionLabel);
}
Also used : UserAuditRecord(password.pwm.svc.event.UserAuditRecord) UserIdentity(password.pwm.bean.UserIdentity) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) LinkedHashMap(java.util.LinkedHashMap) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) StatisticsManager(password.pwm.svc.stats.StatisticsManager) InetAddress(java.net.InetAddress) SystemAuditRecord(password.pwm.svc.event.SystemAuditRecord) Map(java.util.Map) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap)

Example 17 with AuditRecordFactory

use of password.pwm.svc.event.AuditRecordFactory in project pwm by pwm-project.

the class PwmApplication method postInitTasks.

private void postInitTasks() {
    final Instant startTime = Instant.now();
    LOGGER.debug("loaded configuration: " + pwmEnvironment.getConfig().toDebugString());
    // detect if config has been modified since previous startup
    try {
        final String previousHash = readAppAttribute(AppAttribute.CONFIG_HASH, String.class);
        final String currentHash = pwmEnvironment.getConfig().configurationHash();
        if (previousHash == null || !previousHash.equals(currentHash)) {
            writeAppAttribute(AppAttribute.CONFIG_HASH, currentHash);
            LOGGER.warn("configuration checksum does not match previously seen checksum, configuration has been modified since last startup");
            if (this.getAuditManager() != null) {
                final String modifyMessage = "configuration was modified directly (not using ConfigEditor UI)";
                this.getAuditManager().submit(new AuditRecordFactory(this).createUserAuditRecord(AuditEvent.MODIFY_CONFIGURATION, null, null, modifyMessage));
            }
        }
    } catch (Exception e) {
        LOGGER.debug("unable to detect if configuration has been modified since previous startup: " + e.getMessage());
    }
    if (this.getConfig() != null) {
        final Map<AppProperty, String> nonDefaultProperties = getConfig().readAllNonDefaultAppProperties();
        if (nonDefaultProperties != null && !nonDefaultProperties.isEmpty()) {
            final Map<String, String> tempMap = new LinkedHashMap<>();
            for (final Map.Entry<AppProperty, String> entry : nonDefaultProperties.entrySet()) {
                tempMap.put(entry.getKey().getKey(), entry.getValue());
            }
            LOGGER.trace("non-default app properties read from configuration: " + JsonUtil.serializeMap(tempMap));
        } else {
            LOGGER.trace("no non-default app properties in configuration");
        }
    }
    // send system audit event
    try {
        final SystemAuditRecord auditRecord = new AuditRecordFactory(this).createSystemAuditRecord(AuditEvent.STARTUP, null);
        getAuditManager().submit(auditRecord);
    } catch (PwmException e) {
        LOGGER.warn("unable to submit start alert event " + e.getMessage());
    }
    try {
        final Map<PwmAboutProperty, String> infoMap = PwmAboutProperty.makeInfoBean(this);
        LOGGER.trace("application info: " + JsonUtil.serializeMap(infoMap));
    } catch (Exception e) {
        LOGGER.error("error generating about application bean: " + e.getMessage(), e);
    }
    try {
        this.getIntruderManager().clear(RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME);
    } catch (Exception e) {
        LOGGER.warn("error while clearing configmanager-intruder-username from intruder table: " + e.getMessage());
    }
    if (!pwmEnvironment.isInternalRuntimeInstance()) {
        try {
            outputKeystore(this);
        } catch (Exception e) {
            LOGGER.debug("error while generating keystore output: " + e.getMessage());
        }
        try {
            outputTomcatConf(this);
        } catch (Exception e) {
            LOGGER.debug("error while generating tomcat conf output: " + e.getMessage());
        }
    }
    LOGGER.trace("completed post init tasks in " + TimeDuration.fromCurrent(startTime).asCompactString());
}
Also used : Instant(java.time.Instant) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) PwmException(password.pwm.error.PwmException) IOException(java.io.IOException) LinkedHashMap(java.util.LinkedHashMap) PwmException(password.pwm.error.PwmException) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) Map(java.util.Map) LinkedHashMap(java.util.LinkedHashMap) SystemAuditRecord(password.pwm.svc.event.SystemAuditRecord)

Example 18 with AuditRecordFactory

use of password.pwm.svc.event.AuditRecordFactory in project pwm by pwm-project.

the class DeleteAccountServlet method handleAgreeRequest.

@ActionHandler(action = "agree")
private ProcessStatus handleAgreeRequest(final PwmRequest pwmRequest) throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
    LOGGER.debug(pwmRequest, "user accepted agreement");
    final DeleteAccountBean deleteAccountBean = getBean(pwmRequest);
    if (!deleteAccountBean.isAgreementPassed()) {
        deleteAccountBean.setAgreementPassed(true);
        final AuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.AGREEMENT_PASSED, pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel(), ProfileType.DeleteAccount.toString());
        pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
    return ProcessStatus.Continue;
}
Also used : DeleteAccountBean(password.pwm.http.bean.DeleteAccountBean) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) AuditRecord(password.pwm.svc.event.AuditRecord)

Example 19 with AuditRecordFactory

use of password.pwm.svc.event.AuditRecordFactory in project pwm by pwm-project.

the class SetupOtpServlet method nextStep.

@Override
protected void nextStep(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    if (otpBean.isHasPreExistingOtp()) {
        pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_EXISTING);
        return;
    }
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    if (otpBean.isConfirmed()) {
        final OtpService otpService = pwmApplication.getOtpService();
        final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
        try {
            otpService.writeOTPUserConfiguration(pwmSession, theUser, otpBean.getOtpUserRecord());
            otpBean.setWritten(true);
            // Update the current user info bean, so the user can check the code right away
            pwmSession.reloadUserInfoBean(pwmApplication);
            // mark the event log
            final UserAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.SET_OTP_SECRET, pwmSession.getUserInfo(), pwmSession);
            pwmApplication.getAuditManager().submit(auditRecord);
            if (pwmApplication.getStatisticsManager() != null && pwmApplication.getStatisticsManager().status() == PwmService.STATUS.OPEN) {
                pwmApplication.getStatisticsManager().incrementValue(Statistic.SETUP_OTP_SECRET);
            }
        } catch (Exception e) {
            final ErrorInformation errorInformation;
            if (e instanceof PwmException) {
                errorInformation = ((PwmException) e).getErrorInformation();
            } else {
                errorInformation = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, "unexpected error saving otp secret: " + e.getMessage());
            }
            LOGGER.error(pwmSession, errorInformation.toDebugStr());
            setLastError(pwmRequest, errorInformation);
        }
    }
    if (otpBean.isCodeSeen()) {
        if (otpBean.isWritten()) {
            pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_SUCCESS);
        } else {
            pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_TEST);
        }
    } else {
        final String qrCodeValue = makeQrCodeDataImageUrl(pwmRequest, otpBean.getOtpUserRecord());
        pwmRequest.setAttribute(PwmRequestAttribute.SetupOtp_QrCodeValue, qrCodeValue);
        pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET);
    }
}
Also used : PwmException(password.pwm.error.PwmException) UserAuditRecord(password.pwm.svc.event.UserAuditRecord) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) SetupOtpBean(password.pwm.http.bean.SetupOtpBean) OtpService(password.pwm.util.operations.OtpService) UserIdentity(password.pwm.bean.UserIdentity) PwmSession(password.pwm.http.PwmSession) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) IOException(java.io.IOException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)

Example 20 with AuditRecordFactory

use of password.pwm.svc.event.AuditRecordFactory in project pwm by pwm-project.

the class ConfigManagerServlet method saveConfiguration.

public static void saveConfiguration(final PwmRequest pwmRequest, final StoredConfigurationImpl storedConfiguration) throws PwmUnrecoverableException {
    {
        final List<String> errorStrings = storedConfiguration.validateValues();
        if (errorStrings != null && !errorStrings.isEmpty()) {
            final String errorString = errorStrings.get(0);
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, null, new String[] { errorString }));
        }
    }
    try {
        final ContextManager contextManager = ContextManager.getContextManager(pwmRequest.getHttpServletRequest().getSession().getServletContext());
        contextManager.getConfigReader().saveConfiguration(storedConfiguration, contextManager.getPwmApplication(), pwmRequest.getSessionLabel());
        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
        if (pwmApplication.getAuditManager() != null && pwmApplication.getAuditManager().status() == PwmService.STATUS.OPEN) {
            final String modifyMessage = "Configuration Changes: " + storedConfiguration.changeLogAsDebugString(PwmConstants.DEFAULT_LOCALE, false);
            final AuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.MODIFY_CONFIGURATION, pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel(), modifyMessage);
            pwmApplication.getAuditManager().submit(auditRecord);
        }
        contextManager.requestPwmApplicationRestart();
    } catch (Exception e) {
        final String errorString = "error saving file: " + e.getMessage();
        LOGGER.error(pwmRequest, errorString);
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, null, new String[] { errorString }));
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) PwmApplication(password.pwm.PwmApplication) ContextManager(password.pwm.http.ContextManager) List(java.util.List) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) AuditRecord(password.pwm.svc.event.AuditRecord) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) PwmException(password.pwm.error.PwmException) IOException(java.io.IOException)

Aggregations

AuditRecordFactory (password.pwm.svc.event.AuditRecordFactory)24 ErrorInformation (password.pwm.error.ErrorInformation)14 UserIdentity (password.pwm.bean.UserIdentity)13 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)10 AuditRecord (password.pwm.svc.event.AuditRecord)10 HelpdeskAuditRecord (password.pwm.svc.event.HelpdeskAuditRecord)10 PwmOperationalException (password.pwm.error.PwmOperationalException)9 HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)8 RestResultBean (password.pwm.ws.server.RestResultBean)8 ChaiUser (com.novell.ldapchai.ChaiUser)7 PwmSession (password.pwm.http.PwmSession)7 PwmException (password.pwm.error.PwmException)6 PwmApplication (password.pwm.PwmApplication)5 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)4 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)4 IOException (java.io.IOException)4 Instant (java.time.Instant)4 HashMap (java.util.HashMap)3 List (java.util.List)3 Map (java.util.Map)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial