Merge branch 'enh-ngconfig'

Author: jrivard

server/pom.xml

@@ -52,6 +52,7 @@
                         </goals>
                         <phase>test</phase>
                         <configuration>
+                            <trimStackTrace>false</trimStackTrace>
                             <skipTests>${skipTests}</skipTests>
                             <excludes>
                                 <exclude>**/ExtendedTest*.java</exclude>

server/src/main/java/password/pwm/PwmAboutProperty.java

@@ -28,8 +28,10 @@
 import password.pwm.util.java.StringUtil;
 import password.pwm.util.logging.PwmLogger;
 
+import javax.net.ssl.SSLContext;
 import java.lang.management.ManagementFactory;
 import java.nio.charset.Charset;
+import java.security.NoSuchAlgorithmException;
 import java.time.Instant;
 import java.util.Collections;
 import java.util.Date;
@@ -69,6 +71,7 @@ public enum PwmAboutProperty
     app_secureBlockAlgorithm( null, pwmApplication -> pwmApplication.getSecureService().getDefaultBlockAlgorithm().getLabel() ),
     app_secureHashAlgorithm( null, pwmApplication -> pwmApplication.getSecureService().getDefaultHashAlgorithm().toString() ),
     app_ldapProfileCount( null, pwmApplication -> Integer.toString( pwmApplication.getConfig().getLdapProfiles().size() ) ),
+    app_ldapConnectionCount( null, pwmApplication -> Integer.toString( pwmApplication.getLdapConnectionService().connectionCount() ) ),
 
     build_Time( "Build Time", pwmApplication -> PwmConstants.BUILD_TIME ),
     build_Number( "Build Number", pwmApplication -> PwmConstants.BUILD_NUMBER ),
@@ -91,9 +94,10 @@ public enum PwmAboutProperty
     java_osName( "Operating System Name", pwmApplication -> System.getProperty( "os.name" ) ),
     java_osVersion( "Operating System Version", pwmApplication -> System.getProperty( "os.version" ) ),
     java_osArch( "Operating System Architecture", pwmApplication -> System.getProperty( "os.arch" ) ),
-    java_randomAlgorithm( null, pwmApplication -> pwmApplication.getSecureService().pwmRandom().getAlgorithm() ),
-    java_defaultCharset( null, pwmApplication -> Charset.defaultCharset().name() ),
+    java_randomAlgorithm( "Random Algorithm", pwmApplication -> pwmApplication.getSecureService().pwmRandom().getAlgorithm() ),
+    java_defaultCharset( "Default Character Set", pwmApplication -> Charset.defaultCharset().name() ),
     java_appServerInfo( "Java AppServer Info", pwmApplication -> pwmApplication.getPwmEnvironment().getContextManager().getServerInfo() ),
+    java_sslVersions( "Java SSL Versions", pwmApplication ->  readSslVersions() ),
 
     database_driverName( null,
             pwmApplication -> pwmApplication.getDatabaseService().getConnectionDebugProperties().get( DatabaseService.DatabaseAboutProperty.driverName ) ),
@@ -188,4 +192,16 @@ public static Map<String, String> toStringMap( final Map<PwmAboutProperty, Strin
         }
         return Collections.unmodifiableMap( outputProps );
     }
+
+    private static String readSslVersions()
+    {
+        try
+        {
+            return String.join( " ", SSLContext.getDefault().getSupportedSSLParameters().getProtocols() );
+        }
+        catch ( NoSuchAlgorithmException e )
+        {
+            return "";
+        }
+    }
 }

server/src/main/java/password/pwm/PwmApplication.java

@@ -28,6 +28,8 @@
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;
+import password.pwm.config.stored.StoredConfiguration;
+import password.pwm.config.stored.StoredConfigurationUtil;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmException;
@@ -101,8 +103,8 @@
 import java.util.Locale;
 import java.util.Map;
 import java.util.concurrent.ExecutorService;
-
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.function.Supplier;
 
 /**
  * A repository for objects common to the servlet context.  A singleton
@@ -305,34 +307,16 @@ private void postInitTasks( )
     {
         final Instant startTime = Instant.now();
 
-        pwmEnvironment.getConfig().outputToLog();
-
-        // detect if config has been modified since previous startup
         try
         {
-            final String previousHash = readAppAttribute( AppAttribute.CONFIG_HASH, String.class );
-            final String currentHash = pwmEnvironment.getConfig().configurationHash();
-            if ( previousHash == null || !previousHash.equals( currentHash ) )
-            {
-                writeAppAttribute( AppAttribute.CONFIG_HASH, currentHash );
-                LOGGER.warn( "configuration checksum does not match previously seen checksum, configuration has been modified since last startup" );
-                if ( this.getAuditManager() != null )
-                {
-                    final String modifyMessage = "configuration was modified directly (not using ConfigEditor UI)";
-                    this.getAuditManager().submit( new AuditRecordFactory( this ).createUserAuditRecord(
-                            AuditEvent.MODIFY_CONFIGURATION,
-                            null,
-                            null,
-                            modifyMessage
-                    ) );
-                }
-            }
+            outputConfigurationToLog( this );
         }
-        catch ( Exception e )
+        catch ( PwmException e )
         {
-            LOGGER.debug( () -> "unable to detect if configuration has been modified since previous startup: " + e.getMessage() );
+            LOGGER.error( "error outputting log to debug: " + e.getMessage() );
         }
 
+
         if ( this.getConfig() != null )
         {
             final Map<AppProperty, String> nonDefaultProperties = getConfig().readAllNonDefaultAppProperties();
@@ -511,6 +495,31 @@ private static void outputTomcatConf( final PwmApplication pwmApplication ) thro
         }
     }
 
+    private static void outputConfigurationToLog( final PwmApplication pwmApplication )
+            throws PwmUnrecoverableException
+    {
+        if ( !LOGGER.isEnabled( PwmLogLevel.TRACE ) )
+        {
+            return;
+        }
+
+        final StoredConfiguration storedConfiguration = pwmApplication.getConfig().getStoredConfiguration();
+        final Map<String, String> debugStrings = StoredConfigurationUtil.makeDebugMap( storedConfiguration, storedConfiguration.modifiedItems(), PwmConstants.DEFAULT_LOCALE );
+        final List<Supplier<CharSequence>> outputStrings = new ArrayList<>();
+
+        for ( final Map.Entry<String, String> entry : debugStrings.entrySet() )
+        {
+            final String spacedValue = entry.getValue().replace( "\n", "\n   " );
+            final String output = " " + entry.getKey() + "\n   " + spacedValue + "\n";
+            outputStrings.add( () -> output );
+        }
+
+        LOGGER.trace( () -> "--begin current configuration output--" );
+        outputStrings.forEach( LOGGER::trace );
+        LOGGER.trace( () -> "--end current configuration output--" );
+    }
+
+
     public String getInstanceID( )
     {
         return instanceID;

server/src/main/java/password/pwm/PwmConstants.java

@@ -23,7 +23,6 @@
 import org.apache.commons.csv.CSVFormat;
 import password.pwm.util.java.JsonUtil;
 import password.pwm.util.java.StringUtil;
-import password.pwm.util.secure.PwmHashAlgorithm;
 
 import java.io.InputStream;
 import java.net.URL;
@@ -101,6 +100,7 @@ public abstract class PwmConstants
 
     public static final String LDAP_AD_PASSWORD_POLICY_CONTROL_ASN = "1.2.840.113556.1.4.2066";
     public static final String PROFILE_ID_ALL = "all";
+    public static final String PROFILE_ID_DEFAULT = "default";
 
     public static final String TOKEN_KEY_PWD_CHG_DATE = "_lastPwdChange";
 
@@ -118,9 +118,6 @@ public abstract class PwmConstants
     public static final String REQUEST_ATTR_FORGOTTEN_PW_AVAIL_TOKEN_DEST_CACHE = "ForgottenPw-AvailableTokenDestCache";
     public static final String REQUEST_ATTR_PWM_APPLICATION = "PwmApplication";
 
-    public static final PwmHashAlgorithm SETTING_CHECKSUM_HASH_METHOD = PwmHashAlgorithm.SHA256;
-
-
     public static final String LOG_REMOVED_VALUE_REPLACEMENT = readPwmConstantsBundle( "log.removedValue" );
 
     public static final Collection<Locale> INCLUDED_LOCALES;

server/src/main/java/password/pwm/PwmEnvironment.java

@@ -74,7 +74,8 @@ public enum ApplicationParameter
         AppliancePort,
         ApplianceHostnameFile,
         ApplianceTokenFile,
-        InstanceID,;
+        InstanceID,
+        InitConsoleLogLevel,;
 
         public static ApplicationParameter forString( final String input )
         {
@@ -317,7 +318,7 @@ public static Map<ApplicationParameter, String> readApplicationParmsFromSystem(
             final String rawValue = readValueFromSystem( EnvironmentParameter.applicationParamFile, contextName );
             if ( rawValue != null )
             {
-                return parseApplicationParamValueParameter( rawValue );
+                return readAppParametersFromPath( rawValue );
             }
             return Collections.emptyMap();
         }
@@ -393,7 +394,7 @@ public static Collection<ApplicationFlag> parseApplicationFlagValueParameter( fi
             return returnFlags;
         }
 
-        public static Map<ApplicationParameter, String> parseApplicationParamValueParameter( final String input )
+        public static Map<ApplicationParameter, String> readAppParametersFromPath( final String input )
         {
             if ( input == null )
             {

server/src/main/java/password/pwm/bean/PrivateKeyCertificate.java

@@ -20,30 +20,16 @@
 
 package password.pwm.bean;
 
+import lombok.Value;
+
 import java.io.Serializable;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
-import java.util.Collections;
 import java.util.List;
 
+@Value
 public class PrivateKeyCertificate implements Serializable
 {
-    private final List<X509Certificate> certificates;
-    private final PrivateKey key;
-
-    public PrivateKeyCertificate( final List<X509Certificate> certificates, final PrivateKey key )
-    {
-        this.certificates = Collections.unmodifiableList( certificates );
-        this.key = key;
-    }
-
-    public List<X509Certificate> getCertificates( )
-    {
-        return Collections.unmodifiableList( certificates );
-    }
-
-    public PrivateKey getKey( )
-    {
-        return key;
-    }
+    private List<X509Certificate> certificates;
+    private PrivateKey key;
 }