public function inspect()
{
$insp = new Inspection('Db Connection');
try {
$this->getDbAdapter()->getConnection();
$config = $this->dbAdapter->getConfig();
$insp->write(sprintf('Connection to %s as %s on %s:%s successful', $config['dbname'], $config['username'], $config['host'], $config['port']));
switch ($this->dbType) {
case 'mysql':
$rows = $this->dbAdapter->query('SHOW VARIABLES WHERE variable_name ' . 'IN (\'version\', \'protocol_version\', \'version_compile_os\');')->fetchAll();
$sqlinsp = new Inspection('MySQL');
foreach ($rows as $row) {
$sqlinsp->write($row->variable_name . ': ' . $row->value);
}
$insp->write($sqlinsp);
break;
case 'pgsql':
$row = $this->dbAdapter->query('SELECT version();')->fetchAll();
$sqlinsp = new Inspection('PostgreSQL');
$sqlinsp->write($row[0]->version);
$insp->write($sqlinsp);
break;
}
} catch (Exception $e) {
return $insp->error(sprintf('Connection failed %s', $e->getMessage()));
}
return $insp;
}
/**
* Inspect if this LDAP Connection is working as expected
*
* Check if connection, bind and encryption is working as expected and get additional
* information about the used
*
* @return Inspection Inspection result
*/
public function inspect()
{
$insp = new Inspection('Ldap Connection');
// Try to connect to the server with the given connection parameters
try {
$ds = $this->prepareNewConnection($insp);
} catch (Exception $e) {
if ($this->encryption === 'starttls') {
// The Exception does not return any proper error messages in case of certificate errors. Connecting
// by STARTTLS will usually fail at this point when the certificate is unknown,
// so at least try to give some hints.
$insp->write('NOTE: There might be an issue with the chosen encryption. Ensure that the LDAP-Server ' . 'supports STARTTLS and that the LDAP-Client is configured to accept its certificate.');
}
return $insp->error($e->getMessage());
}
// Try a bind-command with the given user credentials, this must not fail
$success = @ldap_bind($ds, $this->bindDn, $this->bindPw);
$msg = sprintf('LDAP bind to %s:%s (%s / %s)', $this->hostname, $this->port, $this->bindDn, '***');
if (!$success) {
// ldap_error does not return any proper error messages in case of certificate errors. Connecting
// by LDAPS will usually fail at this point when the certificate is unknown, so at least try to give
// some hints.
if ($this->encryption === 'ldaps') {
$insp->write('NOTE: There might be an issue with the chosen encryption. Ensure that the LDAP-Server ' . ' supports LDAPS and that the LDAP-Client is configured to accept its certificate.');
}
return $insp->error(sprintf('%s failed: %s', $msg, ldap_error($ds)));
}
$insp->write(sprintf($msg . ' successful'));
// Try to execute a schema discovery this may fail if schema discovery is not supported
try {
$cap = LdapCapabilities::discoverCapabilities($this);
$discovery = new Inspection('Discovery Results');
$discovery->write($cap->getVendor());
$version = $cap->getVersion();
if (isset($version)) {
$discovery->write($version);
}
$discovery->write('Supports STARTTLS: ' . ($cap->hasStartTls() ? 'True' : 'False'));
$discovery->write('Default naming context: ' . $cap->getDefaultNamingContext());
$insp->write($discovery);
} catch (Exception $e) {
$insp->write('Schema discovery not possible: ' . $e->getMessage());
}
return $insp;
}
/**
* Inspect if this LDAP Connection is working as expected
*
* Check if connection, bind and encryption is working as expected and get additional
* information about the used
*
* @return Inspection Inspection result
*/
public function inspect()
{
$insp = new Inspection('Ldap Connection');
// Try to connect to the server with the given connection parameters
try {
$ds = $this->prepareNewConnection($insp);
} catch (Exception $e) {
return $insp->error($e->getMessage());
}
// Try a bind-command with the given user credentials, this must not fail
$success = @ldap_bind($ds, $this->bindDn, $this->bindPw);
$msg = sprintf('LDAP bind to %s:%s (%s / %s)', $this->hostname, $this->port, $this->bindDn, '***');
if (!$success) {
return $insp->error(sprintf('%s failed: %s', $msg, ldap_error($ds)));
}
$insp->write(sprintf($msg . ' successful'));
// Try to execute a schema discovery this may fail if schema discovery is not supported
try {
$cap = LdapCapabilities::discoverCapabilities($this);
$discovery = new Inspection('Discovery Results');
$discovery->write($cap->getVendor());
$version = $cap->getVersion();
if (isset($version)) {
$discovery->write($version);
}
$discovery->write('Supports STARTTLS: ' . ($cap->hasStartTls() ? 'True' : 'False'));
$discovery->write('Default naming context: ' . $cap->getDefaultNamingContext());
$insp->write($discovery);
} catch (Exception $e) {
$insp->write('Schema discovery not possible: ' . $e->getMessage());
}
return $insp;
}
/**
* Inspect if this LDAP User Backend is working as expected by probing the backend
* and testing if thea uthentication is possible
*
* Try to bind to the backend and fetch a single user to check if:
* <ul>
* <li>Connection credentials are correct and the bind is possible</li>
* <li>At least one user exists</li>
* <li>The specified userClass has the property specified by userNameAttribute</li>
* </ul>
*
* @return Inspection Inspection result
*/
public function inspect()
{
$result = new Inspection('Ldap User Backend');
// inspect the used connection to get more diagnostic info in case the connection is not working
$result->write($this->ds->inspect());
try {
try {
$res = $this->select()->fetchRow();
} catch (LdapException $e) {
throw new AuthenticationException('Connection not possible', $e);
}
$result->write('Searching for: ' . sprintf('objectClass "%s" in DN "%s" (Filter: %s)', $this->userClass, $this->baseDn ?: $this->ds->getDn(), $this->filter ?: 'None'));
if ($res === false) {
throw new AuthenticationException('Error, no users found in backend');
}
$result->write(sprintf('%d users found in backend', $this->select()->count()));
if (!isset($res->user_name)) {
throw new AuthenticationException('UserNameAttribute "%s" not existing in objectClass "%s"', $this->userNameAttribute, $this->userClass);
}
} catch (AuthenticationException $e) {
if (($previous = $e->getPrevious()) !== null) {
$result->error($previous->getMessage());
} else {
$result->error($e->getMessage());
}
} catch (Exception $e) {
$result->error(sprintf('Unable to validate authentication: %s', $e->getMessage()));
}
return $result;
}
/**
* Inspect this object to gain extended information about its health
*
* @return Inspection The inspection result
*/
public function inspect()
{
$insp = new Inspection('Db User Backend');
$insp->write($this->ds->inspect());
try {
$users = $this->select()->where('is_active', true)->count();
if ($users > 1) {
$insp->write(sprintf('%s active users', $users));
} else {
return $insp->error('0 active users', $users);
}
} catch (Exception $e) {
$insp->error(sprintf('Query failed: %s', $e->getMessage()));
}
return $insp;
}