/** * Hook to run a cron job. * * @param array &$croninfo Output */ function statistics_hook_cron(&$croninfo) { assert('is_array($croninfo)'); assert('array_key_exists("summary", $croninfo)'); assert('array_key_exists("tag", $croninfo)'); $statconfig = SimpleSAML_Configuration::getConfig('module_statistics.php'); if (is_null($statconfig->getValue('cron_tag', NULL))) { return; } if ($statconfig->getValue('cron_tag', NULL) !== $croninfo['tag']) { return; } $maxtime = $statconfig->getInteger('time_limit', NULL); if ($maxtime) { set_time_limit($maxtime); } try { $aggregator = new sspmod_statistics_Aggregator(); $results = $aggregator->aggregate(); if (empty($results)) { SimpleSAML_Logger::notice('Output from statistics aggregator was empty.'); } else { $aggregator->store($results); } } catch (Exception $e) { $message = 'Loganalyzer threw exception: ' . $e->getMessage(); SimpleSAML_Logger::warning($message); $croninfo['summary'][] = $message; } }
/** * Searches LDAP using a ActiveDirectory specific filter, * looking for group membership for the users DN. Returns * the list of group DNs retrieved. * * @param string $dn * @return array */ protected function searchActiveDirectory($dn) { assert('is_string($dn) && $dn != ""'); // Shorten the variable name $map =& $this->attribute_map; // Log the search SimpleSAML_Logger::debug($this->title . 'Searching ActiveDirectory group membership.' . ' DN: ' . $dn . ' DN Attribute: ' . $map['dn'] . ' Member Attribute: ' . $map['member'] . ' Type Attribute: ' . $map['type'] . ' Type Value: ' . $this->type_map['group'] . ' Base: ' . implode('; ', $this->base_dn)); // AD connections should have this set $this->getLdap()->setOption(LDAP_OPT_REFERRALS, 0); // Search AD with the specific recursive flag try { $entries = $this->getLdap()->searchformultiple($this->base_dn, array($map['type'] => $this->type_map['group'], $map['member'] . ':1.2.840.113556.1.4.1941:' => $dn), array($map['dn'])); // The search may throw an exception if no entries // are found, unlikely but possible. } catch (SimpleSAML_Error_UserNotFound $e) { return array(); } //Init the groups $groups = array(); // Check each entry.. foreach ($entries as $entry) { // Check for the DN using the original attribute name if (isset($entry[$map['dn']][0])) { $groups[] = $entry[$map['dn']][0]; continue; } // Sometimes the returned attribute names are lowercase if (isset($entry[strtolower($map['dn'])][0])) { $groups[] = $entry[strtolower($map['dn'])][0]; continue; } // AD queries also seem to return the objects dn by default if (isset($entry['dn'])) { $groups[] = $entry['dn']; continue; } // Could not find DN, log and continue SimpleSAML_Logger::notice($this->title . 'The DN attribute [' . implode(', ', array($map['dn'], strtolower($map['dn']), 'dn')) . '] could not be found in the entry. ' . $this->var_export($entry)); } // All done return $groups; }
/** * Logs with an arbitrary level. * * @param mixed $level * @param string $message * @param array $context * @return NULL */ public function log($level, $message, array $context = array()) { switch ($level) { case SimpleSAML_Logger::ALERT: SimpleSAML_Logger::alert($message); break; case SimpleSAML_Logger::CRIT: SimpleSAML_Logger::critical($message); break; case SimpleSAML_Logger::DEBUG: SimpleSAML_Logger::debug($message); break; case SimpleSAML_Logger::EMERG: SimpleSAML_Logger::emergency($message); break; case SimpleSAML_Logger::ERR: SimpleSAML_Logger::error($message); break; case SimpleSAML_Logger::INFO: SimpleSAML_Logger::info($message); break; case SimpleSAML_Logger::NOTICE: SimpleSAML_Logger::notice($message); break; case SimpleSAML_Logger::WARNING: SimpleSAML_Logger::warning($message); } }
/** * Normal but significant events. * * @param string $message * @param array $context * @return NULL */ public function notice($message, array $context = array()) { SimpleSAML_Logger::notice($message . var_export($context, TRUE)); }