public function inspect() { $insp = new Inspection('Db Connection'); try { $this->getDbAdapter()->getConnection(); $config = $this->dbAdapter->getConfig(); $insp->write(sprintf('Connection to %s as %s on %s:%s successful', $config['dbname'], $config['username'], $config['host'], $config['port'])); switch ($this->dbType) { case 'mysql': $rows = $this->dbAdapter->query('SHOW VARIABLES WHERE variable_name ' . 'IN (\'version\', \'protocol_version\', \'version_compile_os\');')->fetchAll(); $sqlinsp = new Inspection('MySQL'); foreach ($rows as $row) { $sqlinsp->write($row->variable_name . ': ' . $row->value); } $insp->write($sqlinsp); break; case 'pgsql': $row = $this->dbAdapter->query('SELECT version();')->fetchAll(); $sqlinsp = new Inspection('PostgreSQL'); $sqlinsp->write($row[0]->version); $insp->write($sqlinsp); break; } } catch (Exception $e) { return $insp->error(sprintf('Connection failed %s', $e->getMessage())); } return $insp; }
/** * Inspect if this LDAP Connection is working as expected * * Check if connection, bind and encryption is working as expected and get additional * information about the used * * @return Inspection Inspection result */ public function inspect() { $insp = new Inspection('Ldap Connection'); // Try to connect to the server with the given connection parameters try { $ds = $this->prepareNewConnection($insp); } catch (Exception $e) { if ($this->encryption === 'starttls') { // The Exception does not return any proper error messages in case of certificate errors. Connecting // by STARTTLS will usually fail at this point when the certificate is unknown, // so at least try to give some hints. $insp->write('NOTE: There might be an issue with the chosen encryption. Ensure that the LDAP-Server ' . 'supports STARTTLS and that the LDAP-Client is configured to accept its certificate.'); } return $insp->error($e->getMessage()); } // Try a bind-command with the given user credentials, this must not fail $success = @ldap_bind($ds, $this->bindDn, $this->bindPw); $msg = sprintf('LDAP bind to %s:%s (%s / %s)', $this->hostname, $this->port, $this->bindDn, '***'); if (!$success) { // ldap_error does not return any proper error messages in case of certificate errors. Connecting // by LDAPS will usually fail at this point when the certificate is unknown, so at least try to give // some hints. if ($this->encryption === 'ldaps') { $insp->write('NOTE: There might be an issue with the chosen encryption. Ensure that the LDAP-Server ' . ' supports LDAPS and that the LDAP-Client is configured to accept its certificate.'); } return $insp->error(sprintf('%s failed: %s', $msg, ldap_error($ds))); } $insp->write(sprintf($msg . ' successful')); // Try to execute a schema discovery this may fail if schema discovery is not supported try { $cap = LdapCapabilities::discoverCapabilities($this); $discovery = new Inspection('Discovery Results'); $discovery->write($cap->getVendor()); $version = $cap->getVersion(); if (isset($version)) { $discovery->write($version); } $discovery->write('Supports STARTTLS: ' . ($cap->hasStartTls() ? 'True' : 'False')); $discovery->write('Default naming context: ' . $cap->getDefaultNamingContext()); $insp->write($discovery); } catch (Exception $e) { $insp->write('Schema discovery not possible: ' . $e->getMessage()); } return $insp; }
/** * Inspect if this LDAP Connection is working as expected * * Check if connection, bind and encryption is working as expected and get additional * information about the used * * @return Inspection Inspection result */ public function inspect() { $insp = new Inspection('Ldap Connection'); // Try to connect to the server with the given connection parameters try { $ds = $this->prepareNewConnection($insp); } catch (Exception $e) { return $insp->error($e->getMessage()); } // Try a bind-command with the given user credentials, this must not fail $success = @ldap_bind($ds, $this->bindDn, $this->bindPw); $msg = sprintf('LDAP bind to %s:%s (%s / %s)', $this->hostname, $this->port, $this->bindDn, '***'); if (!$success) { return $insp->error(sprintf('%s failed: %s', $msg, ldap_error($ds))); } $insp->write(sprintf($msg . ' successful')); // Try to execute a schema discovery this may fail if schema discovery is not supported try { $cap = LdapCapabilities::discoverCapabilities($this); $discovery = new Inspection('Discovery Results'); $discovery->write($cap->getVendor()); $version = $cap->getVersion(); if (isset($version)) { $discovery->write($version); } $discovery->write('Supports STARTTLS: ' . ($cap->hasStartTls() ? 'True' : 'False')); $discovery->write('Default naming context: ' . $cap->getDefaultNamingContext()); $insp->write($discovery); } catch (Exception $e) { $insp->write('Schema discovery not possible: ' . $e->getMessage()); } return $insp; }
/** * Inspect if this LDAP User Backend is working as expected by probing the backend * and testing if thea uthentication is possible * * Try to bind to the backend and fetch a single user to check if: * <ul> * <li>Connection credentials are correct and the bind is possible</li> * <li>At least one user exists</li> * <li>The specified userClass has the property specified by userNameAttribute</li> * </ul> * * @return Inspection Inspection result */ public function inspect() { $result = new Inspection('Ldap User Backend'); // inspect the used connection to get more diagnostic info in case the connection is not working $result->write($this->ds->inspect()); try { try { $res = $this->select()->fetchRow(); } catch (LdapException $e) { throw new AuthenticationException('Connection not possible', $e); } $result->write('Searching for: ' . sprintf('objectClass "%s" in DN "%s" (Filter: %s)', $this->userClass, $this->baseDn ?: $this->ds->getDn(), $this->filter ?: 'None')); if ($res === false) { throw new AuthenticationException('Error, no users found in backend'); } $result->write(sprintf('%d users found in backend', $this->select()->count())); if (!isset($res->user_name)) { throw new AuthenticationException('UserNameAttribute "%s" not existing in objectClass "%s"', $this->userNameAttribute, $this->userClass); } } catch (AuthenticationException $e) { if (($previous = $e->getPrevious()) !== null) { $result->error($previous->getMessage()); } else { $result->error($e->getMessage()); } } catch (Exception $e) { $result->error(sprintf('Unable to validate authentication: %s', $e->getMessage())); } return $result; }
/** * Inspect this object to gain extended information about its health * * @return Inspection The inspection result */ public function inspect() { $insp = new Inspection('Db User Backend'); $insp->write($this->ds->inspect()); try { $users = $this->select()->where('is_active', true)->count(); if ($users > 1) { $insp->write(sprintf('%s active users', $users)); } else { return $insp->error('0 active users', $users); } } catch (Exception $e) { $insp->error(sprintf('Query failed: %s', $e->getMessage())); } return $insp; }