Examples with ChaiUser com.novell.ldapchai.ChaiUser used on opensource projects

Search in sources :

Example 1 with ChaiUser

use of com.novell.ldapchai.ChaiUser in project ldapchai by ldapchai.

the class WatchdogWrapper method checkForPwExpiration.

private boolean checkForPwExpiration(final ChaiProviderImplementor chaiProvider) {
    final boolean doPwExpCheck = chaiProvider.getChaiConfiguration().getBooleanSetting(ChaiSetting.WATCHDOG_DISABLE_IF_PW_EXPIRED);
    if (!doPwExpCheck) {
        return false;
    }
    LOGGER.trace("checking for user password expiration to adjust watchdog timeout id=" + getIdentifier());
    boolean userPwExpired;
    try {
        final String bindUserDN = chaiProvider.getChaiConfiguration().getSetting(ChaiSetting.BIND_DN);
        final ChaiUser bindUser = chaiProvider.getEntryFactory().newChaiUser(bindUserDN);
        userPwExpired = bindUser.isPasswordExpired();
    } catch (ChaiException e) {
        LOGGER.error("unexpected error attempting to read user password expiration value during" + " watchdog initialization, will assume expiration, id=" + this.getIdentifier() + ", error: " + e.getMessage());
        userPwExpired = true;
    }
    if (userPwExpired) {
        LOGGER.info("connection user account password is currently expired.  Disabling watchdog timeout. id=" + this.getIdentifier());
        return true;
    }
    return false;
}
Also used : ChaiUser(com.novell.ldapchai.ChaiUser) ChaiException(com.novell.ldapchai.exception.ChaiException)

Example 2 with ChaiUser

use of com.novell.ldapchai.ChaiUser in project ldapchai by ldapchai.

the class ChaiTester method testIsPasswordExpired.

public void testIsPasswordExpired() throws Exception {
    final ChaiEntry testContainer = TestHelper.createTestContainer();
    final String createDN = "cn=chaiPasswordExpiredTestUser," + testContainer.getEntryDN();
    final String createClass = "inetOrgPerson";
    final Map<String, String> createAttributes = new HashMap<String, String>();
    createAttributes.put("givenName", "GivenNameValue");
    createAttributes.put("sn", "SurnameValue");
    createAttributes.put("title", "test.Tester");
    createAttributes.put("mail", "est@test.test");
    // perform the create operation in eDirectory
    TestHelper.getProvider().createEntry(createDN, createClass, createAttributes);
    final ChaiUser theUser = ChaiFactory.createChaiUser(createDN, TestHelper.getProvider());
    if (theUser.isPasswordExpired()) {
        throw new Exception("password is expired, but shouldn't be");
    }
    theUser.setPassword("newPAssW04d!");
    theUser.writeStringAttribute(ChaiUser.ATTR_PASSWORD_EXPIRE_TIME, EdirEntries.convertDateToZulu(new Date()));
    if (!theUser.isPasswordExpired()) {
        Assert.fail("password should not be expired, but is");
    }
}
Also used : ChaiUser(com.novell.ldapchai.ChaiUser) ChaiEntry(com.novell.ldapchai.ChaiEntry) ChaiValidationException(com.novell.ldapchai.exception.ChaiValidationException)

Example 3 with ChaiUser

use of com.novell.ldapchai.ChaiUser in project ldapchai by ldapchai.

the class FailOverTester method testSingleServerRestart.

public void testSingleServerRestart() throws Exception {
    TestHelper.configureLogging();
    final InetSocketAddress destinationAddress = figureDestSocketAddress();
    final TcpProxy proxy1 = new TcpProxy(basePort + 1, destinationAddress);
    proxy1.start();
    final ChaiConfiguration testConfig = makeChaiConfig(figureUrlForProxy(proxy1));
    final ChaiProvider testProvider = ChaiProviderFactory.createProvider(testConfig);
    final ChaiEntry testContainer = TestHelper.createTestContainer(testProvider);
    final ChaiUser testUser = TestHelper.createNewTestUser(testContainer);
    TestHelper.doBasicNonDestructiveUserTest(testUser);
    proxy1.stop();
    TestHelper.pause(1000);
    // test to make sure we get errors
    boolean gotError = false;
    try {
        TestHelper.doBasicNonDestructiveUserTest(testUser);
    } catch (ChaiUnavailableException e) {
        System.out.println("got expected unavailable error: " + e.getMessage());
        gotError = true;
    }
    Assert.assertTrue(gotError);
    proxy1.start();
    TestHelper.pause(1000);
    TestHelper.doBasicNonDestructiveUserTest(testUser);
}
Also used : ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) ChaiUser(com.novell.ldapchai.ChaiUser) InetSocketAddress(java.net.InetSocketAddress) ChaiEntry(com.novell.ldapchai.ChaiEntry) TcpProxy(com.novell.ldapchai.tests.util.TcpProxy) ChaiConfiguration(com.novell.ldapchai.provider.ChaiConfiguration)

Example 4 with ChaiUser

use of com.novell.ldapchai.ChaiUser in project ldapchai by ldapchai.

the class AdvancedConnection method main.

public static void main(final String[] args) {
    // connection parameters
    String ldapURL = "ldap://ldaphost:389";
    String ldapBindDN = "cn=admin,ou=ou,o=o";
    String ldapBindPW = "password";
    // allocate a new ChaiConfiguration
    ChaiConfiguration chaiConfig = ChaiConfiguration.builder(ldapURL, ldapBindDN, ldapBindPW).setSetting(ChaiSetting.CR_CHAI_STORAGE_ATTRIBUTE, "title").setSetting(ChaiSetting.WATCHDOG_ENABLE, "false").setSetting(ChaiSetting.PROMISCUOUS_SSL, "true").setSetting(ChaiSetting.EDIRECTORY_ENABLE_NMAS, "true").build();
    try {
        // create a ChaiProviderFactory;
        ChaiProviderFactory chaiProviderFactory = ChaiProviderFactory.newProviderFactory();
        // create a ChaiProvider
        ChaiProvider provider = chaiProviderFactory.newProvider(chaiConfig);
        // create a ChaiProvider
        ChaiUser bindUser = provider.getEntryFactory().newChaiUser(ldapBindDN);
        // read the user's last name.
        String surname = bindUser.readStringAttribute(ChaiUser.ATTR_SURNAME);
        // read the bind user's surname
        System.out.println("surname = " + surname);
    } catch (ChaiUnavailableException e) {
        System.out.println("LDAP unreachable: " + e.getMessage());
    } catch (ChaiOperationException e) {
        System.out.println("LDAP error: " + e.getMessage());
    }
}
Also used : ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) ChaiUser(com.novell.ldapchai.ChaiUser) ChaiProviderFactory(com.novell.ldapchai.provider.ChaiProviderFactory) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException) ChaiConfiguration(com.novell.ldapchai.provider.ChaiConfiguration)

Example 5 with ChaiUser

use of com.novell.ldapchai.ChaiUser in project pwm by pwm-project.

the class LDAPStatusChecker method doLdapTestUserCheck.

@SuppressWarnings("checkstyle:MethodLength")
public List<HealthRecord> doLdapTestUserCheck(final Configuration config, final LdapProfile ldapProfile, final PwmApplication pwmApplication) {
    String testUserDN = ldapProfile.readSettingAsString(PwmSetting.LDAP_TEST_USER_DN);
    String proxyUserDN = ldapProfile.readSettingAsString(PwmSetting.LDAP_PROXY_USER_DN);
    final PasswordData proxyUserPW = ldapProfile.readSettingAsPassword(PwmSetting.LDAP_PROXY_USER_PASSWORD);
    final List<HealthRecord> returnRecords = new ArrayList<>();
    if (testUserDN == null || testUserDN.length() < 1) {
        return returnRecords;
    }
    try {
        testUserDN = ldapProfile.readCanonicalDN(pwmApplication, testUserDN);
        proxyUserDN = ldapProfile.readCanonicalDN(pwmApplication, proxyUserDN);
    } catch (PwmUnrecoverableException e) {
        final String msgString = e.getMessage();
        LOGGER.trace(SessionLabel.HEALTH_SESSION_LABEL, "unexpected error while testing test user (during object creation): message=" + msgString + " debug info: " + JavaHelper.readHostileExceptionMessage(e));
        returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserUnexpected, PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), msgString));
        return returnRecords;
    }
    if (proxyUserDN.equalsIgnoreCase(testUserDN)) {
        returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_ProxyTestSameUser, PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), PwmSetting.LDAP_PROXY_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE)));
        return returnRecords;
    }
    ChaiUser theUser = null;
    ChaiProvider chaiProvider = null;
    try {
        try {
            chaiProvider = LdapOperationsHelper.createChaiProvider(pwmApplication, SessionLabel.HEALTH_SESSION_LABEL, ldapProfile, config, proxyUserDN, proxyUserPW);
            theUser = chaiProvider.getEntryFactory().newChaiUser(testUserDN);
        } catch (ChaiUnavailableException e) {
            returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserUnavailable, PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), e.getMessage()));
            return returnRecords;
        } catch (Throwable e) {
            final String msgString = e.getMessage();
            LOGGER.trace(SessionLabel.HEALTH_SESSION_LABEL, "unexpected error while testing test user (during object creation): message=" + msgString + " debug info: " + JavaHelper.readHostileExceptionMessage(e));
            returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserUnexpected, PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), msgString));
            return returnRecords;
        }
        try {
            theUser.readObjectClass();
        } catch (ChaiException e) {
            returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserError, PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), e.getMessage()));
            return returnRecords;
        }
        LOGGER.trace(SessionLabel.HEALTH_SESSION_LABEL, "beginning process to check ldap test user password read/write operations for profile " + ldapProfile.getIdentifier());
        try {
            final boolean readPwdEnabled = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.EDIRECTORY_READ_USER_PWD) && theUser.getChaiProvider().getDirectoryVendor() == DirectoryVendor.EDIRECTORY;
            if (readPwdEnabled) {
                try {
                    theUser.readPassword();
                } catch (Exception e) {
                    LOGGER.debug(SessionLabel.HEALTH_SESSION_LABEL, "error reading user password from directory " + e.getMessage());
                    returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserReadPwError, PwmSetting.EDIRECTORY_READ_USER_PWD.toMenuLocationDebug(null, PwmConstants.DEFAULT_LOCALE), PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), e.getMessage()));
                    return returnRecords;
                }
            } else {
                final Locale locale = PwmConstants.DEFAULT_LOCALE;
                final UserIdentity userIdentity = new UserIdentity(testUserDN, ldapProfile.getIdentifier());
                final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, null, userIdentity, theUser, locale);
                boolean doPasswordChange = true;
                final int minLifetimeSeconds = passwordPolicy.getRuleHelper().readIntValue(PwmPasswordRule.MinimumLifetime);
                if (minLifetimeSeconds > 0) {
                    final Instant pwdLastModified = PasswordUtility.determinePwdLastModified(pwmApplication, SessionLabel.HEALTH_SESSION_LABEL, userIdentity);
                    final PasswordStatus passwordStatus;
                    {
                        final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmApplication, SessionLabel.HEALTH_SESSION_LABEL, locale, userIdentity, chaiProvider);
                        passwordStatus = userInfo.getPasswordStatus();
                    }
                    {
                        final boolean withinMinLifetime = PasswordUtility.isPasswordWithinMinimumLifetimeImpl(theUser, SessionLabel.HEALTH_SESSION_LABEL, passwordPolicy, pwdLastModified, passwordStatus);
                        if (withinMinLifetime) {
                            LOGGER.trace(SessionLabel.HEALTH_SESSION_LABEL, "skipping test user password set due to password being within minimum lifetime");
                            doPasswordChange = false;
                        }
                    }
                }
                if (doPasswordChange) {
                    final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword(null, passwordPolicy, pwmApplication);
                    try {
                        theUser.setPassword(newPassword.getStringValue());
                        LOGGER.debug(SessionLabel.HEALTH_SESSION_LABEL, "set random password on test user " + userIdentity.toDisplayString());
                    } catch (ChaiException e) {
                        returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserWritePwError, PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), e.getMessage()));
                        return returnRecords;
                    }
                }
            }
        } catch (Exception e) {
            final String msg = "error setting test user password: " + JavaHelper.readHostileExceptionMessage(e);
            LOGGER.error(SessionLabel.HEALTH_SESSION_LABEL, msg, e);
            returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserUnexpected, PwmSetting.LDAP_TEST_USER_DN.toMenuLocationDebug(ldapProfile.getIdentifier(), PwmConstants.DEFAULT_LOCALE), msg));
            return returnRecords;
        }
        try {
            final UserIdentity userIdentity = new UserIdentity(theUser.getEntryDN(), ldapProfile.getIdentifier());
            final UserInfo userInfo = UserInfoFactory.newUserInfo(pwmApplication, SessionLabel.HEALTH_SESSION_LABEL, PwmConstants.DEFAULT_LOCALE, userIdentity, chaiProvider);
            userInfo.getPasswordStatus();
            userInfo.getAccountExpirationTime();
            userInfo.getResponseInfoBean();
            userInfo.getPasswordPolicy();
            userInfo.getChallengeProfile();
            userInfo.getProfileIDs();
            userInfo.getOtpUserRecord();
            userInfo.getUserGuid();
            userInfo.getUsername();
            userInfo.getUserEmailAddress();
            userInfo.getUserSmsNumber();
        } catch (PwmUnrecoverableException e) {
            returnRecords.add(new HealthRecord(HealthStatus.WARN, makeLdapTopic(ldapProfile, config), "unable to read test user data: " + e.getMessage()));
            return returnRecords;
        }
    } finally {
        if (chaiProvider != null) {
            try {
                chaiProvider.close();
            } catch (Exception e) {
            // ignore
            }
        }
    }
    returnRecords.add(HealthRecord.forMessage(HealthMessage.LDAP_TestUserOK, ldapProfile.getDisplayName(PwmConstants.DEFAULT_LOCALE)));
    return returnRecords;
}
Also used : Locale(java.util.Locale) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) UserIdentity(password.pwm.bean.UserIdentity) Instant(java.time.Instant) ArrayList(java.util.ArrayList) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) UserInfo(password.pwm.ldap.UserInfo) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiException(com.novell.ldapchai.exception.ChaiException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) MalformedURLException(java.net.MalformedURLException) UnknownHostException(java.net.UnknownHostException) ChaiUser(com.novell.ldapchai.ChaiUser) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) PasswordData(password.pwm.util.PasswordData) PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy) PasswordStatus(password.pwm.bean.PasswordStatus) ChaiException(com.novell.ldapchai.exception.ChaiException)

Aggregations

ChaiUser (com.novell.ldapchai.ChaiUser)69 ErrorInformation (password.pwm.error.ErrorInformation)38 UserIdentity (password.pwm.bean.UserIdentity)30 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)27 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)25 PwmOperationalException (password.pwm.error.PwmOperationalException)23 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)21 ChaiException (com.novell.ldapchai.exception.ChaiException)18 ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)18 PwmApplication (password.pwm.PwmApplication)16 PwmSession (password.pwm.http.PwmSession)12 UserInfo (password.pwm.ldap.UserInfo)12 Instant (java.time.Instant)10 FormConfiguration (password.pwm.config.value.data.FormConfiguration)10 PasswordData (password.pwm.util.PasswordData)10 MacroMachine (password.pwm.util.macro.MacroMachine)10 ArrayList (java.util.ArrayList)9 List (java.util.List)9 LdapProfile (password.pwm.config.profile.LdapProfile)9 Locale (java.util.Locale)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial