Examples with ChaiOperationException com.novell.ldapchai.exception.ChaiOperationException used on opensource projects

Example 56 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project pwm by pwm-project.

the class ChangePasswordServletUtil method validateParamsAgainstLDAP.

static void validateParamsAgainstLDAP(final Map<FormConfiguration, String> formValues, final PwmSession pwmSession, final ChaiUser theUser) throws ChaiUnavailableException, PwmDataValidationException {
    for (final Map.Entry<FormConfiguration, String> entry : formValues.entrySet()) {
        final FormConfiguration formItem = entry.getKey();
        final String attrName = formItem.getName();
        final String value = entry.getValue();
        try {
            if (!theUser.compareStringAttribute(attrName, value)) {
                final String errorMsg = "incorrect value for '" + attrName + "'";
                final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, errorMsg, new String[] { attrName });
                LOGGER.debug(pwmSession, errorInfo.toDebugStr());
                throw new PwmDataValidationException(errorInfo);
            }
            LOGGER.trace(pwmSession, "successful validation of ldap value for '" + attrName + "'");
        } catch (ChaiOperationException e) {
            LOGGER.error(pwmSession, "error during param validation of '" + attrName + "', error: " + e.getMessage());
            throw new PwmDataValidationException(new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, "ldap error testing value for '" + attrName + "'", new String[] { attrName }));
        }
    }
}

Example 57 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project pwm by pwm-project.

the class ActivateUserUtils method activateUser.

@SuppressFBWarnings("SE_BAD_FIELD")
static void activateUser(final PwmRequest pwmRequest, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Configuration config = pwmApplication.getConfig();
    final ChaiUser theUser = pwmApplication.getProxiedChaiUser(userIdentity);
    if (config.readSettingAsBoolean(PwmSetting.ACTIVATE_USER_UNLOCK)) {
        try {
            theUser.unlockPassword();
        } catch (ChaiOperationException e) {
            final String errorMsg = "error unlocking user " + userIdentity + ": " + e.getMessage();
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_ACTIVATION_FAILURE, errorMsg);
            throw new PwmOperationalException(errorInformation);
        }
    }
    try {
        {
            // execute configured actions
            LOGGER.debug(pwmSession.getLabel(), "executing configured pre-actions to user " + theUser.getEntryDN());
            final List<ActionConfiguration> configValues = config.readSettingAsAction(PwmSetting.ACTIVATE_USER_PRE_WRITE_ATTRIBUTES);
            if (configValues != null && !configValues.isEmpty()) {
                final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest, userIdentity);
                final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings(pwmApplication, userIdentity).setExpandPwmMacros(true).setMacroMachine(macroMachine).createActionExecutor();
                actionExecutor.executeActions(configValues, pwmRequest.getSessionLabel());
            }
        }
        // authenticate the pwm session
        final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(pwmApplication, pwmSession, PwmAuthenticationSource.USER_ACTIVATION);
        sessionAuthenticator.authUserWithUnknownPassword(userIdentity, AuthenticationType.AUTH_FROM_PUBLIC_MODULE);
        // ensure a change password is triggered
        pwmSession.getLoginInfoBean().setType(AuthenticationType.AUTH_FROM_PUBLIC_MODULE);
        pwmSession.getLoginInfoBean().getAuthFlags().add(AuthenticationType.AUTH_FROM_PUBLIC_MODULE);
        pwmSession.getLoginInfoBean().getLoginFlags().add(LoginInfoBean.LoginFlag.forcePwChange);
        // mark the event log
        pwmApplication.getAuditManager().submit(AuditEvent.ACTIVATE_USER, pwmSession.getUserInfo(), pwmSession);
        // update the stats bean
        pwmApplication.getStatisticsManager().incrementValue(Statistic.ACTIVATED_USERS);
        // send email or sms
        sendPostActivationNotice(pwmRequest);
        // setup post-change attributes
        final PostChangePasswordAction postAction = new PostChangePasswordAction() {

            public String getLabel() {
                return "ActivateUser write attributes";
            }

            public boolean doAction(final PwmSession pwmSession, final String newPassword) throws PwmUnrecoverableException {
                try {
                    {
                        // execute configured actions
                        LOGGER.debug(pwmSession.getLabel(), "executing post-activate configured actions to user " + userIdentity.toDisplayString());
                        final MacroMachine macroMachine = pwmSession.getSessionManager().getMacroMachine(pwmApplication);
                        final List<ActionConfiguration> configValues = pwmApplication.getConfig().readSettingAsAction(PwmSetting.ACTIVATE_USER_POST_WRITE_ATTRIBUTES);
                        final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings(pwmApplication, userIdentity).setExpandPwmMacros(true).setMacroMachine(macroMachine).createActionExecutor();
                        actionExecutor.executeActions(configValues, pwmRequest.getSessionLabel());
                    }
                } catch (PwmOperationalException e) {
                    final ErrorInformation info = new ErrorInformation(PwmError.ERROR_ACTIVATION_FAILURE, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues());
                    final PwmUnrecoverableException newException = new PwmUnrecoverableException(info);
                    newException.initCause(e);
                    throw newException;
                } catch (ChaiUnavailableException e) {
                    final String errorMsg = "unable to reach ldap server while writing post-activate attributes: " + e.getMessage();
                    final ErrorInformation info = new ErrorInformation(PwmError.ERROR_ACTIVATION_FAILURE, errorMsg);
                    final PwmUnrecoverableException newException = new PwmUnrecoverableException(info);
                    newException.initCause(e);
                    throw newException;
                }
                return true;
            }
        };
        pwmSession.getUserSessionDataCacheBean().addPostChangePasswordActions("activateUserWriteAttributes", postAction);
    } catch (ImpossiblePasswordPolicyException e) {
        final ErrorInformation info = new ErrorInformation(PwmError.ERROR_UNKNOWN, "unexpected ImpossiblePasswordPolicyException error while activating user");
        LOGGER.warn(pwmSession, info, e);
        throw new PwmOperationalException(info);
    }
}

Example 58 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project ldapchai by ldapchai.

the class ChaiResponseSet method write.

boolean write(final ChaiUser user) throws ChaiUnavailableException, ChaiOperationException {
    if (this.state != STATE.NEW) {
        throw new IllegalStateException("ResponseSet not suitable for writing (not in NEW state)");
    }
    final String corAttribute = user.getChaiProvider().getChaiConfiguration().getSetting(ChaiSetting.CR_CHAI_STORAGE_ATTRIBUTE);
    final String corRecordIdentifier = user.getChaiProvider().getChaiConfiguration().getSetting(ChaiSetting.CR_CHAI_STORAGE_RECORD_ID);
    try {
        final ConfigObjectRecord theCor;
        final List<ConfigObjectRecord> corList = ConfigObjectRecord.readRecordFromLDAP(user, corAttribute, corRecordIdentifier, null, null);
        if (!corList.isEmpty()) {
            theCor = corList.get(0);
        } else {
            theCor = ConfigObjectRecord.createNew(user, corAttribute, corRecordIdentifier, null, null);
        }
        final String attributePaylod = rsToChaiXML(this);
        theCor.updatePayload(attributePaylod);
    } catch (ChaiOperationException e) {
        LOGGER.warn("ldap error writing response set: " + e.getMessage());
        throw e;
    } catch (ChaiValidationException e) {
        LOGGER.warn("validation error", e);
        throw new ChaiOperationException(e.getMessage(), ChaiError.UNKNOWN);
    }
    LOGGER.info("successfully wrote Chai challenge/response set for user " + user.getEntryDN());
    this.state = STATE.WRITTEN;
    return true;
}

Example 59 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project ldapchai by ldapchai.

the class UserImpl method setPassword.

public void setPassword(final String newPassword, final boolean enforcePasswordPolicy) throws ChaiUnavailableException, ChaiPasswordPolicyException, ChaiOperationException {
    final String quotedPwd = '"' + newPassword + '"';
    final byte[] littleEndianEncodedPwd;
    try {
        littleEndianEncodedPwd = quotedPwd.getBytes("UTF-16LE");
    } catch (UnsupportedEncodingException e) {
        throw new IllegalStateException("unexpected error, missing 'UTF-16LE' character encoder", e);
    }
    final byte[][] multiBA = new byte[][] { littleEndianEncodedPwd };
    try {
        if (enforcePasswordPolicy && this.getChaiProvider().getChaiConfiguration().getBooleanSetting(ChaiSetting.AD_SET_POLICY_HINTS_ON_PW_SET)) {
            // 0x1 berEncoded
            final byte[] value = { 48, (byte) 132, 0, 0, 0, 3, 2, 1, 1 };
            final ChaiRequestControl[] controls = new ChaiRequestControl[] { new ChaiRequestControl(LDAP_SERVER_POLICY_HINTS_OID, true, value) };
            chaiProvider.writeBinaryAttribute(this.getEntryDN(), "unicodePwd", multiBA, true, controls);
        } else {
            writeBinaryAttribute("unicodePwd", multiBA);
        }
    } catch (ChaiOperationException e) {
        if (e.getErrorCode() == ChaiError.UNKNOWN) {
            throw new ChaiOperationException(e.getMessage(), ChaiError.PASSWORD_BADPASSWORD);
        } else {
            throw e;
        }
    }
}

Example 60 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project ldapchai by ldapchai.

the class UserImpl method changePassword.

public final void changePassword(final String oldPassword, final String newPassword) throws ChaiUnavailableException, ChaiPasswordPolicyException, ChaiOperationException {
    final String quotedOldPwd = '"' + oldPassword + '"';
    final String quotedNewPwd = '"' + newPassword + '"';
    final byte[] littleEndianEncodedOldPwd;
    final byte[] littleEndianEncodedNewPwd;
    try {
        littleEndianEncodedOldPwd = quotedOldPwd.getBytes("UTF-16LE");
        littleEndianEncodedNewPwd = quotedNewPwd.getBytes("UTF-16LE");
    } catch (UnsupportedEncodingException e) {
        throw new IllegalStateException("unexpected error, missing 'UTF-16LE' character encoder", e);
    }
    try {
        replaceBinaryAttribute("unicodePwd", littleEndianEncodedOldPwd, littleEndianEncodedNewPwd);
    } catch (ChaiOperationException e) {
        if (e.getErrorCode() == ChaiError.UNKNOWN) {
            throw new ChaiPasswordPolicyException(e.getMessage(), ChaiError.PASSWORD_BADPASSWORD);
        } else {
            throw new ChaiPasswordPolicyException(e.getMessage(), ChaiErrors.getErrorForMessage(e.getMessage()));
        }
    }
}