Search in sources :

Example 16 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project pwm by pwm-project.

the class LdapOperationsHelper method updateLastPasswordUpdateAttribute.

/**
 * Update the user's "lastUpdated" attribute. By default this is
 * "pwmLastUpdate" attribute
 *
 * @param userIdentity ldap user to operate on
 * @return true if successful;
 * @throws com.novell.ldapchai.exception.ChaiUnavailableException if the
 *                                                                directory is unavailable
 */
public static boolean updateLastPasswordUpdateAttribute(final PwmApplication pwmApplication, final SessionLabel sessionLabel, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmUnrecoverableException {
    final ChaiUser theUser = pwmApplication.getProxiedChaiUser(userIdentity);
    boolean success = false;
    final LdapProfile ldapProfile = pwmApplication.getConfig().getLdapProfiles().get(userIdentity.getLdapProfileID());
    final String updateAttribute = ldapProfile.readSettingAsString(PwmSetting.PASSWORD_LAST_UPDATE_ATTRIBUTE);
    if (updateAttribute != null && updateAttribute.length() > 0) {
        try {
            theUser.writeDateAttribute(updateAttribute, Instant.now());
            LOGGER.debug(sessionLabel, "wrote pwdLastModified update attribute for " + theUser.getEntryDN());
            success = true;
        } catch (ChaiOperationException e) {
            LOGGER.debug(sessionLabel, "error writing update attribute for user '" + theUser.getEntryDN() + "' " + e.getMessage());
        }
    }
    return success;
}
Also used : ChaiUser(com.novell.ldapchai.ChaiUser) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException) LdapProfile(password.pwm.config.profile.LdapProfile)

Example 17 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project pwm by pwm-project.

the class LDAPAuthenticationRequest method setTempUserPassword.

private PasswordData setTempUserPassword() throws ChaiUnavailableException, ImpossiblePasswordPolicyException, PwmUnrecoverableException {
    final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
    final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
    final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser(userIdentity.getUserDN());
    // try setting a random password on the account to authenticate.
    if (!configAlwaysUseProxy && requestedAuthType == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
        log(PwmLogLevel.DEBUG, "attempting to set temporary random password");
        final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, sessionLabel, userIdentity, chaiUser, PwmConstants.DEFAULT_LOCALE);
        // create random password for user
        final RandomPasswordGenerator.RandomGeneratorConfig randomGeneratorConfig = RandomPasswordGenerator.RandomGeneratorConfig.builder().seedlistPhrases(RandomPasswordGenerator.DEFAULT_SEED_PHRASES).passwordPolicy(passwordPolicy).build();
        final PasswordData currentPass = RandomPasswordGenerator.createRandomPassword(sessionLabel, randomGeneratorConfig, pwmApplication);
        try {
            final String oracleDSPrePasswordAllowChangeTime = oraclePreTemporaryPwHandler(chaiProvider, chaiUser);
            // write the random password for the user.
            chaiUser.setPassword(currentPass.getStringValue());
            oraclePostTemporaryPwHandler(chaiProvider, chaiUser, oracleDSPrePasswordAllowChangeTime);
            log(PwmLogLevel.INFO, "user " + userIdentity + " password has been set to random value to use for user authentication");
        } catch (ChaiOperationException e) {
            final String errorStr = "error setting random password for user " + userIdentity + " " + e.getMessage();
            log(PwmLogLevel.ERROR, errorStr);
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
        }
        return currentPass;
    }
    return null;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) ChaiUser(com.novell.ldapchai.ChaiUser) PasswordData(password.pwm.util.PasswordData) PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy) RandomPasswordGenerator(password.pwm.util.RandomPasswordGenerator) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)

Example 18 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project pwm by pwm-project.

the class EdirSchemaExtender method readSchemaAttributes.

private Map<String, SchemaParser> readSchemaAttributes() throws ChaiUnavailableException, ChaiOperationException {
    final Map<String, SchemaParser> returnObj = new LinkedHashMap<>();
    final Set<String> valuesFromLdap = schemaEntry.readMultiStringAttribute(LDAP_SCHEMA_ATTR_ATTRS);
    for (final String key : valuesFromLdap) {
        SchemaParser schemaParser = null;
        try {
            schemaParser = new SchemaParser(key);
        } catch (Exception e) {
            LOGGER.error("error parsing schema attribute definition: " + e.getMessage());
        }
        if (schemaParser != null) {
            for (final String attrName : schemaParser.getNames()) {
                returnObj.put(attrName, schemaParser);
            }
        }
    }
    return returnObj;
}
Also used : SchemaParser(com.novell.ldap.client.SchemaParser) IOException(java.io.IOException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException) LinkedHashMap(java.util.LinkedHashMap)

Example 19 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project pwm by pwm-project.

the class EdirSchemaExtender method execute.

private void execute(final boolean readOnly) throws PwmUnrecoverableException {
    activityLog.delete(0, activityLog.length());
    logActivity("connecting to " + schemaEntry.getChaiProvider().getChaiConfiguration().bindURLsAsList().iterator().next());
    stateMap.clear();
    try {
        final Map<String, SchemaParser> existingAttrs = readSchemaAttributes();
        for (final SchemaDefinition schemaDefinition : SchemaDefinition.getPwmSchemaDefinitions()) {
            if (schemaDefinition.getSchemaType() == SchemaDefinition.SchemaType.attribute) {
                checkAttribute(readOnly, schemaDefinition, existingAttrs);
            }
        }
        final Map<String, SchemaParser> existingObjectclasses = readSchemaObjectclasses();
        for (final SchemaDefinition schemaDefinition : SchemaDefinition.getPwmSchemaDefinitions()) {
            if (schemaDefinition.getSchemaType() == SchemaDefinition.SchemaType.objectclass) {
                checkObjectclass(readOnly, schemaDefinition, existingObjectclasses);
            }
        }
    } catch (ChaiUnavailableException e) {
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, e.getMessage()));
    } catch (ChaiOperationException e) {
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, e.getMessage()));
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException) SchemaParser(com.novell.ldap.client.SchemaParser)

Example 20 with ChaiOperationException

use of com.novell.ldapchai.exception.ChaiOperationException in project pwm by pwm-project.

the class EdirSchemaExtender method checkObjectclass.

private void checkObjectclass(final boolean readOnly, final SchemaDefinition schemaDefinition, final Map<String, SchemaParser> existingAttrs) throws ChaiUnavailableException {
    final String name = schemaDefinition.getName();
    if (existingAttrs.containsKey(name)) {
        final SchemaParser existingValue = existingAttrs.get(name);
        logActivity("objectclass '" + name + "' exists");
        final boolean objectclassIsCorrect = checkObjectclassCorrectness(schemaDefinition, existingValue);
        stateMap.put(name, objectclassIsCorrect ? SchemaDefinition.State.correct : SchemaDefinition.State.incorrect);
        if (!readOnly && !objectclassIsCorrect) {
            logActivity("beginning update for objectclass '" + name + "'");
            try {
                schemaEntry.replaceAttribute(LDAP_SCHEMA_ATTR_CLASSES, existingValue.getRawString(), schemaDefinition.getDefinition());
                logActivity("+ objectclass '" + name + "' has been modified");
                stateMap.put(name, SchemaDefinition.State.correct);
            } catch (ChaiOperationException e) {
                logActivity("error while updating objectclass definition '" + name + "', error: " + e.getMessage());
            }
        }
    } else {
        logActivity("objectclass '" + name + "' does not exist");
        stateMap.put(name, SchemaDefinition.State.missing);
        if (!readOnly) {
            logActivity("beginning add for objectclass '" + name + "'");
            try {
                schemaEntry.addAttribute(LDAP_SCHEMA_ATTR_CLASSES, schemaDefinition.getDefinition());
                logActivity("+ objectclass '" + name + "' has been added");
                stateMap.put(name, SchemaDefinition.State.correct);
            } catch (ChaiOperationException e) {
                logActivity("error while updating objectclass definition '" + name + "', error: " + e.getMessage());
            }
        }
    }
}
Also used : ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException) SchemaParser(com.novell.ldap.client.SchemaParser)

Aggregations

ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)66 ErrorInformation (password.pwm.error.ErrorInformation)31 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)28 ChaiUser (com.novell.ldapchai.ChaiUser)24 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)21 UserIdentity (password.pwm.bean.UserIdentity)16 PwmOperationalException (password.pwm.error.PwmOperationalException)15 Map (java.util.Map)12 ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)11 IOException (java.io.IOException)10 HashMap (java.util.HashMap)10 LinkedHashMap (java.util.LinkedHashMap)10 PwmApplication (password.pwm.PwmApplication)10 LdapProfile (password.pwm.config.profile.LdapProfile)10 FormConfiguration (password.pwm.config.value.data.FormConfiguration)9 List (java.util.List)8 PwmSession (password.pwm.http.PwmSession)8 UnsupportedEncodingException (java.io.UnsupportedEncodingException)7 ChaiPasswordPolicyException (com.novell.ldapchai.exception.ChaiPasswordPolicyException)6 Instant (java.time.Instant)6