Example 41 with ChaiUnavailableException
use of com.novell.ldapchai.exception.ChaiUnavailableException in project pwm by pwm-project.
the class PwmIfTag method doStartTag.
@Override
public int doStartTag() throws JspException {
boolean showBody = false;
if (PwmApplicationMode.determineMode((HttpServletRequest) pageContext.getRequest()) != PwmApplicationMode.ERROR) {
if (test != null) {
try {
final PwmRequest pwmRequest = PwmRequest.forRequest((HttpServletRequest) pageContext.getRequest(), (HttpServletResponse) pageContext.getResponse());
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmIfTest testEnum = test;
if (testEnum != null) {
try {
final PwmIfOptions options = new PwmIfOptions(negate, permission, setting, requestFlag);
showBody = testEnum.passed(pwmRequest, options);
} catch (ChaiUnavailableException e) {
LOGGER.error("error testing jsp if '" + testEnum.toString() + "', error: " + e.getMessage());
}
} else {
final String errorMsg = "unknown test name '" + test + "' in pwm:If jsp tag!";
LOGGER.warn(pwmSession, errorMsg);
}
} catch (PwmUnrecoverableException e) {
LOGGER.error("error executing PwmIfTag for test '" + test + "', error: " + e.getMessage());
}
}
}
if (negate) {
showBody = !showBody;
}
return showBody ? EVAL_BODY_INCLUDE : SKIP_BODY;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
PwmRequest(password.pwm.http.PwmRequest)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmSession(password.pwm.http.PwmSession)
Example 42 with ChaiUnavailableException
use of com.novell.ldapchai.exception.ChaiUnavailableException in project pwm by pwm-project.
the class TokenService method processUserEnteredCodeImpl.
private TokenPayload processUserEnteredCodeImpl(final PwmSession pwmSession, final UserIdentity sessionUserIdentity, final TokenType tokenType, final String userEnteredCode) throws PwmOperationalException, PwmUnrecoverableException {
final TokenPayload tokenPayload;
try {
tokenPayload = pwmApplication.getTokenService().retrieveTokenData(pwmSession.getLabel(), userEnteredCode);
} catch (PwmOperationalException e) {
final String errorMsg = "unexpected error attempting to read token from storage: " + e.getErrorInformation().toDebugStr();
throw new PwmOperationalException(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
}
if (tokenPayload == null) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, "token not found");
throw new PwmOperationalException(errorInformation);
}
LOGGER.trace(pwmSession, "retrieved tokenPayload: " + tokenPayload.toDebugString());
if (tokenType != null && pwmApplication.getTokenService().supportsName()) {
if (!tokenType.matchesName(tokenPayload.getName())) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, "incorrect token/name format");
throw new PwmOperationalException(errorInformation);
}
}
// check current session identity
if (tokenPayload.getUserIdentity() != null && sessionUserIdentity != null) {
if (!tokenPayload.getUserIdentity().canonicalEquals(sessionUserIdentity, pwmApplication)) {
final String errorMsg = "user in session '" + sessionUserIdentity + "' entered code for user '" + tokenPayload.getUserIdentity() + "', counting as invalid attempt";
throw new PwmOperationalException(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
}
}
// check if password-last-modified is same as when tried to read it before.
if (verifyPwModifyTime && tokenPayload.getUserIdentity() != null && tokenPayload.getData() != null && tokenPayload.getData().containsKey(PwmConstants.TOKEN_KEY_PWD_CHG_DATE)) {
try {
final Instant userLastPasswordChange = PasswordUtility.determinePwdLastModified(pwmApplication, pwmSession.getLabel(), tokenPayload.getUserIdentity());
final String dateStringInToken = tokenPayload.getData().get(PwmConstants.TOKEN_KEY_PWD_CHG_DATE);
LOGGER.trace(pwmSession, "tokenPayload=" + tokenPayload.toDebugString() + ", sessionUser=" + (sessionUserIdentity == null ? "null" : sessionUserIdentity.toDisplayString()) + ", payloadUserIdentity=" + tokenPayload.getUserIdentity().toDisplayString() + ", userLastPasswordChange=" + JavaHelper.toIsoDate(userLastPasswordChange) + ", dateStringInToken=" + dateStringInToken);
if (userLastPasswordChange != null && dateStringInToken != null) {
final String userChangeString = JavaHelper.toIsoDate(userLastPasswordChange);
if (!dateStringInToken.equalsIgnoreCase(userChangeString)) {
final String errorString = "user password has changed since token issued, token rejected;" + " currentValue=" + userChangeString + ", tokenValue=" + dateStringInToken;
LOGGER.trace(pwmSession, errorString + "; token=" + tokenPayload.toDebugString());
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_EXPIRED, errorString);
throw new PwmOperationalException(errorInformation);
}
}
} catch (ChaiUnavailableException | PwmUnrecoverableException e) {
final String errorMsg = "unexpected error reading user's last password change time while validating token: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
throw new PwmOperationalException(errorInformation);
}
}
LOGGER.debug(pwmSession, "token validation has been passed");
return tokenPayload;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
Instant(java.time.Instant)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 43 with ChaiUnavailableException
use of com.novell.ldapchai.exception.ChaiUnavailableException in project pwm by pwm-project.
the class PeopleSearchDataReader method figurePhotoURL.
private String figurePhotoURL(final PwmRequest pwmRequest, final UserIdentity userIdentity) throws PwmUnrecoverableException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final boolean enabled = peopleSearchConfiguration.isPhotosEnabled(pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel());
if (!enabled) {
LOGGER.debug(pwmRequest, "detailed user data lookup for " + userIdentity.toString() + ", failed photo query filter, denying photo view");
return null;
}
final String overrideURL = peopleSearchConfiguration.getPhotoUrlOverride(userIdentity);
try {
if (overrideURL != null && !overrideURL.isEmpty()) {
final MacroMachine macroMachine = getMacroMachine(userIdentity);
return macroMachine.expandMacros(overrideURL);
}
try {
readPhotoDataFromLdap(userIdentity);
} catch (PwmOperationalException e) {
LOGGER.debug(pwmRequest, "determined " + userIdentity + " does not have photo data available while generating detail data");
return null;
}
} catch (ChaiUnavailableException e) {
throw PwmUnrecoverableException.fromChaiException(e);
}
String returnUrl = pwmRequest.getURLwithoutQueryString();
returnUrl = PwmURL.appendAndEncodeUrlParameters(returnUrl, PwmConstants.PARAM_ACTION_REQUEST, PeopleSearchServlet.PeopleSearchActions.photo.name());
returnUrl = PwmURL.appendAndEncodeUrlParameters(returnUrl, PwmConstants.PARAM_USERKEY, userIdentity.toObfuscatedKey(pwmApplication));
return returnUrl;
}
Also used :
PwmApplication(password.pwm.PwmApplication)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
MacroMachine(password.pwm.util.macro.MacroMachine)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 44 with ChaiUnavailableException
use of com.novell.ldapchai.exception.ChaiUnavailableException in project pwm by pwm-project.
the class SimpleLdapAuthenticator method authenticateUser.
public static AuthenticationResult authenticateUser(final PwmApplication pwmApplication, final SessionLabel sessionLabel, final UserIdentity userIdentity, final PasswordData password) throws PwmUnrecoverableException {
final AuthenticationRequest authEngine = LDAPAuthenticationRequest.createLDAPAuthenticationRequest(pwmApplication, sessionLabel, userIdentity, AuthenticationType.AUTHENTICATED, PwmAuthenticationSource.BASIC_AUTH);
final AuthenticationResult authResult;
try {
authResult = authEngine.authenticateUser(password);
} catch (ChaiUnavailableException e) {
throw PwmUnrecoverableException.fromChaiException(e);
} catch (PwmOperationalException e) {
throw new PwmUnrecoverableException(e.getErrorInformation());
}
if (authResult.getAuthenticationType() == AuthenticationType.AUTHENTICATED) {
return authResult;
}
return null;
}
Also used :
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 45 with ChaiUnavailableException
use of com.novell.ldapchai.exception.ChaiUnavailableException in project pwm by pwm-project.
the class SchemaManager method implForChaiProvider.
protected static SchemaExtender implForChaiProvider(final ChaiProvider chaiProvider) throws PwmUnrecoverableException {
if (!chaiProvider.isConnected()) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, "provider is not connected"));
}
try {
if (chaiProvider.getDirectoryVendor() != DirectoryVendor.EDIRECTORY) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, "directory vendor is not supported"));
}
final List<String> urls = chaiProvider.getChaiConfiguration().bindURLsAsList();
if (urls.size() > 1) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, "provider used for schema extension must have only a single ldap url defined"));
}
final DirectoryVendor vendor = chaiProvider.getDirectoryVendor();
final Class<? extends SchemaExtender> implClass = IMPLEMENTATIONS.get(vendor);
final SchemaExtender schemaExtenderImpl = implClass.newInstance();
schemaExtenderImpl.init(chaiProvider);
return schemaExtenderImpl;
} catch (ChaiUnavailableException e) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, e.getMessage()));
} catch (Exception e) {
final String errorMsg = "error instantiating schema extender: " + e.getMessage();
LOGGER.error(errorMsg);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg));
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
DirectoryVendor(com.novell.ldapchai.provider.DirectoryVendor)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
Aggregations
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)76
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)51
ErrorInformation (password.pwm.error.ErrorInformation)37
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)32
PwmOperationalException (password.pwm.error.PwmOperationalException)25
IOException (java.io.IOException)22
ChaiUser (com.novell.ldapchai.ChaiUser)20
PwmException (password.pwm.error.PwmException)16
UserIdentity (password.pwm.bean.UserIdentity)15
ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)13
PwmApplication (password.pwm.PwmApplication)12
LinkedHashMap (java.util.LinkedHashMap)11
ServletException (javax.servlet.ServletException)10
Configuration (password.pwm.config.Configuration)10
Instant (java.time.Instant)9
HashMap (java.util.HashMap)8
ArrayList (java.util.ArrayList)7
List (java.util.List)7
FormConfiguration (password.pwm.config.value.data.FormConfiguration)7
ChaiException (com.novell.ldapchai.exception.ChaiException)6
