Examples with ChaiSetting com.novell.ldapchai.provider.ChaiSetting used on opensource projects

Search in sources :

Example 1 with ChaiSetting

use of com.novell.ldapchai.provider.ChaiSetting in project pwm by pwm-project.

the class LdapOperationsHelper method createChaiConfiguration.

public static ChaiConfiguration createChaiConfiguration(final Configuration config, final LdapProfile ldapProfile, final List<String> ldapURLs, final String userDN, final PasswordData userPassword) throws PwmUnrecoverableException {
    final ChaiConfiguration.ChaiConfigurationBuilder configBuilder = ChaiConfiguration.builder(ldapURLs, userDN, userPassword == null ? null : userPassword.getStringValue());
    configBuilder.setSetting(ChaiSetting.PROMISCUOUS_SSL, config.readAppProperty(AppProperty.LDAP_PROMISCUOUS_ENABLE));
    {
        final boolean enableNmasExtensions = Boolean.parseBoolean(config.readAppProperty(AppProperty.LDAP_EXTENSIONS_NMAS_ENABLE));
        configBuilder.setSetting(ChaiSetting.EDIRECTORY_ENABLE_NMAS, Boolean.toString(enableNmasExtensions));
    }
    configBuilder.setSetting(ChaiSetting.CR_CHAI_STORAGE_ATTRIBUTE, ldapProfile.readSettingAsString(PwmSetting.CHALLENGE_USER_ATTRIBUTE));
    configBuilder.setSetting(ChaiSetting.CR_ALLOW_DUPLICATE_RESPONSES, Boolean.toString(config.readSettingAsBoolean(PwmSetting.CHALLENGE_ALLOW_DUPLICATE_RESPONSES)));
    configBuilder.setSetting(ChaiSetting.CR_CASE_INSENSITIVE, Boolean.toString(config.readSettingAsBoolean(PwmSetting.CHALLENGE_CASE_INSENSITIVE)));
    {
        final String setting = config.readAppProperty(AppProperty.SECURITY_RESPONSES_HASH_ITERATIONS);
        if (setting != null && setting.length() > 0) {
            final int intValue = Integer.parseInt(setting);
            configBuilder.setSetting(ChaiSetting.CR_CHAI_SALT_COUNT, Integer.toString(intValue));
        }
    }
    // can cause issues with previous password authentication
    configBuilder.setSetting(ChaiSetting.JNDI_ENABLE_POOL, "false");
    configBuilder.setSetting(ChaiSetting.CR_DEFAULT_FORMAT_TYPE, Answer.FormatType.SHA1_SALT.toString());
    final String storageMethodString = config.readSettingAsString(PwmSetting.CHALLENGE_STORAGE_HASHED);
    try {
        final Answer.FormatType formatType = Answer.FormatType.valueOf(storageMethodString);
        configBuilder.setSetting(ChaiSetting.CR_DEFAULT_FORMAT_TYPE, formatType.toString());
    } catch (Exception e) {
        LOGGER.warn("unknown CR storage format type '" + storageMethodString + "' ");
    }
    final List<X509Certificate> ldapServerCerts = ldapProfile.readSettingAsCertificate(PwmSetting.LDAP_SERVER_CERTS);
    if (ldapServerCerts != null && ldapServerCerts.size() > 0) {
        final X509TrustManager tm = new X509Utils.CertMatchingTrustManager(config, ldapServerCerts);
        configBuilder.setTrustManager(new X509TrustManager[] { tm });
    }
    final String idleTimeoutMsString = config.readAppProperty(AppProperty.LDAP_CONNECTION_TIMEOUT);
    configBuilder.setSetting(ChaiSetting.LDAP_CONNECT_TIMEOUT, idleTimeoutMsString);
    // set the watchdog idle timeout.
    final int idleTimeoutMs = (int) config.readSettingAsLong(PwmSetting.LDAP_IDLE_TIMEOUT) * 1000;
    if (idleTimeoutMs > 0) {
        configBuilder.setSetting(ChaiSetting.WATCHDOG_ENABLE, "true");
        configBuilder.setSetting(ChaiSetting.WATCHDOG_IDLE_TIMEOUT, idleTimeoutMsString);
    } else {
        configBuilder.setSetting(ChaiSetting.WATCHDOG_ENABLE, "false");
    }
    configBuilder.setSetting(ChaiSetting.LDAP_SEARCH_PAGING_ENABLE, config.readAppProperty(AppProperty.LDAP_SEARCH_PAGING_ENABLE));
    configBuilder.setSetting(ChaiSetting.LDAP_SEARCH_PAGING_SIZE, config.readAppProperty(AppProperty.LDAP_SEARCH_PAGING_SIZE));
    if (config.readSettingAsBoolean(PwmSetting.AD_ENFORCE_PW_HISTORY_ON_SET)) {
        configBuilder.setSetting(ChaiSetting.AD_SET_POLICY_HINTS_ON_PW_SET, "true");
    }
    // write out any configured values;
    final String rawValue = config.readAppProperty(AppProperty.LDAP_CHAI_SETTINGS);
    final String[] rawValues = rawValue != null ? rawValue.split(AppProperty.VALUE_SEPARATOR) : new String[0];
    final Map<String, String> configuredSettings = StringUtil.convertStringListToNameValuePair(Arrays.asList(rawValues), "=");
    for (final Map.Entry<String, String> entry : configuredSettings.entrySet()) {
        final String key = entry.getKey();
        if (key != null && !key.isEmpty()) {
            final ChaiSetting theSetting = ChaiSetting.forKey(key);
            if (theSetting == null) {
                LOGGER.warn("ignoring unknown chai setting '" + key + "'");
            } else {
                configBuilder.setSetting(theSetting, entry.getValue());
            }
        }
    }
    // set ldap referrals
    configBuilder.setSetting(ChaiSetting.LDAP_FOLLOW_REFERRALS, String.valueOf(config.readSettingAsBoolean(PwmSetting.LDAP_FOLLOW_REFERRALS)));
    // enable wire trace;
    if (config.readSettingAsBoolean(PwmSetting.LDAP_ENABLE_WIRE_TRACE)) {
        configBuilder.setSetting(ChaiSetting.WIRETRACE_ENABLE, "true");
    }
    return configBuilder.build();
}
Also used : ChaiConfiguration(com.novell.ldapchai.provider.ChaiConfiguration) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException) IOException(java.io.IOException) X509Certificate(java.security.cert.X509Certificate) Answer(com.novell.ldapchai.cr.Answer) ChaiSetting(com.novell.ldapchai.provider.ChaiSetting) X509TrustManager(javax.net.ssl.X509TrustManager) Map(java.util.Map) HashMap(java.util.HashMap)

Example 2 with ChaiSetting

use of com.novell.ldapchai.provider.ChaiSetting in project ldapchai by ldapchai.

the class ChaiConfigTester method testUniqueSettingKeys.

public void testUniqueSettingKeys() throws Exception {
    final int settingCount = ChaiSetting.values().length;
    final Set<String> settingPropNames = new HashSet<String>();
    for (final ChaiSetting setting : ChaiSetting.values()) {
        settingPropNames.add(setting.getKey());
    }
    Assert.assertEquals(settingCount, settingPropNames.size());
}
Also used : ChaiSetting(com.novell.ldapchai.provider.ChaiSetting) HashSet(java.util.HashSet)

Aggregations

ChaiSetting (com.novell.ldapchai.provider.ChaiSetting)2 Answer (com.novell.ldapchai.cr.Answer)1 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)1 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)1 ChaiConfiguration (com.novell.ldapchai.provider.ChaiConfiguration)1 IOException (java.io.IOException)1 X509Certificate (java.security.cert.X509Certificate)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 Map (java.util.Map)1 X509TrustManager (javax.net.ssl.X509TrustManager)1 PwmOperationalException (password.pwm.error.PwmOperationalException)1 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial