Example 1 with EmptyPasswordRuntimeException
use of cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException in project perun by CESNET.
the class UsersManagerBlImpl method manageAlternativePassword.
/**
* Calls external program which do the job with the alternative passwords.
*
* Return codes of the external program
* If password check fails then return 1
* If there is no handler for loginNamespace return 2
* If setting of the new password failed return 3
*
* @param sess
* @param operation
* @param loginNamespace
* @param password
* @throws InternalErrorException
*/
protected void manageAlternativePassword(PerunSession sess, User user, String operation, String loginNamespace, String passwordId, String description, String password) throws InternalErrorException, PasswordDeletionFailedException {
//if password id == null
if (passwordId == null)
passwordId = Long.toString(System.currentTimeMillis());
//Prepare process builder
ProcessBuilder pb = new ProcessBuilder(BeansUtils.getCoreConfig().getAlternativePasswordManagerProgram(), operation, loginNamespace, Integer.toString(user.getId()), passwordId);
//Set password in Perun to attribute
if (operation.equals(PASSWORD_CREATE)) {
try {
Attribute userAlternativePassword = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, A_USER_DEF_ALT_PASSWORD_NAMESPACE + loginNamespace);
Map<String, String> altPassValue = new LinkedHashMap<>();
//Set not null value from altPassword attribute of this user
if (userAlternativePassword.getValue() != null)
altPassValue = (LinkedHashMap<String, String>) userAlternativePassword.getValue();
//If password already exists, throw an exception
if (altPassValue.containsKey(description))
throw new ConsistencyErrorException("Password with this description already exists. Description: " + description);
//set new value to attribute
altPassValue.put(description, passwordId);
userAlternativePassword.setValue(altPassValue);
//set new attribute with value to perun
getPerunBl().getAttributesManagerBl().setAttribute(sess, user, userAlternativePassword);
} catch (WrongAttributeAssignmentException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
throw new InternalErrorException(ex);
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
} else if (operation.equals(PASSWORD_DELETE)) {
try {
Attribute userAlternativePassword = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, A_USER_DEF_ALT_PASSWORD_NAMESPACE + loginNamespace);
Map<String, String> altPassValue = new LinkedHashMap<>();
//Set not null value from altPassword attribute of this user
if (userAlternativePassword.getValue() != null)
altPassValue = (LinkedHashMap<String, String>) userAlternativePassword.getValue();
//If password already exists, throw an exception
if (!altPassValue.containsValue(passwordId))
throw new PasswordDeletionFailedException("Password not found by ID.");
//remove key with this value from map
Set<String> keys = altPassValue.keySet();
description = null;
for (String key : keys) {
String valueOfKey = altPassValue.get(key);
if (valueOfKey.equals(passwordId)) {
if (description != null)
throw new ConsistencyErrorException("There is more than 1 password with same ID in value for user " + user);
description = key;
}
}
if (description == null)
throw new InternalErrorException("Password not found by ID.");
altPassValue.remove(description);
//set new value for altPassword attribute for this user
userAlternativePassword.setValue(altPassValue);
getPerunBl().getAttributesManagerBl().setAttribute(sess, user, userAlternativePassword);
} catch (WrongAttributeAssignmentException ex) {
throw new InternalErrorException(ex);
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
} catch (WrongAttributeValueException ex) {
throw new InternalErrorException(ex);
} catch (WrongReferenceAttributeValueException ex) {
throw new InternalErrorException(ex);
}
} else {
throw new InternalErrorException("Not supported operation " + operation);
}
Process process;
try {
process = pb.start();
} catch (IOException e) {
throw new InternalErrorException(e);
}
InputStream es = process.getErrorStream();
//Set pasword in remote system
if (operation.equals(PASSWORD_CREATE)) {
OutputStream os = process.getOutputStream();
if (password == null || password.isEmpty()) {
throw new EmptyPasswordRuntimeException("Alternative password for " + loginNamespace + " cannot be empty.");
}
// Write password to the stdin of the program
PrintWriter pw = new PrintWriter(os, true);
pw.write(password);
pw.close();
}
// If non-zero exit code is returned, then try to read error output
try {
if (process.waitFor() != 0) {
if (process.exitValue() == 1) {
//throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
throw new InternalErrorException("Alternative password manager returns unexpected return code: " + process.exitValue());
} else if (process.exitValue() == 3) {
//throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
throw new InternalErrorException("Alternative password manager returns unexpected return code: " + process.exitValue());
} else if (process.exitValue() == 4) {
throw new PasswordCreationFailedRuntimeException("Alternative password creation failed for " + user + ". Namespace: " + loginNamespace + ", description: " + description + ".");
} else if (process.exitValue() == 5) {
throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + user + ". Namespace: " + loginNamespace + ", passwordId: " + passwordId + ".");
} else if (process.exitValue() == 6) {
throw new LoginNotExistsRuntimeException("User doesn't exists in underlying system for namespace " + loginNamespace + ", user: " + user + ".");
} else if (process.exitValue() == 7) {
throw new InternalErrorException("Problem with creating user entry in underlying system " + loginNamespace + ", user: " + user + ".");
} else {
// Some other error occured
BufferedReader inReader = new BufferedReader(new InputStreamReader(es));
StringBuffer errorMsg = new StringBuffer();
String line;
try {
while ((line = inReader.readLine()) != null) {
errorMsg.append(line);
}
} catch (IOException e) {
throw new InternalErrorException(e);
}
throw new InternalErrorException(errorMsg.toString());
}
}
} catch (InterruptedException e) {
throw new InternalErrorException(e);
}
}
Also used :
OutputStream(java.io.OutputStream)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
PrintWriter(java.io.PrintWriter)
InputStreamReader(java.io.InputStreamReader)
InputStream(java.io.InputStream)
IOException(java.io.IOException)
EmptyPasswordRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
BufferedReader(java.io.BufferedReader)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
Example 2 with EmptyPasswordRuntimeException
use of cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException in project perun by CESNET.
the class UsersManagerBlImpl method managePassword.
/**
* Calls external program which do the job with the password.
*
* Return codes of the external program
* If password check fails then return 1
* If there is no handler for loginNamespace return 2
* If setting of the new password failed return 3
*
* @param sess
* @param operation
* @param userLogin
* @param loginNamespace
* @param password
* @throws InternalErrorException
*/
protected void managePassword(PerunSession sess, String operation, String userLogin, String loginNamespace, String password) throws InternalErrorException {
// If new PWDMGR module exists, use-it
PasswordManagerModule module = null;
try {
module = getPasswordManagerModule(sess, loginNamespace);
} catch (Exception ex) {
// silently skip
}
if (module != null) {
if (operation.equals(PASSWORD_RESERVE)) {
try {
module.reservePassword(sess, userLogin, password);
return;
} catch (Exception ex) {
throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_RESERVE_RANDOM)) {
try {
module.reserveRandomPassword(sess, userLogin);
return;
} catch (Exception ex) {
throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_CHECK)) {
try {
module.checkPassword(sess, userLogin, password);
return;
} catch (Exception ex) {
throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_VALIDATE)) {
module.validatePassword(sess, userLogin);
return;
}
if (operation.equals(PASSWORD_CHANGE)) {
try {
module.changePassword(sess, userLogin, password);
return;
} catch (Exception ex) {
throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_DELETE)) {
try {
module.deletePassword(sess, userLogin);
return;
} catch (Exception ex) {
throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + loginNamespace + ":" + userLogin + ".");
}
}
}
// use good old way
// Check validity of original password
ProcessBuilder pb = new ProcessBuilder(BeansUtils.getCoreConfig().getPasswordManagerProgram(), operation, loginNamespace, userLogin);
Process process;
try {
process = pb.start();
} catch (IOException e) {
throw new InternalErrorException(e);
}
InputStream es = process.getErrorStream();
if (operation.equals(PASSWORD_CHANGE) || operation.equals(PASSWORD_CHECK) || operation.equals(PASSWORD_RESERVE)) {
OutputStream os = process.getOutputStream();
if (password == null || password.isEmpty()) {
throw new EmptyPasswordRuntimeException("Password for " + loginNamespace + ":" + userLogin + " cannot be empty.");
}
// Write password to the stdin of the program
PrintWriter pw = new PrintWriter(os, true);
pw.write(password);
pw.close();
}
// If non-zero exit code is returned, then try to read error output
try {
if (process.waitFor() != 0) {
if (process.exitValue() == 1) {
throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 3) {
throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 4) {
throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 5) {
throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 6) {
throw new LoginNotExistsRuntimeException("User login doesn't exists in underlying system for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 11) {
throw new PasswordStrengthFailedRuntimeException("Password to set doesn't match expected restrictions for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 12) {
throw new PasswordOperationTimeoutRuntimeException("Operation with password exceeded expected limit for " + loginNamespace + ":" + userLogin + ".");
} else {
// Some other error occured
BufferedReader inReader = new BufferedReader(new InputStreamReader(es));
StringBuffer errorMsg = new StringBuffer();
String line;
try {
while ((line = inReader.readLine()) != null) {
errorMsg.append(line);
}
} catch (IOException e) {
throw new InternalErrorException(e);
}
throw new InternalErrorException(errorMsg.toString());
}
}
} catch (InterruptedException e) {
throw new InternalErrorException(e);
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
InputStream(java.io.InputStream)
OutputStream(java.io.OutputStream)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
IOException(java.io.IOException)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
IOException(java.io.IOException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
EmptyPasswordRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
EmptyPasswordRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
PasswordManagerModule(cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule)
BufferedReader(java.io.BufferedReader)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
PrintWriter(java.io.PrintWriter)
Aggregations
EmptyPasswordRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException)2
LoginNotExistsRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)2
PasswordCreationFailedRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)2
PasswordDeletionFailedRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)2
BufferedReader (java.io.BufferedReader)2
IOException (java.io.IOException)2
InputStream (java.io.InputStream)2
InputStreamReader (java.io.InputStreamReader)2
OutputStream (java.io.OutputStream)2
PrintWriter (java.io.PrintWriter)2
PasswordChangeFailedRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)1
PasswordDoesntMatchRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)1
PasswordOperationTimeoutRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)1
PasswordStrengthFailedRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)1
PasswordManagerModule (cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule)1
