Example 1 with PasswordChangeFailedRuntimeException
use of cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException in project perun by CESNET.
the class UsersManagerBlImpl method managePassword.
/**
* Calls external program which do the job with the password.
*
* Return codes of the external program
* If password check fails then return 1
* If there is no handler for loginNamespace return 2
* If setting of the new password failed return 3
*
* @param sess
* @param operation
* @param userLogin
* @param loginNamespace
* @param password
* @throws InternalErrorException
*/
protected void managePassword(PerunSession sess, String operation, String userLogin, String loginNamespace, String password) throws InternalErrorException {
// If new PWDMGR module exists, use-it
PasswordManagerModule module = null;
try {
module = getPasswordManagerModule(sess, loginNamespace);
} catch (Exception ex) {
// silently skip
}
if (module != null) {
if (operation.equals(PASSWORD_RESERVE)) {
try {
module.reservePassword(sess, userLogin, password);
return;
} catch (Exception ex) {
throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_RESERVE_RANDOM)) {
try {
module.reserveRandomPassword(sess, userLogin);
return;
} catch (Exception ex) {
throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_CHECK)) {
try {
module.checkPassword(sess, userLogin, password);
return;
} catch (Exception ex) {
throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_VALIDATE)) {
module.validatePassword(sess, userLogin);
return;
}
if (operation.equals(PASSWORD_CHANGE)) {
try {
module.changePassword(sess, userLogin, password);
return;
} catch (Exception ex) {
throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
}
}
if (operation.equals(PASSWORD_DELETE)) {
try {
module.deletePassword(sess, userLogin);
return;
} catch (Exception ex) {
throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + loginNamespace + ":" + userLogin + ".");
}
}
}
// use good old way
// Check validity of original password
ProcessBuilder pb = new ProcessBuilder(BeansUtils.getCoreConfig().getPasswordManagerProgram(), operation, loginNamespace, userLogin);
Process process;
try {
process = pb.start();
} catch (IOException e) {
throw new InternalErrorException(e);
}
InputStream es = process.getErrorStream();
if (operation.equals(PASSWORD_CHANGE) || operation.equals(PASSWORD_CHECK) || operation.equals(PASSWORD_RESERVE)) {
OutputStream os = process.getOutputStream();
if (password == null || password.isEmpty()) {
throw new EmptyPasswordRuntimeException("Password for " + loginNamespace + ":" + userLogin + " cannot be empty.");
}
// Write password to the stdin of the program
PrintWriter pw = new PrintWriter(os, true);
pw.write(password);
pw.close();
}
// If non-zero exit code is returned, then try to read error output
try {
if (process.waitFor() != 0) {
if (process.exitValue() == 1) {
throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 3) {
throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 4) {
throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 5) {
throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 6) {
throw new LoginNotExistsRuntimeException("User login doesn't exists in underlying system for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 11) {
throw new PasswordStrengthFailedRuntimeException("Password to set doesn't match expected restrictions for " + loginNamespace + ":" + userLogin + ".");
} else if (process.exitValue() == 12) {
throw new PasswordOperationTimeoutRuntimeException("Operation with password exceeded expected limit for " + loginNamespace + ":" + userLogin + ".");
} else {
// Some other error occured
BufferedReader inReader = new BufferedReader(new InputStreamReader(es));
StringBuffer errorMsg = new StringBuffer();
String line;
try {
while ((line = inReader.readLine()) != null) {
errorMsg.append(line);
}
} catch (IOException e) {
throw new InternalErrorException(e);
}
throw new InternalErrorException(errorMsg.toString());
}
}
} catch (InterruptedException e) {
throw new InternalErrorException(e);
}
}
Also used :
InputStreamReader(java.io.InputStreamReader)
InputStream(java.io.InputStream)
OutputStream(java.io.OutputStream)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
IOException(java.io.IOException)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
IOException(java.io.IOException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
EmptyPasswordRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
EmptyPasswordRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.EmptyPasswordRuntimeException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
PasswordManagerModule(cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule)
BufferedReader(java.io.BufferedReader)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
PrintWriter(java.io.PrintWriter)
Example 2 with PasswordChangeFailedRuntimeException
use of cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException in project perun by CESNET.
the class UsersManagerBlImpl method changePassword.
@Override
public void changePassword(PerunSession sess, User user, String loginNamespace, String oldPassword, String newPassword, boolean checkOldPassword) throws LoginNotExistsException, PasswordDoesntMatchException, PasswordChangeFailedException, PasswordOperationTimeoutException, PasswordStrengthFailedException, InvalidLoginException, PasswordStrengthException {
log.info("Changing password for {} in login-namespace {}.", user, loginNamespace);
// Get User login in loginNamespace
Attribute userLogin;
try {
userLogin = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":login-namespace:" + loginNamespace);
} catch (AttributeNotExistsException e) {
throw new LoginNotExistsException(e);
} catch (WrongAttributeAssignmentException e) {
throw new InternalErrorException(e);
}
PasswordManagerModule module = getPasswordManagerModule(sess, loginNamespace);
// Check password if it was requested
if (checkOldPassword) {
try {
module.checkPassword(sess, userLogin.valueAsString(), oldPassword);
} catch (PasswordDoesntMatchRuntimeException e) {
throw new PasswordDoesntMatchException(e);
} catch (PasswordOperationTimeoutRuntimeException e) {
throw new PasswordOperationTimeoutException(e);
} catch (Exception ex) {
// fallback for exception compatibility
throw new PasswordDoesntMatchException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".", ex);
}
}
// Change the password
try {
module.changePassword(sess, userLogin.valueAsString(), newPassword);
} catch (PasswordChangeFailedRuntimeException e) {
throw new PasswordChangeFailedException(e);
} catch (PasswordOperationTimeoutRuntimeException e) {
throw new PasswordOperationTimeoutException(e);
} catch (PasswordStrengthFailedRuntimeException e) {
throw new PasswordStrengthFailedException(e);
} catch (InvalidLoginException | PasswordStrengthException e) {
throw e;
} catch (Exception ex) {
// fallback for exception compatibility
throw new PasswordChangeFailedException("Password change failed for " + loginNamespace + ":" + userLogin + ".", ex);
}
// validate and set user ext sources
try {
this.validatePassword(sess, user, loginNamespace);
} catch (PasswordCreationFailedException ex) {
throw new PasswordChangeFailedException(ex);
}
}
Also used :
Attribute(cz.metacentrum.perun.core.api.Attribute)
LoginNotExistsException(cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
PasswordCreationFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordCreationFailedException)
PasswordOperationTimeoutRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordOperationTimeoutRuntimeException)
RelationExistsException(cz.metacentrum.perun.core.api.exceptions.RelationExistsException)
MemberAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.MemberAlreadyRemovedException)
PasswordCreationFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordCreationFailedException)
UserExtSourceAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceAlreadyRemovedException)
ExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
LoginNotExistsRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)
PasswordStrengthFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthFailedException)
PasswordCreationFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)
SpecificUserAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.SpecificUserAlreadyRemovedException)
AlreadyReservedLoginException(cz.metacentrum.perun.core.api.exceptions.AlreadyReservedLoginException)
SpecificUserOwnerAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.SpecificUserOwnerAlreadyRemovedException)
IllegalArgumentException(cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)
UserExtSourceExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceExistsException)
AlreadyAdminException(cz.metacentrum.perun.core.api.exceptions.AlreadyAdminException)
PasswordChangeFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordChangeFailedException)
PasswordResetLinkExpiredException(cz.metacentrum.perun.core.api.exceptions.PasswordResetLinkExpiredException)
InvalidLoginException(cz.metacentrum.perun.core.api.exceptions.InvalidLoginException)
UserExtSourceNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserExtSourceNotExistsException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
MemberNotExistsException(cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
UserNotAdminException(cz.metacentrum.perun.core.api.exceptions.UserNotAdminException)
LoginNotExistsException(cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
PasswordStrengthException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthException)
PasswordDeletionFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordDeletionFailedException)
UserAlreadyRemovedException(cz.metacentrum.perun.core.api.exceptions.UserAlreadyRemovedException)
PasswordOperationTimeoutException(cz.metacentrum.perun.core.api.exceptions.PasswordOperationTimeoutException)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
RelationNotExistsException(cz.metacentrum.perun.core.api.exceptions.RelationNotExistsException)
PasswordDoesntMatchException(cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
BanNotExistsException(cz.metacentrum.perun.core.api.exceptions.BanNotExistsException)
PasswordResetLinkNotValidException(cz.metacentrum.perun.core.api.exceptions.PasswordResetLinkNotValidException)
UserNotExistsException(cz.metacentrum.perun.core.api.exceptions.UserNotExistsException)
PasswordDeletionFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)
AnonymizationNotSupportedException(cz.metacentrum.perun.core.api.exceptions.AnonymizationNotSupportedException)
PasswordOperationTimeoutException(cz.metacentrum.perun.core.api.exceptions.PasswordOperationTimeoutException)
PasswordDoesntMatchRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordDoesntMatchRuntimeException)
PasswordChangeFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)
PasswordStrengthFailedRuntimeException(cz.metacentrum.perun.core.api.exceptions.rt.PasswordStrengthFailedRuntimeException)
InvalidLoginException(cz.metacentrum.perun.core.api.exceptions.InvalidLoginException)
PasswordManagerModule(cz.metacentrum.perun.core.implApi.modules.pwdmgr.PasswordManagerModule)
GenericPasswordManagerModule(cz.metacentrum.perun.core.impl.modules.pwdmgr.GenericPasswordManagerModule)
PasswordStrengthFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthFailedException)
PasswordDoesntMatchException(cz.metacentrum.perun.core.api.exceptions.PasswordDoesntMatchException)
PasswordChangeFailedException(cz.metacentrum.perun.core.api.exceptions.PasswordChangeFailedException)
PasswordStrengthException(cz.metacentrum.perun.core.api.exceptions.PasswordStrengthException)
Aggregations
LoginNotExistsRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.LoginNotExistsRuntimeException)2
PasswordChangeFailedRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordChangeFailedRuntimeException)2
PasswordCreationFailedRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordCreationFailedRuntimeException)2
PasswordDeletionFailedRuntimeException (cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException)2
Attribute (cz.metacentrum.perun.core.api.Attribute)1
AlreadyAdminException (cz.metacentrum.perun.core.api.exceptions.AlreadyAdminException)1
AlreadyReservedLoginException (cz.metacentrum.perun.core.api.exceptions.AlreadyReservedLoginException)1
AnonymizationNotSupportedException (cz.metacentrum.perun.core.api.exceptions.AnonymizationNotSupportedException)1
AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)1
BanNotExistsException (cz.metacentrum.perun.core.api.exceptions.BanNotExistsException)1
ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)1
ExtSourceNotExistsException (cz.metacentrum.perun.core.api.exceptions.ExtSourceNotExistsException)1
IllegalArgumentException (cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)1
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)1
InvalidLoginException (cz.metacentrum.perun.core.api.exceptions.InvalidLoginException)1
LoginNotExistsException (cz.metacentrum.perun.core.api.exceptions.LoginNotExistsException)1
MemberAlreadyRemovedException (cz.metacentrum.perun.core.api.exceptions.MemberAlreadyRemovedException)1
MemberNotExistsException (cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)1
PasswordChangeFailedException (cz.metacentrum.perun.core.api.exceptions.PasswordChangeFailedException)1
PasswordCreationFailedException (cz.metacentrum.perun.core.api.exceptions.PasswordCreationFailedException)1
