Examples with PwmApplication password.pwm.PwmApplication used on opensource projects

Search in sources :

Example 26 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class ActivateUserServlet method handleActivateRequest.

@ActionHandler(action = "activate")
public ProcessStatus handleActivateRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Configuration config = pwmApplication.getConfig();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            throw new PwmUnrecoverableException(errorInfo);
        }
    }
    pwmApplication.getSessionStateService().clearBean(pwmRequest, ActivateUserBean.class);
    final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm(PwmSetting.ACTIVATE_USER_FORM);
    Map<FormConfiguration, String> formValues = new HashMap<>();
    try {
        // read the values from the request
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, configuredActivationForm, ssBean.getLocale());
        // check for intruders
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // read the context attr
        final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
        // read the profile attr
        final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(config, formValues, ssBean.getLocale());
        final String searchFilter = ActivateUserUtils.figureLdapSearchFilter(pwmRequest);
        // read an ldap user object based on the params
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().contexts(Collections.singletonList(contextParam)).filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmRequest.getSessionLabel());
        }
        ActivateUserUtils.validateParamsAgainstLDAP(pwmRequest, formValues, userIdentity);
        final List<UserPermission> userPermissions = config.readSettingAsUserPermission(PwmSetting.ACTIVATE_USER_QUERY_MATCH);
        if (!LdapPermissionTester.testUserPermissions(pwmApplication, pwmSession.getLabel(), userIdentity, userPermissions)) {
            final String errorMsg = "user " + userIdentity + " attempted activation, but does not match query string";
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_ACTIVATE_NO_PERMISSION, errorMsg);
            pwmApplication.getIntruderManager().convenience().markUserIdentity(userIdentity, pwmSession);
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            throw new PwmUnrecoverableException(errorInformation);
        }
        final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ActivateUserBean.class);
        activateUserBean.setUserIdentity(userIdentity);
        activateUserBean.setFormValidated(true);
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
    } catch (PwmOperationalException e) {
        pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        setLastError(pwmRequest, e.getErrorInformation());
        LOGGER.debug(pwmSession.getLabel(), e.getErrorInformation().toDebugStr());
    }
    return ProcessStatus.Continue;
}
Also used : PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) Configuration(password.pwm.config.Configuration) HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) ActivateUserBean(password.pwm.http.bean.ActivateUserBean) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession) UserPermission(password.pwm.config.value.data.UserPermission)

Example 27 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class ConfigGuideUtils method writeConfig.

static void writeConfig(final ContextManager contextManager, final StoredConfigurationImpl storedConfiguration) throws PwmOperationalException, PwmUnrecoverableException {
    final ConfigurationReader configReader = contextManager.getConfigReader();
    final PwmApplication pwmApplication = contextManager.getPwmApplication();
    try {
        // add a random security key
        storedConfiguration.initNewRandomSecurityKey();
        configReader.saveConfiguration(storedConfiguration, pwmApplication, null);
        contextManager.requestPwmApplicationRestart();
    } catch (PwmException e) {
        throw new PwmOperationalException(e.getErrorInformation());
    } catch (Exception e) {
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_INVALID_CONFIG, "unable to save configuration: " + e.getLocalizedMessage());
        throw new PwmOperationalException(errorInformation);
    }
}
Also used : PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) ConfigurationReader(password.pwm.config.stored.ConfigurationReader) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) IOException(java.io.IOException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 28 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class ConfigGuideUtils method restUploadConfig.

public static void restUploadConfig(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final HttpServletRequest req = pwmRequest.getHttpServletRequest();
    if (pwmApplication.getApplicationMode() == PwmApplicationMode.RUNNING) {
        final String errorMsg = "config upload is not permitted when in running mode";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_UPLOAD_FAILURE, errorMsg, new String[] { errorMsg });
        pwmRequest.respondWithError(errorInformation, true);
    }
    if (ServletFileUpload.isMultipartContent(req)) {
        final InputStream uploadedFile = pwmRequest.readFileUploadStream(PwmConstants.PARAM_FILE_UPLOAD);
        if (uploadedFile != null) {
            try {
                final StoredConfigurationImpl storedConfig = StoredConfigurationImpl.fromXml(uploadedFile);
                final List<String> configErrors = storedConfig.validateValues();
                if (configErrors != null && !configErrors.isEmpty()) {
                    throw new PwmOperationalException(new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, configErrors.get(0)));
                }
                ConfigGuideUtils.writeConfig(ContextManager.getContextManager(req.getSession()), storedConfig);
                LOGGER.trace(pwmSession, "read config from file: " + storedConfig.toString());
                final RestResultBean restResultBean = RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown);
                pwmRequest.getPwmResponse().outputJsonResult(restResultBean);
                req.getSession().invalidate();
            } catch (PwmException e) {
                final RestResultBean restResultBean = RestResultBean.fromError(e.getErrorInformation(), pwmRequest);
                pwmRequest.getPwmResponse().outputJsonResult(restResultBean);
                LOGGER.error(pwmSession, e.getErrorInformation().toDebugStr());
            }
        } else {
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_UPLOAD_FAILURE, "error reading config file: no file present in upload");
            final RestResultBean restResultBean = RestResultBean.fromError(errorInformation, pwmRequest);
            pwmRequest.getPwmResponse().outputJsonResult(restResultBean);
            LOGGER.error(pwmSession, errorInformation.toDebugStr());
        }
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) PwmApplication(password.pwm.PwmApplication) StoredConfigurationImpl(password.pwm.config.stored.StoredConfigurationImpl) InputStream(java.io.InputStream) PwmSession(password.pwm.http.PwmSession) PwmOperationalException(password.pwm.error.PwmOperationalException) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 29 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class DeleteAccountServlet method handleDeleteRequest.

@ActionHandler(action = "delete")
private ProcessStatus handleDeleteRequest(final PwmRequest pwmRequest) throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final DeleteAccountProfile deleteAccountProfile = getProfile(pwmRequest);
    final UserIdentity userIdentity = pwmRequest.getUserInfoIfLoggedIn();
    {
        // execute configured actions
        final List<ActionConfiguration> actions = deleteAccountProfile.readSettingAsAction(PwmSetting.DELETE_ACCOUNT_ACTIONS);
        if (actions != null && !actions.isEmpty()) {
            LOGGER.debug(pwmRequest, "executing configured actions to user " + userIdentity);
            final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings(pwmApplication, userIdentity).setExpandPwmMacros(true).setMacroMachine(pwmRequest.getPwmSession().getSessionManager().getMacroMachine(pwmApplication)).createActionExecutor();
            try {
                actionExecutor.executeActions(actions, pwmRequest.getSessionLabel());
            } catch (PwmOperationalException e) {
                LOGGER.error("error during user delete action execution: " + e.getMessage());
                throw new PwmUnrecoverableException(e.getErrorInformation(), e.getCause());
            }
        }
    }
    // send notification
    sendProfileUpdateEmailNotice(pwmRequest);
    // mark the event log
    pwmApplication.getAuditManager().submit(AuditEvent.DELETE_ACCOUNT, pwmRequest.getPwmSession().getUserInfo(), pwmRequest.getPwmSession());
    final String nextUrl = deleteAccountProfile.readSettingAsString(PwmSetting.DELETE_ACCOUNT_NEXT_URL);
    if (nextUrl != null && !nextUrl.isEmpty()) {
        final MacroMachine macroMachine = pwmRequest.getPwmSession().getSessionManager().getMacroMachine(pwmApplication);
        final String macroedUrl = macroMachine.expandMacros(nextUrl);
        LOGGER.debug(pwmRequest, "settinging forward url to post-delete next url: " + macroedUrl);
        pwmRequest.getPwmSession().getSessionStateBean().setForwardURL(macroedUrl);
    }
    // perform ldap entry delete.
    if (deleteAccountProfile.readSettingAsBoolean(PwmSetting.DELETE_ACCOUNT_DELETE_USER_ENTRY)) {
        final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser(pwmRequest.getUserInfoIfLoggedIn());
        try {
            chaiUser.getChaiProvider().deleteEntry(chaiUser.getEntryDN());
        } catch (ChaiException e) {
            final PwmUnrecoverableException pwmException = PwmUnrecoverableException.fromChaiException(e);
            LOGGER.error("error during user delete", pwmException);
            throw pwmException;
        }
    }
    // clear the delete bean
    pwmApplication.getSessionStateService().clearBean(pwmRequest, DeleteAccountBean.class);
    // delete finished, so logout and redirect.
    pwmRequest.getPwmSession().unauthenticateUser(pwmRequest);
    pwmRequest.sendRedirectToContinue();
    return ProcessStatus.Halt;
}
Also used : ActionExecutor(password.pwm.util.operations.ActionExecutor) PwmApplication(password.pwm.PwmApplication) ChaiUser(com.novell.ldapchai.ChaiUser) UserIdentity(password.pwm.bean.UserIdentity) DeleteAccountProfile(password.pwm.config.profile.DeleteAccountProfile) MacroMachine(password.pwm.util.macro.MacroMachine) List(java.util.List) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiException(com.novell.ldapchai.exception.ChaiException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 30 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class GuestRegistrationServlet method sendGuestUserEmailConfirmation.

private void sendGuestUserEmailConfirmation(final PwmRequest pwmRequest, final UserIdentity userIdentity) throws PwmUnrecoverableException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmApplication.getConfig();
    final Locale locale = pwmSession.getSessionStateBean().getLocale();
    final EmailItemBean configuredEmailSetting = config.readSettingAsEmail(PwmSetting.EMAIL_GUEST, locale);
    if (configuredEmailSetting == null) {
        LOGGER.debug(pwmSession, "unable to send guest registration email for '" + userIdentity + "' no email configured");
        return;
    }
    final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest, userIdentity);
    pwmApplication.getEmailQueue().submitEmail(configuredEmailSetting, null, macroMachine);
}
Also used : Locale(java.util.Locale) PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) ActionConfiguration(password.pwm.config.value.data.ActionConfiguration) Configuration(password.pwm.config.Configuration) EmailItemBean(password.pwm.bean.EmailItemBean) MacroMachine(password.pwm.util.macro.MacroMachine) PwmSession(password.pwm.http.PwmSession)

Aggregations

PwmApplication (password.pwm.PwmApplication)120 PwmSession (password.pwm.http.PwmSession)55 ErrorInformation (password.pwm.error.ErrorInformation)54 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)49 PwmOperationalException (password.pwm.error.PwmOperationalException)36 Configuration (password.pwm.config.Configuration)33 UserIdentity (password.pwm.bean.UserIdentity)27 FormConfiguration (password.pwm.config.value.data.FormConfiguration)25 PwmException (password.pwm.error.PwmException)25 IOException (java.io.IOException)22 ServletException (javax.servlet.ServletException)18 UserInfo (password.pwm.ldap.UserInfo)18 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)17 ChaiUser (com.novell.ldapchai.ChaiUser)16 Locale (java.util.Locale)13 ActionConfiguration (password.pwm.config.value.data.ActionConfiguration)13 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)13 MacroMachine (password.pwm.util.macro.MacroMachine)12 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)11 Instant (java.time.Instant)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial