Examples with PwmApplication password.pwm.PwmApplication used on opensource projects

Search in sources :

Example 41 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class ChangePasswordServlet method forwardToWaitPage.

private void forwardToWaitPage(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ServletException, IOException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final ChangePasswordBean changePasswordBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    final Instant maxCompleteTime = changePasswordBean.getChangePasswordMaxCompletion();
    pwmRequest.setAttribute(PwmRequestAttribute.ChangePassword_MaxWaitSeconds, maxCompleteTime == null ? 30 : TimeDuration.fromCurrent(maxCompleteTime).getTotalSeconds());
    pwmRequest.setAttribute(PwmRequestAttribute.ChangePassword_CheckIntervalSeconds, Long.parseLong(pwmRequest.getConfig().readAppProperty(AppProperty.CLIENT_AJAX_PW_WAIT_CHECK_SECONDS)));
    pwmRequest.forwardToJsp(JspUrl.PASSWORD_CHANGE_WAIT);
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean) PwmApplication(password.pwm.PwmApplication) Instant(java.time.Instant)

Example 42 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class ChangePasswordServlet method nextStep.

public void nextStep(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException {
    final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmApplication.getConfig();
    if (changePasswordBean.getChangeProgressTracker() != null) {
        forwardToWaitPage(pwmRequest);
        return;
    }
    if (ChangePasswordServletUtil.warnPageShouldBeShown(pwmRequest, changePasswordBean)) {
        LOGGER.trace(pwmRequest, "password expiration is within password warn period, forwarding user to warning page");
        pwmRequest.forwardToJsp(JspUrl.PASSWORD_WARN);
        return;
    }
    final String agreementMsg = pwmApplication.getConfig().readSettingAsLocalizedString(PwmSetting.PASSWORD_CHANGE_AGREEMENT_MESSAGE, pwmRequest.getLocale());
    if (agreementMsg != null && agreementMsg.length() > 0 && !changePasswordBean.isAgreementPassed()) {
        final MacroMachine macroMachine = pwmSession.getSessionManager().getMacroMachine(pwmApplication);
        final String expandedText = macroMachine.expandMacros(agreementMsg);
        pwmRequest.setAttribute(PwmRequestAttribute.AgreementText, expandedText);
        pwmRequest.forwardToJsp(JspUrl.PASSWORD_AGREEMENT);
        return;
    }
    if (ChangePasswordServletUtil.determineIfCurrentPasswordRequired(pwmApplication, pwmSession) && !changePasswordBean.isCurrentPasswordPassed()) {
        forwardToFormPage(pwmRequest);
        return;
    }
    if (!config.readSettingAsForm(PwmSetting.PASSWORD_REQUIRE_FORM).isEmpty() && !changePasswordBean.isFormPassed()) {
        forwardToFormPage(pwmRequest);
        return;
    }
    changePasswordBean.setAllChecksPassed(true);
    forwardToChangePage(pwmRequest);
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean) PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) Configuration(password.pwm.config.Configuration) MacroMachine(password.pwm.util.macro.MacroMachine) PwmSession(password.pwm.http.PwmSession)

Example 43 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class CommandServlet method processNext.

@ActionHandler(action = "next")
private ProcessStatus processNext(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmApplication.getConfig();
    if (pwmRequest.isAuthenticated()) {
        if (AuthenticationFilter.forceRequiredRedirects(pwmRequest) == ProcessStatus.Halt) {
            return ProcessStatus.Halt;
        }
        // log the user out if our finish action is currently set to log out.
        final boolean forceLogoutOnChange = config.readSettingAsBoolean(PwmSetting.LOGOUT_AFTER_PASSWORD_CHANGE);
        if (forceLogoutOnChange && pwmSession.getSessionStateBean().isPasswordModified()) {
            LOGGER.trace(pwmSession, "logging out user; password has been modified");
            pwmRequest.sendRedirect(PwmServletDefinition.Logout);
            return ProcessStatus.Halt;
        }
    }
    redirectToForwardURL(pwmRequest);
    return ProcessStatus.Halt;
}
Also used : PwmApplication(password.pwm.PwmApplication) Configuration(password.pwm.config.Configuration) PwmSession(password.pwm.http.PwmSession)

Example 44 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class ForgottenUsernameServlet method handleSearchRequest.

public void handleSearchRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            LOGGER.debug(pwmRequest, errorInfo);
            setLastError(pwmRequest, errorInfo);
            forwardToFormJsp(pwmRequest);
            return;
        }
    }
    final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
    final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
    final List<FormConfiguration> forgottenUsernameForm = pwmApplication.getConfig().readSettingAsForm(PwmSetting.FORGOTTEN_USERNAME_FORM);
    // read the values from the request
    Map<FormConfiguration, String> formValues = new HashMap<>();
    try {
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, forgottenUsernameForm, ssBean.getLocale());
        // check for intruder search
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(pwmRequest.getConfig(), formValues, ssBean.getLocale());
        final String searchFilter;
        {
            final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString(PwmSetting.FORGOTTEN_USERNAME_SEARCH_FILTER);
            if (configuredSearchFilter == null || configuredSearchFilter.isEmpty()) {
                searchFilter = FormUtility.ldapSearchFilterForForm(pwmApplication, forgottenUsernameForm);
                LOGGER.trace(pwmSession, "auto generated ldap search filter: " + searchFilter);
            } else {
                searchFilter = configuredSearchFilter;
            }
        }
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).contexts(Collections.singletonList(contextParam)).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
        }
        if (userIdentity == null) {
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
            setLastError(pwmRequest, PwmError.ERROR_CANT_MATCH_USER.toInfo());
            forwardToFormJsp(pwmRequest);
            return;
        }
        // make sure the user isn't locked.
        pwmApplication.getIntruderManager().convenience().checkUserIdentity(userIdentity);
        final UserInfo forgottenUserInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, pwmRequest.getSessionLabel(), userIdentity, pwmRequest.getLocale());
        // send username
        sendUsername(pwmApplication, pwmSession, forgottenUserInfo);
        pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_SUCCESSES);
        // redirect user to success page.
        forwardToCompletePage(pwmRequest, userIdentity);
        return;
    } catch (PwmOperationalException e) {
        final ErrorInformation errorInfo;
        errorInfo = e.getError() == PwmError.ERROR_UNKNOWN ? new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues()) : e.getErrorInformation();
        setLastError(pwmRequest, errorInfo);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
    }
    pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
    forwardToFormJsp(pwmRequest);
}
Also used : PwmApplication(password.pwm.PwmApplication) HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) UserInfo(password.pwm.ldap.UserInfo) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession)

Example 45 with PwmApplication

use of password.pwm.PwmApplication in project pwm by pwm-project.

the class SetupOtpServlet method handleClearOtpSecret.

@ActionHandler(action = "clearOtp")
private ProcessStatus handleClearOtpSecret(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final OtpService service = pwmApplication.getOtpService();
    final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
    try {
        service.clearOTPUserConfiguration(pwmSession, theUser);
    } catch (PwmOperationalException e) {
        setLastError(pwmRequest, e.getErrorInformation());
        LOGGER.error(pwmRequest, e.getErrorInformation());
        return ProcessStatus.Halt;
    }
    otpBean.setHasPreExistingOtp(false);
    initializeBean(pwmRequest, otpBean);
    return ProcessStatus.Continue;
}
Also used : PwmApplication(password.pwm.PwmApplication) SetupOtpBean(password.pwm.http.bean.SetupOtpBean) OtpService(password.pwm.util.operations.OtpService) UserIdentity(password.pwm.bean.UserIdentity) PwmSession(password.pwm.http.PwmSession) PwmOperationalException(password.pwm.error.PwmOperationalException)

Aggregations

PwmApplication (password.pwm.PwmApplication)120 PwmSession (password.pwm.http.PwmSession)55 ErrorInformation (password.pwm.error.ErrorInformation)54 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)49 PwmOperationalException (password.pwm.error.PwmOperationalException)36 Configuration (password.pwm.config.Configuration)33 UserIdentity (password.pwm.bean.UserIdentity)27 FormConfiguration (password.pwm.config.value.data.FormConfiguration)25 PwmException (password.pwm.error.PwmException)25 IOException (java.io.IOException)22 ServletException (javax.servlet.ServletException)18 UserInfo (password.pwm.ldap.UserInfo)18 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)17 ChaiUser (com.novell.ldapchai.ChaiUser)16 Locale (java.util.Locale)13 ActionConfiguration (password.pwm.config.value.data.ActionConfiguration)13 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)13 MacroMachine (password.pwm.util.macro.MacroMachine)12 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)11 Instant (java.time.Instant)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial