Examples with UserIdentity password.pwm.bean.UserIdentity used on opensource projects

Search in sources :

Example 66 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class IntruderManager method mark.

public void mark(final RecordType recordType, final String subject, final SessionLabel sessionLabel) throws PwmUnrecoverableException {
    if (recordType == null) {
        throw new IllegalArgumentException("recordType is required");
    }
    if (subject == null || subject.length() < 1) {
        return;
    }
    if (recordType == RecordType.ADDRESS) {
        try {
            final InetAddress inetAddress = InetAddress.getByName(subject);
            if (inetAddress.isAnyLocalAddress() || inetAddress.isLoopbackAddress() || inetAddress.isLinkLocalAddress()) {
                LOGGER.debug("disregarding local address intruder attempt from: " + subject);
                return;
            }
        } catch (Exception e) {
            LOGGER.error("error examining address: " + subject);
        }
    }
    final RecordManager manager = recordManagers.get(recordType);
    manager.markSubject(subject);
    if (recordType == RecordType.USER_ID) {
        final UserIdentity userIdentity = UserIdentity.fromKey(subject, pwmApplication);
        final UserAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.INTRUDER_USER_ATTEMPT, userIdentity, sessionLabel);
        pwmApplication.getAuditManager().submit(auditRecord);
    } else {
        // send intruder attempt audit event
        final Map<String, Object> messageObj = new LinkedHashMap<>();
        messageObj.put("type", recordType);
        messageObj.put("subject", subject);
        final String message = JsonUtil.serializeMap(messageObj);
        final SystemAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createSystemAuditRecord(AuditEvent.INTRUDER_ATTEMPT, message);
        pwmApplication.getAuditManager().submit(auditRecord);
    }
    try {
        check(recordType, subject);
    } catch (PwmUnrecoverableException e) {
        if (!manager.isAlerted(subject)) {
            if (recordType == RecordType.USER_ID) {
                final UserIdentity userIdentity = UserIdentity.fromKey(subject, pwmApplication);
                final UserAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createUserAuditRecord(AuditEvent.INTRUDER_USER_LOCK, userIdentity, sessionLabel);
                pwmApplication.getAuditManager().submit(auditRecord);
                sendAlert(manager.readIntruderRecord(subject), sessionLabel);
            } else {
                // send intruder attempt lock event
                final Map<String, Object> messageObj = new LinkedHashMap<>();
                messageObj.put("type", recordType);
                messageObj.put("subject", subject);
                final String message = JsonUtil.serializeMap(messageObj);
                final SystemAuditRecord auditRecord = new AuditRecordFactory(pwmApplication).createSystemAuditRecord(AuditEvent.INTRUDER_LOCK, message);
                pwmApplication.getAuditManager().submit(auditRecord);
            }
            manager.markAlerted(subject);
            final StatisticsManager statisticsManager = pwmApplication.getStatisticsManager();
            if (statisticsManager != null && statisticsManager.status() == STATUS.OPEN) {
                statisticsManager.incrementValue(Statistic.INTRUDER_ATTEMPTS);
                statisticsManager.updateEps(EpsStatistic.INTRUDER_ATTEMPTS, 1);
                statisticsManager.incrementValue(recordType.getLockStatistic());
            }
        }
        throw e;
    }
    delayPenalty(manager.readIntruderRecord(subject), sessionLabel == null ? null : sessionLabel);
}
Also used : UserAuditRecord(password.pwm.svc.event.UserAuditRecord) UserIdentity(password.pwm.bean.UserIdentity) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) LinkedHashMap(java.util.LinkedHashMap) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) StatisticsManager(password.pwm.svc.stats.StatisticsManager) InetAddress(java.net.InetAddress) SystemAuditRecord(password.pwm.svc.event.SystemAuditRecord) Map(java.util.Map) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap)

Example 67 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class IntruderManager method sendAlert.

private void sendAlert(final IntruderRecord intruderRecord, final SessionLabel sessionLabel) {
    if (intruderRecord == null) {
        return;
    }
    if (intruderRecord.getType() == RecordType.USER_ID) {
        try {
            final UserIdentity identity = UserIdentity.fromDelimitedKey(intruderRecord.getSubject());
            sendIntruderNoticeEmail(pwmApplication, sessionLabel, identity);
        } catch (PwmUnrecoverableException e) {
            LOGGER.error("unable to send intruder mail, can't read userDN/ldapProfile from stored record: " + e.getMessage());
        }
    }
}
Also used : UserIdentity(password.pwm.bean.UserIdentity) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)

Example 68 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class LdapPermissionTester method discoverMatchingUsers.

public static Map<UserIdentity, Map<String, String>> discoverMatchingUsers(final PwmApplication pwmApplication, final int maxResultSize, final List<UserPermission> userPermissions, final SessionLabel sessionLabel) throws Exception {
    final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
    final Map<UserIdentity, Map<String, String>> results = new TreeMap<>();
    for (final UserPermission userPermission : userPermissions) {
        if ((maxResultSize) - results.size() > 0) {
            final SearchConfiguration.SearchConfigurationBuilder builder = SearchConfiguration.builder();
            switch(userPermission.getType()) {
                case ldapQuery:
                    {
                        builder.filter(userPermission.getLdapQuery());
                        if (userPermission.getLdapBase() != null && !userPermission.getLdapBase().isEmpty()) {
                            builder.enableContextValidation(false);
                            builder.contexts(Collections.singletonList(userPermission.getLdapBase()));
                        }
                    }
                    break;
                case ldapGroup:
                    {
                        builder.groupDN(userPermission.getLdapBase());
                    }
                    break;
                default:
                    throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "unknown permission type: " + userPermission.getType()));
            }
            if (userPermission.getLdapProfileID() != null && !userPermission.getLdapProfileID().isEmpty() && !userPermission.getLdapProfileID().equals(PwmConstants.PROFILE_ID_ALL)) {
                builder.ldapProfile(userPermission.getLdapProfileID());
            }
            final SearchConfiguration searchConfiguration = builder.build();
            try {
                results.putAll(userSearchEngine.performMultiUserSearch(searchConfiguration, (maxResultSize) - results.size(), Collections.emptyList(), sessionLabel));
            } catch (PwmUnrecoverableException e) {
                LOGGER.error("error reading matching users: " + e.getMessage());
                throw new PwmOperationalException(e.getErrorInformation());
            }
        }
    }
    return results;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) TreeMap(java.util.TreeMap) TreeMap(java.util.TreeMap) Map(java.util.Map) UserPermission(password.pwm.config.value.data.UserPermission) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 69 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class UserSearchResults method defaultSort.

private static Map<UserIdentity, Map<String, String>> defaultSort(final Map<UserIdentity, Map<String, String>> results, final Map<String, String> headerAttributeMap) {
    if (headerAttributeMap == null || headerAttributeMap.isEmpty() || results == null) {
        return results;
    }
    final String sortAttribute = headerAttributeMap.keySet().iterator().next();
    final Comparator<UserIdentity> comparator = new Comparator<UserIdentity>() {

        @Override
        public int compare(final UserIdentity o1, final UserIdentity o2) {
            final String s1 = getSortValueByIdentity(o1);
            final String s2 = getSortValueByIdentity(o2);
            return s1.compareTo(s2);
        }

        private String getSortValueByIdentity(final UserIdentity userIdentity) {
            final Map<String, String> valueMap = results.get(userIdentity);
            if (valueMap != null) {
                final String sortValue = valueMap.get(sortAttribute);
                if (sortValue != null) {
                    return sortValue;
                }
            }
            return "";
        }
    };
    final List<UserIdentity> identitySortMap = new ArrayList<>();
    identitySortMap.addAll(results.keySet());
    identitySortMap.sort(comparator);
    final Map<UserIdentity, Map<String, String>> sortedResults = new LinkedHashMap<>();
    for (final UserIdentity userIdentity : identitySortMap) {
        sortedResults.put(userIdentity, results.get(userIdentity));
    }
    return sortedResults;
}
Also used : UserIdentity(password.pwm.bean.UserIdentity) ArrayList(java.util.ArrayList) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) Comparator(java.util.Comparator) LinkedHashMap(java.util.LinkedHashMap)

Example 70 with UserIdentity

use of password.pwm.bean.UserIdentity in project pwm by pwm-project.

the class UserSearchResults method resultsAsJsonOutput.

public List<Map<String, Object>> resultsAsJsonOutput(final PwmApplication pwmApplication, final UserIdentity ignoreUser) throws PwmUnrecoverableException {
    final List<Map<String, Object>> outputList = new ArrayList<>();
    int idCounter = 0;
    for (final UserIdentity userIdentity : this.getResults().keySet()) {
        if (ignoreUser == null || !ignoreUser.equals(userIdentity)) {
            final Map<String, Object> rowMap = new LinkedHashMap<>();
            for (final String attribute : this.getHeaderAttributeMap().keySet()) {
                rowMap.put(attribute, this.getResults().get(userIdentity).get(attribute));
            }
            rowMap.put("userKey", userIdentity.toObfuscatedKey(pwmApplication));
            rowMap.put("id", idCounter);
            outputList.add(rowMap);
            idCounter++;
        }
    }
    return outputList;
}
Also used : UserIdentity(password.pwm.bean.UserIdentity) ArrayList(java.util.ArrayList) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) LinkedHashMap(java.util.LinkedHashMap)

Aggregations

UserIdentity (password.pwm.bean.UserIdentity)101 ErrorInformation (password.pwm.error.ErrorInformation)62 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)48 PwmOperationalException (password.pwm.error.PwmOperationalException)45 ChaiUser (com.novell.ldapchai.ChaiUser)30 PwmApplication (password.pwm.PwmApplication)27 Map (java.util.Map)21 PwmSession (password.pwm.http.PwmSession)20 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)19 PwmException (password.pwm.error.PwmException)18 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)17 LinkedHashMap (java.util.LinkedHashMap)17 HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)17 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)16 Instant (java.time.Instant)16 FormConfiguration (password.pwm.config.value.data.FormConfiguration)16 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)16 ArrayList (java.util.ArrayList)15 UserInfo (password.pwm.ldap.UserInfo)15 RestResultBean (password.pwm.ws.server.RestResultBean)15
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial