use of password.pwm.config.Configuration in project pwm by pwm-project.
the class GuestRegistrationServlet method handleSearchRequest.
protected void handleSearchRequest(final PwmRequest pwmRequest, final GuestRegistrationBean guestRegistrationBean) throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException {
LOGGER.trace(pwmRequest, "Enter: handleSearchRequest(...)");
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final ChaiProvider chaiProvider = pwmSession.getSessionManager().getChaiProvider();
final Configuration config = pwmApplication.getConfig();
final String adminDnAttribute = config.readSettingAsString(PwmSetting.GUEST_ADMIN_ATTRIBUTE);
final Boolean origAdminOnly = config.readSettingAsBoolean(PwmSetting.GUEST_EDIT_ORIG_ADMIN_ONLY);
final String usernameParam = pwmRequest.readParameterAsString("username");
final GuestRegistrationBean guBean = pwmApplication.getSessionStateService().getBean(pwmRequest, GuestRegistrationBean.class);
final SearchConfiguration searchConfiguration = SearchConfiguration.builder().chaiProvider(chaiProvider).contexts(Collections.singletonList(config.readSettingAsString(PwmSetting.GUEST_CONTEXT))).enableContextValidation(false).username(usernameParam).build();
final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
try {
final UserIdentity theGuest = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
final FormMap formProps = guBean.getFormValues();
try {
final List<FormConfiguration> guestUpdateForm = config.readSettingAsForm(PwmSetting.GUEST_UPDATE_FORM);
final Set<String> involvedAttrs = new HashSet<>();
for (final FormConfiguration formItem : guestUpdateForm) {
if (!formItem.getName().equalsIgnoreCase(HTTP_PARAM_EXPIRATION_DATE)) {
involvedAttrs.add(formItem.getName());
}
}
final UserInfo guestUserInfo = UserInfoFactory.newUserInfo(pwmApplication, pwmSession.getLabel(), pwmRequest.getLocale(), theGuest, pwmSession.getSessionManager().getChaiProvider());
final Map<String, String> userAttrValues = guestUserInfo.readStringAttributes(involvedAttrs);
if (origAdminOnly && adminDnAttribute != null && adminDnAttribute.length() > 0) {
final String origAdminDn = userAttrValues.get(adminDnAttribute);
if (origAdminDn != null && origAdminDn.length() > 0) {
if (!pwmSession.getUserInfo().getUserIdentity().getUserDN().equalsIgnoreCase(origAdminDn)) {
final ErrorInformation info = new ErrorInformation(PwmError.ERROR_ORIG_ADMIN_ONLY);
setLastError(pwmRequest, info);
LOGGER.warn(pwmSession, info);
this.forwardToJSP(pwmRequest, guestRegistrationBean);
}
}
}
final String expirationAttribute = config.readSettingAsString(PwmSetting.GUEST_EXPIRATION_ATTRIBUTE);
if (expirationAttribute != null && expirationAttribute.length() > 0) {
final Instant expiration = guestUserInfo.readDateAttribute(expirationAttribute);
if (expiration != null) {
guBean.setUpdateUserExpirationDate(expiration);
}
}
for (final FormConfiguration formItem : guestUpdateForm) {
final String key = formItem.getName();
final String value = userAttrValues.get(key);
if (value != null) {
formProps.put(key, value);
}
}
guBean.setUpdateUserIdentity(theGuest);
this.forwardToUpdateJSP(pwmRequest, guestRegistrationBean);
return;
} catch (PwmUnrecoverableException e) {
LOGGER.warn(pwmSession, "error reading current attributes for user: " + e.getMessage());
}
} catch (PwmOperationalException e) {
final ErrorInformation error = e.getErrorInformation();
setLastError(pwmRequest, error);
this.forwardToJSP(pwmRequest, guestRegistrationBean);
return;
}
this.forwardToJSP(pwmRequest, guestRegistrationBean);
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class GuestRegistrationServlet method handleCreateRequest.
private void handleCreateRequest(final PwmRequest pwmRequest, final GuestRegistrationBean guestRegistrationBean) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
final Configuration config = pwmApplication.getConfig();
final Locale locale = ssBean.getLocale();
final List<FormConfiguration> guestUserForm = config.readSettingAsForm(PwmSetting.GUEST_FORM);
try {
// read the values from the request
final Map<FormConfiguration, String> formValues = FormUtility.readFormValuesFromRequest(pwmRequest, guestUserForm, locale);
// read the expiration date from the request.
final Instant expirationDate = readExpirationFromRequest(pwmRequest);
// see if the values meet form requirements.
FormUtility.validateFormValues(config, formValues, locale);
// read new user DN
final String guestUserDN = determineUserDN(formValues, config);
// read a chai provider to make the user
final ChaiProvider provider = pwmSession.getSessionManager().getChaiProvider();
// set up the user creation attributes
final Map<String, String> createAttributes = new HashMap<>();
for (final Map.Entry<FormConfiguration, String> entry : formValues.entrySet()) {
final FormConfiguration formItem = entry.getKey();
final String value = entry.getValue();
LOGGER.debug(pwmSession, "Attribute from form: " + formItem.getName() + " = " + value);
final String n = formItem.getName();
final String v = formValues.get(formItem);
if (n != null && n.length() > 0 && v != null && v.length() > 0) {
createAttributes.put(n, v);
}
}
// Write creator DN
createAttributes.put(config.readSettingAsString(PwmSetting.GUEST_ADMIN_ATTRIBUTE), pwmSession.getUserInfo().getUserIdentity().getUserDN());
// read the creation object classes.
final Set<String> createObjectClasses = new HashSet<>(config.readSettingAsStringArray(PwmSetting.DEFAULT_OBJECT_CLASSES));
provider.createEntry(guestUserDN, createObjectClasses, createAttributes);
LOGGER.info(pwmSession, "created user object: " + guestUserDN);
final ChaiUser theUser = provider.getEntryFactory().newChaiUser(guestUserDN);
final UserIdentity userIdentity = new UserIdentity(guestUserDN, pwmSession.getUserInfo().getUserIdentity().getLdapProfileID());
// write the expiration date:
if (expirationDate != null) {
final String expirationAttr = config.readSettingAsString(PwmSetting.GUEST_EXPIRATION_ATTRIBUTE);
theUser.writeDateAttribute(expirationAttr, expirationDate);
}
final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, pwmSession.getLabel(), userIdentity, theUser, locale);
final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword(pwmSession.getLabel(), passwordPolicy, pwmApplication);
theUser.setPassword(newPassword.getStringValue());
{
// execute configured actions
LOGGER.debug(pwmSession, "executing configured actions to user " + theUser.getEntryDN());
final List<ActionConfiguration> actions = pwmApplication.getConfig().readSettingAsAction(PwmSetting.GUEST_WRITE_ATTRIBUTES);
if (actions != null && !actions.isEmpty()) {
final MacroMachine macroMachine = MacroMachine.forUser(pwmRequest, userIdentity);
final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings(pwmApplication, theUser).setExpandPwmMacros(true).setMacroMachine(macroMachine).createActionExecutor();
actionExecutor.executeActions(actions, pwmRequest.getSessionLabel());
}
}
// everything good so forward to success page.
this.sendGuestUserEmailConfirmation(pwmRequest, userIdentity);
pwmApplication.getStatisticsManager().incrementValue(Statistic.NEW_USERS);
pwmRequest.getPwmResponse().forwardToSuccessPage(Message.Success_CreateGuest);
} catch (ChaiOperationException e) {
final ErrorInformation info = new ErrorInformation(PwmError.ERROR_NEW_USER_FAILURE, "error creating user: " + e.getMessage());
setLastError(pwmRequest, info);
LOGGER.warn(pwmSession, info);
this.forwardToJSP(pwmRequest, guestRegistrationBean);
} catch (PwmOperationalException e) {
LOGGER.error(pwmSession, e.getErrorInformation().toDebugStr());
setLastError(pwmRequest, e.getErrorInformation());
this.forwardToJSP(pwmRequest, guestRegistrationBean);
}
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class ActivateUserServlet method handleActivateRequest.
@ActionHandler(action = "activate")
public ProcessStatus handleActivateRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final Configuration config = pwmApplication.getConfig();
final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
throw new PwmUnrecoverableException(errorInfo);
}
}
pwmApplication.getSessionStateService().clearBean(pwmRequest, ActivateUserBean.class);
final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm(PwmSetting.ACTIVATE_USER_FORM);
Map<FormConfiguration, String> formValues = new HashMap<>();
try {
// read the values from the request
formValues = FormUtility.readFormValuesFromRequest(pwmRequest, configuredActivationForm, ssBean.getLocale());
// check for intruders
pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
// read the context attr
final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
// read the profile attr
final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
// see if the values meet the configured form requirements.
FormUtility.validateFormValues(config, formValues, ssBean.getLocale());
final String searchFilter = ActivateUserUtils.figureLdapSearchFilter(pwmRequest);
// read an ldap user object based on the params
final UserIdentity userIdentity;
{
final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
final SearchConfiguration searchConfiguration = SearchConfiguration.builder().contexts(Collections.singletonList(contextParam)).filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).build();
userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmRequest.getSessionLabel());
}
ActivateUserUtils.validateParamsAgainstLDAP(pwmRequest, formValues, userIdentity);
final List<UserPermission> userPermissions = config.readSettingAsUserPermission(PwmSetting.ACTIVATE_USER_QUERY_MATCH);
if (!LdapPermissionTester.testUserPermissions(pwmApplication, pwmSession.getLabel(), userIdentity, userPermissions)) {
final String errorMsg = "user " + userIdentity + " attempted activation, but does not match query string";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_ACTIVATE_NO_PERMISSION, errorMsg);
pwmApplication.getIntruderManager().convenience().markUserIdentity(userIdentity, pwmSession);
pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
throw new PwmUnrecoverableException(errorInformation);
}
final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ActivateUserBean.class);
activateUserBean.setUserIdentity(userIdentity);
activateUserBean.setFormValidated(true);
pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
} catch (PwmOperationalException e) {
pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
setLastError(pwmRequest, e.getErrorInformation());
LOGGER.debug(pwmSession.getLabel(), e.getErrorInformation().toDebugStr());
}
return ProcessStatus.Continue;
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class SessionFilter method handleThemeParam.
private static void handleThemeParam(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
final Configuration config = pwmRequest.getConfig();
final String themeParameterName = config.readAppProperty(AppProperty.HTTP_PARAM_NAME_THEME);
final String themeReqParameter = pwmRequest.readParameterAsString(themeParameterName);
if (themeReqParameter != null && !themeReqParameter.isEmpty()) {
if (pwmRequest.getPwmApplication().getResourceServletService().checkIfThemeExists(pwmRequest, themeReqParameter)) {
pwmRequest.getPwmSession().getSessionStateBean().setTheme(themeReqParameter);
final String themeCookieName = config.readAppProperty(AppProperty.HTTP_COOKIE_THEME_NAME);
if (themeCookieName != null && themeCookieName.length() > 0) {
final String configuredTheme = config.readSettingAsString(PwmSetting.INTERFACE_THEME);
if (configuredTheme != null && configuredTheme.equalsIgnoreCase(themeReqParameter)) {
pwmRequest.getPwmResponse().removeCookie(themeCookieName, PwmHttpResponseWrapper.CookiePath.Application);
} else {
final int maxAge = Integer.parseInt(config.readAppProperty(AppProperty.HTTP_COOKIE_THEME_AGE));
pwmRequest.getPwmResponse().writeCookie(themeCookieName, themeReqParameter, maxAge, PwmHttpResponseWrapper.CookiePath.Application);
}
}
}
}
}
use of password.pwm.config.Configuration in project pwm by pwm-project.
the class ClientApiServlet method makeDisplayData.
private Map<String, String> makeDisplayData(final PwmApplication pwmApplication, final PwmSession pwmSession, final String bundleName) {
Class displayClass = LocaleHelper.classForShortName(bundleName);
displayClass = displayClass == null ? Display.class : displayClass;
final Locale userLocale = pwmSession.getSessionStateBean().getLocale();
final Configuration config = pwmApplication.getConfig();
final TreeMap<String, String> displayStrings = new TreeMap<>();
final ResourceBundle bundle = ResourceBundle.getBundle(displayClass.getName());
try {
final MacroMachine macroMachine = pwmSession.getSessionManager().getMacroMachine(pwmApplication);
for (final String key : new TreeSet<>(Collections.list(bundle.getKeys()))) {
String displayValue = LocaleHelper.getLocalizedMessage(userLocale, key, config, displayClass);
displayValue = macroMachine.expandMacros(displayValue);
displayStrings.put(key, displayValue);
}
} catch (Exception e) {
LOGGER.error(pwmSession, "error expanding macro display value: " + e.getMessage());
}
return displayStrings;
}
Aggregations