Examples with HelpdeskProfile password.pwm.config.profile.HelpdeskProfile used on opensource projects

Search in sources :

Example 1 with HelpdeskProfile

use of password.pwm.config.profile.HelpdeskProfile in project pwm by pwm-project.

the class IdleTimeoutCalculator method idleTimeoutForRequest.

public static TimeDuration idleTimeoutForRequest(final PwmURL pwmURL, final PwmApplication pwmApplication, final PwmSession pwmSession) throws PwmUnrecoverableException {
    if (pwmURL.isResourceURL()) {
        return figureMaxSessionTimeout(pwmApplication, pwmSession).getIdleTimeout();
    }
    final Configuration config = pwmApplication.getConfig();
    if (pwmURL.isPwmServletURL(PwmServletDefinition.Helpdesk)) {
        if (config.readSettingAsBoolean(PwmSetting.HELPDESK_ENABLE)) {
            final HelpdeskProfile helpdeskProfile = pwmSession.getSessionManager().getHelpdeskProfile(pwmApplication);
            if (helpdeskProfile != null) {
                final long helpdeskIdleTimeout = helpdeskProfile.readSettingAsLong(PwmSetting.HELPDESK_IDLE_TIMEOUT_SECONDS);
                if (helpdeskIdleTimeout > 0) {
                    return new TimeDuration(helpdeskIdleTimeout, TimeUnit.SECONDS);
                }
            }
        }
    }
    if ((pwmURL.isPwmServletURL(PwmServletDefinition.PrivatePeopleSearch) || pwmURL.isPwmServletURL(PwmServletDefinition.PublicPeopleSearch)) && pwmURL.isPrivateUrl()) {
        if (config.readSettingAsBoolean(PwmSetting.PEOPLE_SEARCH_ENABLE)) {
            final long peopleSearchIdleTimeout = config.readSettingAsLong(PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS);
            if (peopleSearchIdleTimeout > 0) {
                return new TimeDuration(peopleSearchIdleTimeout, TimeUnit.SECONDS);
            }
        }
    }
    if (pwmURL.isPwmServletURL(PwmServletDefinition.ConfigEditor)) {
        try {
            if (pwmSession.getSessionManager().checkPermission(pwmApplication, Permission.PWMADMIN)) {
                final long configEditorIdleTimeout = Long.parseLong(config.readAppProperty(AppProperty.CONFIG_EDITOR_IDLE_TIMEOUT));
                if (configEditorIdleTimeout > 0) {
                    return new TimeDuration(configEditorIdleTimeout, TimeUnit.SECONDS);
                }
            }
        } catch (PwmUnrecoverableException e) {
            LOGGER.error(pwmSession, "error while figuring max idle timeout for session: " + e.getMessage());
        }
    }
    if (pwmURL.isPwmServletURL(PwmServletDefinition.ConfigGuide)) {
        if (pwmApplication.getApplicationMode() == PwmApplicationMode.NEW) {
            final long configGuideIdleTimeout = Long.parseLong(config.readAppProperty(AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT));
            if (configGuideIdleTimeout > 0) {
                return new TimeDuration(configGuideIdleTimeout, TimeUnit.SECONDS);
            }
        }
    }
    final long idleTimeout = config.readSettingAsLong(PwmSetting.IDLE_TIMEOUT_SECONDS);
    return new TimeDuration(idleTimeout, TimeUnit.SECONDS);
}
Also used : Configuration(password.pwm.config.Configuration) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) TimeDuration(password.pwm.util.java.TimeDuration) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)

Example 2 with HelpdeskProfile

use of password.pwm.config.profile.HelpdeskProfile in project pwm by pwm-project.

the class PasswordUtility method helpdeskSetUserPassword.

public static void helpdeskSetUserPassword(final PwmSession pwmSession, final ChaiUser chaiUser, final UserInfo userInfo, final PwmApplication pwmApplication, final PasswordData newPassword) throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException {
    final SessionLabel sessionLabel = pwmSession.getLabel();
    final UserIdentity userIdentity = userInfo.getUserIdentity();
    if (!pwmSession.isAuthenticated()) {
        final String errorMsg = "attempt to helpdeskSetUserPassword, but user is not authenticated";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg);
        throw new PwmOperationalException(errorInformation);
    }
    final HelpdeskProfile helpdeskProfile = pwmSession.getSessionManager().getHelpdeskProfile(pwmApplication);
    if (helpdeskProfile == null) {
        final String errorMsg = "attempt to helpdeskSetUserPassword, but user does not have helpdesk permission";
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg);
        throw new PwmOperationalException(errorInformation);
    }
    setPassword(pwmApplication, pwmSession.getLabel(), chaiUser.getChaiProvider(), userInfo, null, newPassword);
    // create a proxy user object for pwm to update/read the user.
    final ChaiUser proxiedUser = pwmApplication.getProxiedChaiUser(userIdentity);
    // mark the event log
    {
        final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmApplication, pwmSession).createHelpdeskAuditRecord(AuditEvent.HELPDESK_SET_PASSWORD, pwmSession.getUserInfo().getUserIdentity(), null, userIdentity, pwmSession.getSessionStateBean().getSrcAddress(), pwmSession.getSessionStateBean().getSrcHostname());
        pwmApplication.getAuditManager().submit(auditRecord);
    }
    // update statistics
    pwmApplication.getStatisticsManager().incrementValue(Statistic.HELPDESK_PASSWORD_SET);
    {
        // execute configured actions
        LOGGER.debug(sessionLabel, "executing changepassword and helpdesk post password change writeAttributes to user " + userIdentity);
        final List<ActionConfiguration> actions = new ArrayList<>();
        actions.addAll(pwmApplication.getConfig().readSettingAsAction(PwmSetting.CHANGE_PASSWORD_WRITE_ATTRIBUTES));
        actions.addAll(helpdeskProfile.readSettingAsAction(PwmSetting.HELPDESK_POST_SET_PASSWORD_WRITE_ATTRIBUTES));
        if (!actions.isEmpty()) {
            final LoginInfoBean loginInfoBean = new LoginInfoBean();
            loginInfoBean.setUserCurrentPassword(newPassword);
            final MacroMachine macroMachine = MacroMachine.forUser(pwmApplication, sessionLabel, userInfo, loginInfoBean);
            final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings(pwmApplication, userIdentity).setMacroMachine(macroMachine).setExpandPwmMacros(true).createActionExecutor();
            actionExecutor.executeActions(actions, pwmSession.getLabel());
        }
    }
    final HelpdeskClearResponseMode settingClearResponses = HelpdeskClearResponseMode.valueOf(helpdeskProfile.readSettingAsString(PwmSetting.HELPDESK_CLEAR_RESPONSES));
    if (settingClearResponses == HelpdeskClearResponseMode.yes) {
        final String userGUID = LdapOperationsHelper.readLdapGuidValue(pwmApplication, sessionLabel, userIdentity, false);
        pwmApplication.getCrService().clearResponses(pwmSession.getLabel(), userIdentity, proxiedUser, userGUID);
        // mark the event log
        final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmApplication, pwmSession).createHelpdeskAuditRecord(AuditEvent.HELPDESK_CLEAR_RESPONSES, pwmSession.getUserInfo().getUserIdentity(), null, userIdentity, pwmSession.getSessionStateBean().getSrcAddress(), pwmSession.getSessionStateBean().getSrcHostname());
        pwmApplication.getAuditManager().submit(auditRecord);
    }
    // send email notification
    sendChangePasswordHelpdeskEmailNotice(pwmSession, pwmApplication, userInfo);
    // expire if so configured
    if (helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_FORCE_PW_EXPIRATION)) {
        LOGGER.trace(pwmSession, "preparing to expire password for user " + userIdentity.toDisplayString());
        try {
            proxiedUser.expirePassword();
        } catch (ChaiOperationException e) {
            LOGGER.warn(pwmSession, "error while forcing password expiration for user " + userIdentity.toDisplayString() + ", error: " + e.getMessage());
        }
    }
    // send password
    final boolean sendPassword = helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_SEND_PASSWORD);
    if (sendPassword) {
        final MessageSendMethod messageSendMethod;
        {
            final String profileID = ProfileUtility.discoverProfileIDforUser(pwmApplication, sessionLabel, userIdentity, ProfileType.ForgottenPassword);
            final ForgottenPasswordProfile forgottenPasswordProfile = pwmApplication.getConfig().getForgottenPasswordProfiles().get(profileID);
            messageSendMethod = forgottenPasswordProfile.readSettingAsEnum(PwmSetting.RECOVERY_SENDNEWPW_METHOD, MessageSendMethod.class);
        }
        PasswordUtility.sendNewPassword(userInfo, pwmApplication, newPassword, pwmSession.getSessionStateBean().getLocale(), messageSendMethod);
    }
}
Also used : ForgottenPasswordProfile(password.pwm.config.profile.ForgottenPasswordProfile) LoginInfoBean(password.pwm.bean.LoginInfoBean) UserIdentity(password.pwm.bean.UserIdentity) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) MessageSendMethod(password.pwm.config.option.MessageSendMethod) PwmOperationalException(password.pwm.error.PwmOperationalException) HelpdeskAuditRecord(password.pwm.svc.event.HelpdeskAuditRecord) SessionLabel(password.pwm.bean.SessionLabel) ErrorInformation(password.pwm.error.ErrorInformation) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) ChaiUser(com.novell.ldapchai.ChaiUser) HelpdeskClearResponseMode(password.pwm.config.option.HelpdeskClearResponseMode) MacroMachine(password.pwm.util.macro.MacroMachine) List(java.util.List) ArrayList(java.util.ArrayList) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)

Example 3 with HelpdeskProfile

use of password.pwm.config.profile.HelpdeskProfile in project pwm by pwm-project.

the class HelpdeskServlet method restCheckVerification.

@ActionHandler(action = "checkVerification")
private ProcessStatus restCheckVerification(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException {
    final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
    final Map<String, String> bodyMap = pwmRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation);
    final UserIdentity userIdentity = HelpdeskServletUtil.userIdentityFromMap(pwmRequest, bodyMap);
    HelpdeskServletUtil.checkIfUserIdentityViewable(pwmRequest, helpdeskProfile, userIdentity);
    final String rawVerificationStr = bodyMap.get(HelpdeskVerificationStateBean.PARAMETER_VERIFICATION_STATE_KEY);
    final HelpdeskVerificationStateBean state = HelpdeskVerificationStateBean.fromClientString(pwmRequest, rawVerificationStr);
    final boolean passed = HelpdeskServletUtil.checkIfRequiredVerificationPassed(userIdentity, state, helpdeskProfile);
    final HashMap<String, Object> results = new HashMap<>();
    results.put("passed", passed);
    final RestResultBean restResultBean = RestResultBean.withData(results);
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 4 with HelpdeskProfile

use of password.pwm.config.profile.HelpdeskProfile in project pwm by pwm-project.

the class HelpdeskServlet method restClearResponsesHandler.

@ActionHandler(action = "clearResponses")
private ProcessStatus restClearResponsesHandler(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException, ChaiUnavailableException, PwmOperationalException {
    final UserIdentity userIdentity;
    try {
        userIdentity = readUserKeyRequestParameter(pwmRequest);
    } catch (PwmUnrecoverableException e) {
        pwmRequest.outputJsonResult(RestResultBean.fromError(e.getErrorInformation()));
        return ProcessStatus.Halt;
    }
    final HelpdeskProfile helpdeskProfile = pwmRequest.getPwmSession().getSessionManager().getHelpdeskProfile(pwmRequest.getPwmApplication());
    HelpdeskServletUtil.checkIfUserIdentityViewable(pwmRequest, helpdeskProfile, userIdentity);
    {
        final boolean buttonEnabled = helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_CLEAR_RESPONSES_BUTTON);
        final HelpdeskClearResponseMode mode = helpdeskProfile.readSettingAsEnum(PwmSetting.HELPDESK_CLEAR_RESPONSES, HelpdeskClearResponseMode.class);
        if (!buttonEnabled && (mode == HelpdeskClearResponseMode.no)) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SECURITY_VIOLATION, "setting " + PwmSetting.HELPDESK_CLEAR_RESPONSES_BUTTON.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + " must be enabled or setting " + PwmSetting.HELPDESK_CLEAR_RESPONSES.toMenuLocationDebug(helpdeskProfile.getIdentifier(), pwmRequest.getLocale()) + "must be set to yes or ask"));
        }
    }
    final ChaiUser chaiUser = getChaiUser(pwmRequest, helpdeskProfile, userIdentity);
    final String userGUID = LdapOperationsHelper.readLdapGuidValue(pwmRequest.getPwmApplication(), pwmRequest.getPwmSession().getLabel(), userIdentity, true);
    final CrService crService = pwmRequest.getPwmApplication().getCrService();
    crService.clearResponses(pwmRequest.getPwmSession().getLabel(), userIdentity, chaiUser, userGUID);
    // mark the event log
    {
        final HelpdeskAuditRecord auditRecord = new AuditRecordFactory(pwmRequest.getPwmApplication(), pwmRequest.getPwmSession()).createHelpdeskAuditRecord(AuditEvent.HELPDESK_CLEAR_RESPONSES, pwmRequest.getPwmSession().getUserInfo().getUserIdentity(), null, userIdentity, pwmRequest.getPwmSession().getSessionStateBean().getSrcAddress(), pwmRequest.getPwmSession().getSessionStateBean().getSrcHostname());
        pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
    final RestResultBean restResultBean = RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown);
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) ChaiUser(com.novell.ldapchai.ChaiUser) HelpdeskClearResponseMode(password.pwm.config.option.HelpdeskClearResponseMode) UserIdentity(password.pwm.bean.UserIdentity) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) CrService(password.pwm.util.operations.CrService) HelpdeskAuditRecord(password.pwm.svc.event.HelpdeskAuditRecord) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 5 with HelpdeskProfile

use of password.pwm.config.profile.HelpdeskProfile in project pwm by pwm-project.

the class HelpdeskServlet method restClientData.

@ActionHandler(action = "clientData")
private ProcessStatus restClientData(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException {
    final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
    final HelpdeskClientDataBean returnValues = HelpdeskClientDataBean.fromConfig(helpdeskProfile, pwmRequest.getLocale());
    final RestResultBean restResultBean = RestResultBean.withData(returnValues);
    LOGGER.trace(pwmRequest, "returning clientData: " + JsonUtil.serialize(restResultBean));
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) RestResultBean(password.pwm.ws.server.RestResultBean)

Aggregations

HelpdeskProfile (password.pwm.config.profile.HelpdeskProfile)22 UserIdentity (password.pwm.bean.UserIdentity)17 RestResultBean (password.pwm.ws.server.RestResultBean)15 ErrorInformation (password.pwm.error.ErrorInformation)14 ChaiUser (com.novell.ldapchai.ChaiUser)9 AuditRecordFactory (password.pwm.svc.event.AuditRecordFactory)8 HelpdeskAuditRecord (password.pwm.svc.event.HelpdeskAuditRecord)8 PwmOperationalException (password.pwm.error.PwmOperationalException)6 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)6 PwmSession (password.pwm.http.PwmSession)4 UserInfo (password.pwm.ldap.UserInfo)4 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)3 Instant (java.time.Instant)3 FormConfiguration (password.pwm.config.value.data.FormConfiguration)3 MacroMachine (password.pwm.util.macro.MacroMachine)3 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 List (java.util.List)2 PwmApplication (password.pwm.PwmApplication)2 Configuration (password.pwm.config.Configuration)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial