Example 6 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LDAPAuthenticationRequest method makeProxyProvider.
private ChaiProvider makeProxyProvider() throws ChaiUnavailableException, PwmUnrecoverableException {
final LdapProfile profile = pwmApplication.getConfig().getLdapProfiles().get(userIdentity.getLdapProfileID());
final String proxyDN = profile.readSettingAsString(PwmSetting.LDAP_PROXY_USER_DN);
final PasswordData proxyPassword = profile.readSettingAsPassword(PwmSetting.LDAP_PROXY_USER_PASSWORD);
return LdapOperationsHelper.createChaiProvider(pwmApplication, sessionLabel, profile, pwmApplication.getConfig(), proxyDN, proxyPassword);
}
Also used :
PasswordData(password.pwm.util.PasswordData)
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 7 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class UserSearchEngine method checkIfStringIsDN.
private boolean checkIfStringIsDN(final String input, final SessionLabel sessionLabel) {
if (input == null || input.length() < 1) {
return false;
}
// if supplied user name starts with username attr assume its the full dn and skip the search
final Set<String> namingAttributes = new HashSet<>();
for (final LdapProfile ldapProfile : pwmApplication.getConfig().getLdapProfiles().values()) {
final String usernameAttribute = ldapProfile.readSettingAsString(PwmSetting.LDAP_NAMING_ATTRIBUTE);
if (input.toLowerCase().startsWith(usernameAttribute.toLowerCase() + "=")) {
LOGGER.trace(sessionLabel, "username '" + input + "' appears to be a DN (starts with configured ldap naming attribute'" + usernameAttribute + "'), skipping username search");
return true;
}
namingAttributes.add(usernameAttribute);
}
LOGGER.trace(sessionLabel, "username '" + input + "' does not appear to be a DN (does not start with any of the configured ldap naming attributes '" + StringUtil.collectionToString(namingAttributes, ",") + "')");
return false;
}
Also used :
LdapProfile(password.pwm.config.profile.LdapProfile)
HashSet(java.util.HashSet)
Example 8 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LdapXmlUserHistory method updateUserHistoryImpl.
private void updateUserHistoryImpl(final UserAuditRecord auditRecord) throws PwmUnrecoverableException, ChaiUnavailableException {
// user info
final UserIdentity userIdentity;
if (auditRecord instanceof HelpdeskAuditRecord && auditRecord.getType() == AuditEvent.Type.HELPDESK) {
final HelpdeskAuditRecord helpdeskAuditRecord = (HelpdeskAuditRecord) auditRecord;
userIdentity = new UserIdentity(helpdeskAuditRecord.getTargetDN(), helpdeskAuditRecord.getTargetLdapProfile());
} else {
userIdentity = new UserIdentity(auditRecord.getPerpetratorDN(), auditRecord.getPerpetratorLdapProfile());
}
final ChaiUser theUser = pwmApplication.getProxiedChaiUser(userIdentity);
// settings
final String corRecordIdentifer = COR_RECORD_ID;
final LdapProfile ldapProfile = userIdentity.getLdapProfile(pwmApplication.getConfig());
final String corAttribute = ldapProfile.readSettingAsString(PwmSetting.EVENTS_LDAP_ATTRIBUTE);
// quit if settings no good;
if (corAttribute == null || corAttribute.length() < 1) {
LOGGER.debug("no user event log attribute configured, skipping write of log data");
return;
}
// read current value;
final StoredHistory storedHistory;
final ConfigObjectRecord theCor;
final List corList;
try {
corList = ConfigObjectRecord.readRecordFromLDAP(theUser, corAttribute, corRecordIdentifer, null, null);
} catch (Exception e) {
final String errorMsg = "error reading LDAP user event history for user " + userIdentity.toDisplayString() + ", error: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
LOGGER.error(errorInformation.toDebugStr(), e);
throw new PwmUnrecoverableException(errorInformation, e);
}
try {
if (!corList.isEmpty()) {
theCor = (ConfigObjectRecord) corList.get(0);
} else {
theCor = ConfigObjectRecord.createNew(theUser, corAttribute, corRecordIdentifer, null, null);
}
storedHistory = StoredHistory.fromXml(theCor.getPayload());
} catch (Exception e) {
LOGGER.error("ldap error writing user event log: " + e.getMessage());
return;
}
// add next record to blob
final StoredEvent storedEvent = StoredEvent.fromAuditRecord(auditRecord);
storedHistory.addEvent(storedEvent);
// trim the blob.
final int maxUserEvents = (int) pwmApplication.getConfig().readSettingAsLong(PwmSetting.EVENTS_LDAP_MAX_EVENTS);
storedHistory.trim(maxUserEvents);
// write the blob.
try {
theCor.updatePayload(storedHistory.toXml());
} catch (ChaiOperationException e) {
LOGGER.error("ldap error writing user event log: " + e.getMessage());
}
}
Also used :
UserIdentity(password.pwm.bean.UserIdentity)
ConfigObjectRecord(com.novell.ldapchai.util.ConfigObjectRecord)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
LdapProfile(password.pwm.config.profile.LdapProfile)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
JDOMException(org.jdom2.JDOMException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
IOException(java.io.IOException)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiUser(com.novell.ldapchai.ChaiUser)
LinkedList(java.util.LinkedList)
List(java.util.List)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
Example 9 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class UserInfoReader method getCachedAttributeValues.
@Override
public Map<String, String> getCachedAttributeValues() throws PwmUnrecoverableException {
final LdapProfile ldapProfile = getUserIdentity().getLdapProfile(pwmApplication.getConfig());
final List<String> cachedAttributeNames = ldapProfile.readSettingAsStringArray(PwmSetting.CACHED_USER_ATTRIBUTES);
if (cachedAttributeNames != null && !cachedAttributeNames.isEmpty()) {
final Map<String, String> attributeValues = readStringAttributes(new HashSet<>(cachedAttributeNames));
return Collections.unmodifiableMap(attributeValues);
}
return Collections.emptyMap();
}
Also used :
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 10 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class UserInfoReader method getUserSmsNumber.
@Override
public String getUserSmsNumber() throws PwmUnrecoverableException {
final LdapProfile ldapProfile = getUserIdentity().getLdapProfile(pwmApplication.getConfig());
final String ldapSmsAttribute = ldapProfile.readSettingAsString(PwmSetting.SMS_USER_PHONE_ATTRIBUTE);
return readStringAttribute(ldapSmsAttribute);
}
Also used :
LdapProfile(password.pwm.config.profile.LdapProfile)
Aggregations
LdapProfile (password.pwm.config.profile.LdapProfile)54
ArrayList (java.util.ArrayList)16
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)16
ErrorInformation (password.pwm.error.ErrorInformation)15
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)12
Map (java.util.Map)11
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)10
ChaiUser (com.novell.ldapchai.ChaiUser)9
Configuration (password.pwm.config.Configuration)9
PwmOperationalException (password.pwm.error.PwmOperationalException)9
ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)8
LinkedHashMap (java.util.LinkedHashMap)8
List (java.util.List)7
FormConfiguration (password.pwm.config.value.data.FormConfiguration)7
UserIdentity (password.pwm.bean.UserIdentity)6
ChaiException (com.novell.ldapchai.exception.ChaiException)5
ChaiConfiguration (com.novell.ldapchai.provider.ChaiConfiguration)5
IOException (java.io.IOException)5
HashSet (java.util.HashSet)5
TreeMap (java.util.TreeMap)5
