Example 11 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class UserInfoReader method getUserSmsNumber2.
@Override
public String getUserSmsNumber2() throws PwmUnrecoverableException {
final LdapProfile ldapProfile = getUserIdentity().getLdapProfile(pwmApplication.getConfig());
final String ldapSmsAttribute = ldapProfile.readSettingAsString(PwmSetting.SMS_USER_PHONE_ATTRIBUTE_2);
return readStringAttribute(ldapSmsAttribute);
}
Also used :
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 12 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LdapBrowser method getChaiProvider.
private ChaiProvider getChaiProvider(final String profile) throws PwmUnrecoverableException {
if (!providerCache.containsKey(profile)) {
final Configuration configuration = new Configuration(storedConfiguration);
final LdapProfile ldapProfile = LdapProfile.makeFromStoredConfiguration(storedConfiguration, profile);
final ChaiProvider chaiProvider = LdapOperationsHelper.openProxyChaiProvider(chaiProviderFactory, null, ldapProfile, configuration, null);
providerCache.put(profile, chaiProvider);
}
return providerCache.get(profile);
}
Also used :
Configuration(password.pwm.config.Configuration)
ChaiProvider(com.novell.ldapchai.provider.ChaiProvider)
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 13 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LdapPermissionTester method testGroupMatch.
public static boolean testGroupMatch(final PwmApplication pwmApplication, final SessionLabel pwmSession, final UserIdentity userIdentity, final String groupDN) throws PwmUnrecoverableException {
final Instant startTime = Instant.now();
if (userIdentity == null) {
return false;
}
LOGGER.trace(pwmSession, "begin check for ldapGroup match for " + userIdentity + " using queryMatch: " + groupDN);
boolean result = false;
if (groupDN == null || groupDN.length() < 1) {
LOGGER.trace(pwmSession, "missing groupDN value, skipping check");
} else {
final LdapProfile ldapProfile = userIdentity.getLdapProfile(pwmApplication.getConfig());
final String filterString = "(" + ldapProfile.readSettingAsString(PwmSetting.LDAP_USER_GROUP_ATTRIBUTE) + "=" + groupDN + ")";
try {
LOGGER.trace(pwmSession, "checking ldap to see if " + userIdentity + " matches group '" + groupDN + "' using filter '" + filterString + "'");
final ChaiUser theUser = pwmApplication.getProxiedChaiUser(userIdentity);
final Map<String, Map<String, String>> results = theUser.getChaiProvider().search(theUser.getEntryDN(), filterString, Collections.<String>emptySet(), SearchScope.BASE);
if (results.size() == 1 && results.keySet().contains(theUser.getEntryDN())) {
result = true;
}
} catch (ChaiException e) {
LOGGER.warn(pwmSession, "LDAP error during group for " + userIdentity + " using " + filterString + ", error:" + e.getMessage());
}
}
final String logMsg = "user " + userIdentity.toDisplayString() + " is " + (result ? "" : "not ") + "a match for group '" + groupDN + "'" + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")";
LOGGER.debug(pwmSession, logMsg);
return result;
}
Also used :
ChaiUser(com.novell.ldapchai.ChaiUser)
Instant(java.time.Instant)
LdapProfile(password.pwm.config.profile.LdapProfile)
ChaiException(com.novell.ldapchai.exception.ChaiException)
TreeMap(java.util.TreeMap)
Map(java.util.Map)
Example 14 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class PasswordUtility method determinePwdLastModified.
private static Instant determinePwdLastModified(final PwmApplication pwmApplication, final SessionLabel sessionLabel, final ChaiUser theUser, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmUnrecoverableException {
// fetch last password modification time from pwm last update attribute operation
try {
final Instant chaiReadDate = theUser.readPasswordModificationDate();
if (chaiReadDate != null) {
LOGGER.trace(sessionLabel, "read last user password change timestamp (via chai) as: " + JavaHelper.toIsoDate(chaiReadDate));
return chaiReadDate;
}
} catch (ChaiOperationException e) {
LOGGER.error(sessionLabel, "unexpected error reading password last modified timestamp: " + e.getMessage());
}
final LdapProfile ldapProfile = pwmApplication.getConfig().getLdapProfiles().get(userIdentity.getLdapProfileID());
final String pwmLastSetAttr = ldapProfile.readSettingAsString(PwmSetting.PASSWORD_LAST_UPDATE_ATTRIBUTE);
if (pwmLastSetAttr != null && pwmLastSetAttr.length() > 0) {
try {
final Instant pwmPwdLastModified = theUser.readDateAttribute(pwmLastSetAttr);
LOGGER.trace(sessionLabel, "read pwmPasswordChangeTime as: " + (pwmPwdLastModified == null ? "n/a" : JavaHelper.toIsoDate(pwmPwdLastModified)));
return pwmPwdLastModified;
} catch (ChaiOperationException e) {
LOGGER.error(sessionLabel, "error parsing password last modified PWM password value for user " + theUser.getEntryDN() + "; error: " + e.getMessage());
}
}
LOGGER.debug(sessionLabel, "unable to determine time of user's last password modification");
return null;
}
Also used :
Instant(java.time.Instant)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 15 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class ResponseStatsCommand method readAllUsersFromLdap.
private static List<UserIdentity> readAllUsersFromLdap(final PwmApplication pwmApplication) throws ChaiUnavailableException, ChaiOperationException, PwmUnrecoverableException, PwmOperationalException {
final List<UserIdentity> returnList = new ArrayList<>();
for (final LdapProfile ldapProfile : pwmApplication.getConfig().getLdapProfiles().values()) {
final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
final SearchConfiguration searchConfiguration = SearchConfiguration.builder().enableValueEscaping(false).searchTimeout(Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.REPORTING_LDAP_SEARCH_TIMEOUT))).username("*").enableValueEscaping(false).filter(ldapProfile.readSettingAsString(PwmSetting.LDAP_USERNAME_SEARCH_FILTER)).ldapProfile(ldapProfile.getIdentifier()).build();
final Map<UserIdentity, Map<String, String>> searchResults = userSearchEngine.performMultiUserSearch(searchConfiguration, Integer.MAX_VALUE, Collections.emptyList(), SessionLabel.SYSTEM_LABEL);
returnList.addAll(searchResults.keySet());
}
return returnList;
}
Also used :
UserIdentity(password.pwm.bean.UserIdentity)
UserSearchEngine(password.pwm.ldap.search.UserSearchEngine)
ArrayList(java.util.ArrayList)
SearchConfiguration(password.pwm.ldap.search.SearchConfiguration)
LdapProfile(password.pwm.config.profile.LdapProfile)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
Aggregations
LdapProfile (password.pwm.config.profile.LdapProfile)54
ArrayList (java.util.ArrayList)16
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)16
ErrorInformation (password.pwm.error.ErrorInformation)15
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)12
Map (java.util.Map)11
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)10
ChaiUser (com.novell.ldapchai.ChaiUser)9
Configuration (password.pwm.config.Configuration)9
PwmOperationalException (password.pwm.error.PwmOperationalException)9
ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)8
LinkedHashMap (java.util.LinkedHashMap)8
List (java.util.List)7
FormConfiguration (password.pwm.config.value.data.FormConfiguration)7
UserIdentity (password.pwm.bean.UserIdentity)6
ChaiException (com.novell.ldapchai.exception.ChaiException)5
ChaiConfiguration (com.novell.ldapchai.provider.ChaiConfiguration)5
IOException (java.io.IOException)5
HashSet (java.util.HashSet)5
TreeMap (java.util.TreeMap)5
