Example 16 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LdapCrOperator method clearResponses.
public void clearResponses(final UserIdentity userIdentity, final ChaiUser theUser, final String userGuid) throws PwmUnrecoverableException {
final LdapProfile ldapProfile = userIdentity.getLdapProfile(config);
final String ldapStorageAttribute = ldapProfile.readSettingAsString(PwmSetting.CHALLENGE_USER_ATTRIBUTE);
if (ldapStorageAttribute == null || ldapStorageAttribute.length() < 1) {
final String errorMsg = "ldap storage attribute is not configured, unable to clear user responses";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_INVALID_CONFIG, errorMsg);
throw new PwmUnrecoverableException(errorInformation);
}
try {
final String currentValue = theUser.readStringAttribute(ldapStorageAttribute);
if (currentValue != null && currentValue.length() > 0) {
theUser.deleteAttribute(ldapStorageAttribute, null);
}
LOGGER.info("cleared responses for user to chai-ldap format");
} catch (ChaiOperationException e) {
final String errorMsg;
if (e.getErrorCode() == ChaiError.NO_ACCESS) {
errorMsg = "permission error clearing responses to ldap attribute '" + ldapStorageAttribute + "', user does not appear to have correct permissions to clear responses: " + e.getMessage();
} else {
errorMsg = "error clearing responses to ldap attribute '" + ldapStorageAttribute + "': " + e.getMessage();
}
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_WRITING_RESPONSES, errorMsg);
final PwmUnrecoverableException pwmOE = new PwmUnrecoverableException(errorInfo);
pwmOE.initCause(e);
throw pwmOE;
} catch (ChaiUnavailableException e) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, e.getMessage()));
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 17 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class Configuration method getLdapProfiles.
public Map<String, LdapProfile> getLdapProfiles() {
if (dataCache.ldapProfiles != null) {
return dataCache.ldapProfiles;
}
final List<String> profiles = StoredConfigurationUtil.profilesForSetting(PwmSetting.LDAP_PROFILE_LIST, storedConfiguration);
final LinkedHashMap<String, LdapProfile> returnList = new LinkedHashMap<>();
for (final String profileID : profiles) {
final LdapProfile ldapProfile = LdapProfile.makeFromStoredConfiguration(this.storedConfiguration, profileID);
if (ldapProfile.readSettingAsBoolean(PwmSetting.LDAP_PROFILE_ENABLED)) {
returnList.put(profileID, ldapProfile);
}
}
dataCache.ldapProfiles = Collections.unmodifiableMap(returnList);
return dataCache.ldapProfiles;
}
Also used :
LdapProfile(password.pwm.config.profile.LdapProfile)
LinkedHashMap(java.util.LinkedHashMap)
Example 18 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class HelpdeskCardInfoBean method figurePhotoURL.
private static String figurePhotoURL(final PwmRequest pwmRequest, final HelpdeskProfile helpdeskProfile, final ChaiUser chaiUser, final MacroMachine macroMachine, final UserIdentity userIdentity) throws PwmUnrecoverableException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final boolean enabled = helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_ENABLE_PHOTOS);
if (!enabled) {
LOGGER.debug(pwmRequest, "detailed user data lookup for " + userIdentity.toString() + ", failed photo query filter, denying photo view");
return null;
}
final LdapProfile ldapProfile = userIdentity.getLdapProfile(pwmApplication.getConfig());
final String overrideURL = ldapProfile.readSettingAsString(PwmSetting.PEOPLE_SEARCH_PHOTO_URL_OVERRIDE);
try {
if (!StringUtil.isEmpty(overrideURL)) {
return macroMachine.expandMacros(overrideURL);
}
try {
LdapOperationsHelper.readPhotoDataFromLdap(pwmApplication.getConfig(), chaiUser, userIdentity);
} catch (PwmOperationalException e) {
LOGGER.debug(pwmRequest, "determined " + userIdentity + " does not have photo data available while generating detail data");
return null;
}
} catch (ChaiUnavailableException e) {
throw PwmUnrecoverableException.fromChaiException(e);
}
String returnUrl = pwmRequest.getContextPath() + PwmServletDefinition.Helpdesk.servletUrl();
returnUrl = PwmURL.appendAndEncodeUrlParameters(returnUrl, PwmConstants.PARAM_ACTION_REQUEST, HelpdeskServlet.HelpdeskAction.photo.name());
returnUrl = PwmURL.appendAndEncodeUrlParameters(returnUrl, PwmConstants.PARAM_USERKEY, userIdentity.toObfuscatedKey(pwmApplication));
return returnUrl;
}
Also used :
PwmApplication(password.pwm.PwmApplication)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
LdapProfile(password.pwm.config.profile.LdapProfile)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 19 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class ActivateUserUtils method sendPostActivationSms.
static boolean sendPostActivationSms(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final Configuration config = pwmApplication.getConfig();
final UserInfo userInfo = pwmSession.getUserInfo();
final Locale locale = pwmSession.getSessionStateBean().getLocale();
final LdapProfile ldapProfile = userInfo.getUserIdentity().getLdapProfile(config);
final String message = config.readSettingAsLocalizedString(PwmSetting.SMS_ACTIVATION_TEXT, locale);
final String toSmsNumber;
try {
toSmsNumber = userInfo.readStringAttribute(ldapProfile.readSettingAsString(PwmSetting.SMS_USER_PHONE_ATTRIBUTE));
} catch (Exception e) {
LOGGER.debug(pwmSession.getLabel(), "error reading SMS attribute from user '" + pwmSession.getUserInfo().getUserIdentity() + "': " + e.getMessage());
return false;
}
if (toSmsNumber == null || toSmsNumber.length() < 1) {
LOGGER.debug(pwmSession.getLabel(), "skipping send activation SMS for '" + pwmSession.getUserInfo().getUserIdentity() + "' no SMS number configured");
return false;
}
pwmApplication.sendSmsUsingQueue(toSmsNumber, message, pwmRequest.getSessionLabel(), pwmSession.getSessionManager().getMacroMachine(pwmApplication));
return true;
}
Also used :
Locale(java.util.Locale)
PwmApplication(password.pwm.PwmApplication)
Configuration(password.pwm.config.Configuration)
FormConfiguration(password.pwm.config.value.data.FormConfiguration)
ActionConfiguration(password.pwm.config.value.data.ActionConfiguration)
UserInfo(password.pwm.ldap.UserInfo)
PwmSession(password.pwm.http.PwmSession)
LdapProfile(password.pwm.config.profile.LdapProfile)
ServletException(javax.servlet.ServletException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ImpossiblePasswordPolicyException(com.novell.ldapchai.exception.ImpossiblePasswordPolicyException)
PwmDataValidationException(password.pwm.error.PwmDataValidationException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
IOException(java.io.IOException)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
Example 20 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class RestUtility method resolveRequestedUsername.
public static RestServlet.TargetUserIdentity resolveRequestedUsername(final RestRequest restRequest, final String username) throws PwmUnrecoverableException {
final PwmApplication pwmApplication = restRequest.getPwmApplication();
if (StringUtil.isEmpty(username)) {
if (restRequest.getRestAuthentication().getType() == RestAuthenticationType.NAMED_SECRET) {
throw PwmUnrecoverableException.newException(PwmError.ERROR_REST_INVOCATION_ERROR, "username field required when using external web services secrets for authentication ");
}
} else {
if (!restRequest.getRestAuthentication().isThirdPartyEnabled()) {
throw PwmUnrecoverableException.newException(PwmError.ERROR_UNAUTHORIZED, "username specified in request, however third party permission is not granted to the authenticated login.");
}
}
if (StringUtil.isEmpty(username)) {
if (restRequest.getRestAuthentication().getType() == RestAuthenticationType.LDAP) {
return new RestServlet.TargetUserIdentity(restRequest, restRequest.getRestAuthentication().getLdapIdentity(), true);
}
}
final String ldapProfileID;
final String effectiveUsername;
if (username.contains("|")) {
final int pipeIndex = username.indexOf("|");
ldapProfileID = username.substring(0, pipeIndex);
effectiveUsername = username.substring(pipeIndex + 1, username.length());
} else {
ldapProfileID = null;
effectiveUsername = username;
}
try {
final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
final UserIdentity userIdentity = userSearchEngine.resolveUsername(effectiveUsername, null, ldapProfileID, restRequest.getSessionLabel());
final LdapProfile ldapProfile = pwmApplication.getConfig().getLdapProfiles().get(userIdentity.getLdapProfileID());
if (ldapProfile != null) {
{
final UserIdentity testUser = ldapProfile.getTestUser(pwmApplication);
if (testUser != null && testUser.canonicalEquals(userIdentity, pwmApplication)) {
final String msg = "rest services can not be invoked against the configured LDAP profile test user";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_REST_INVOCATION_ERROR, msg);
throw new PwmUnrecoverableException(errorInformation);
}
}
{
final UserIdentity proxyUser = ldapProfile.getProxyUser(pwmApplication);
if (proxyUser != null && proxyUser.canonicalEquals(userIdentity, pwmApplication)) {
final String msg = "rest services can not be invoked against the configured LDAP profile proxy user";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_REST_INVOCATION_ERROR, msg);
throw new PwmUnrecoverableException(errorInformation);
}
}
}
return new RestServlet.TargetUserIdentity(restRequest, userIdentity, false);
} catch (PwmOperationalException e) {
throw new PwmUnrecoverableException(e.getErrorInformation());
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PwmApplication(password.pwm.PwmApplication)
UserSearchEngine(password.pwm.ldap.search.UserSearchEngine)
UserIdentity(password.pwm.bean.UserIdentity)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
LdapProfile(password.pwm.config.profile.LdapProfile)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Aggregations
LdapProfile (password.pwm.config.profile.LdapProfile)54
ArrayList (java.util.ArrayList)16
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)16
ErrorInformation (password.pwm.error.ErrorInformation)15
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)12
Map (java.util.Map)11
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)10
ChaiUser (com.novell.ldapchai.ChaiUser)9
Configuration (password.pwm.config.Configuration)9
PwmOperationalException (password.pwm.error.PwmOperationalException)9
ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)8
LinkedHashMap (java.util.LinkedHashMap)8
List (java.util.List)7
FormConfiguration (password.pwm.config.value.data.FormConfiguration)7
UserIdentity (password.pwm.bean.UserIdentity)6
ChaiException (com.novell.ldapchai.exception.ChaiException)5
ChaiConfiguration (com.novell.ldapchai.provider.ChaiConfiguration)5
IOException (java.io.IOException)5
HashSet (java.util.HashSet)5
TreeMap (java.util.TreeMap)5
