Example 26 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LdapConnectionService method readLastLdapFailure.
private static Map<LdapProfile, ErrorInformation> readLastLdapFailure(final PwmApplication pwmApplication) {
String lastLdapFailureStr = null;
try {
lastLdapFailureStr = pwmApplication.readAppAttribute(PwmApplication.AppAttribute.LAST_LDAP_ERROR, String.class);
if (lastLdapFailureStr != null && lastLdapFailureStr.length() > 0) {
final Map<String, ErrorInformation> fromJson = JsonUtil.deserialize(lastLdapFailureStr, new TypeToken<Map<String, ErrorInformation>>() {
});
final Map<LdapProfile, ErrorInformation> returnMap = new HashMap<>();
for (final Map.Entry<String, ErrorInformation> entry : fromJson.entrySet()) {
final String id = entry.getKey();
final LdapProfile ldapProfile = pwmApplication.getConfig().getLdapProfiles().get(id);
if (ldapProfile != null) {
returnMap.put(ldapProfile, entry.getValue());
}
}
return returnMap;
}
} catch (Exception e) {
LOGGER.error("unexpected error loading cached lastLdapFailure statuses: " + e.getMessage() + ", input=" + lastLdapFailureStr);
}
return Collections.emptyMap();
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
LdapProfile(password.pwm.config.profile.LdapProfile)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmException(password.pwm.error.PwmException)
Example 27 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LDAPPermissionCalculator method figureRecord.
private Collection<PermissionRecord> figureRecord(final PwmSetting pwmSetting, final String profile) throws PwmUnrecoverableException {
final List<PermissionRecord> permissionRecords = new ArrayList<>();
final Collection<LDAPPermissionInfo> permissionInfos = figurePermissionInfos(pwmSetting, profile);
if (permissionInfos == null) {
return Collections.emptyList();
}
for (final LDAPPermissionInfo permissionInfo : permissionInfos) {
switch(pwmSetting.getSyntax()) {
case STRING:
{
final String attrName = (String) storedConfiguration.readSetting(pwmSetting, profile).toNativeObject();
if (attrName != null && !attrName.trim().isEmpty()) {
permissionRecords.add(new PermissionRecord(attrName, pwmSetting, profile, permissionInfo.getAccess(), permissionInfo.getActor()));
}
}
break;
case FORM:
{
final List<FormConfiguration> formItems = (List<FormConfiguration>) storedConfiguration.readSetting(pwmSetting, profile).toNativeObject();
if (formItems != null) {
for (final FormConfiguration formConfiguration : formItems) {
final String attrName = formConfiguration.getName();
if (attrName != null && !attrName.trim().isEmpty()) {
permissionRecords.add(new PermissionRecord(attrName, pwmSetting, profile, permissionInfo.getAccess(), permissionInfo.getActor()));
}
}
}
}
break;
case ACTION:
{
final List<ActionConfiguration> actionItems = (List<ActionConfiguration>) storedConfiguration.readSetting(pwmSetting, profile).toNativeObject();
if (actionItems != null) {
for (final ActionConfiguration actionConfiguration : actionItems) {
if (actionConfiguration.getType() == ActionConfiguration.Type.ldap) {
final String attrName = actionConfiguration.getAttributeName();
if (attrName != null && !attrName.trim().isEmpty()) {
permissionRecords.add(new PermissionRecord(attrName, pwmSetting, profile, permissionInfo.getAccess(), permissionInfo.getActor()));
}
}
}
}
}
break;
case STRING_ARRAY:
{
final List<String> strings = (List<String>) storedConfiguration.readSetting(pwmSetting, profile).toNativeObject();
for (final String attrName : strings) {
if (attrName != null && !attrName.trim().isEmpty()) {
permissionRecords.add(new PermissionRecord(attrName, pwmSetting, profile, permissionInfo.getAccess(), permissionInfo.getActor()));
}
}
}
break;
case USER_PERMISSION:
{
final List<UserPermission> userPermissions = (List<UserPermission>) storedConfiguration.readSetting(pwmSetting, profile).toNativeObject();
if (configuration.getLdapProfiles() != null && !configuration.getLdapProfiles().isEmpty()) {
for (final LdapProfile ldapProfile : configuration.getLdapProfiles().values()) {
final String groupAttribute = ldapProfile.readSettingAsString(PwmSetting.LDAP_USER_GROUP_ATTRIBUTE);
if (groupAttribute != null && !groupAttribute.trim().isEmpty()) {
for (final UserPermission userPermission : userPermissions) {
if (userPermission.getType() == UserPermission.Type.ldapGroup) {
permissionRecords.add(new PermissionRecord(groupAttribute, pwmSetting, profile, permissionInfo.getAccess(), permissionInfo.getActor()));
}
}
}
}
}
}
break;
default:
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "no ldap permission record reader handler for setting " + pwmSetting.getKey()));
}
}
return permissionRecords;
}
Also used :
ArrayList(java.util.ArrayList)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
LdapProfile(password.pwm.config.profile.LdapProfile)
ErrorInformation(password.pwm.error.ErrorInformation)
LDAPPermissionInfo(password.pwm.config.LDAPPermissionInfo)
ArrayList(java.util.ArrayList)
List(java.util.List)
FormConfiguration(password.pwm.config.value.data.FormConfiguration)
ActionConfiguration(password.pwm.config.value.data.ActionConfiguration)
UserPermission(password.pwm.config.value.data.UserPermission)
Example 28 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class LdapOperationsHelper method readPhotoDataFromLdap.
public static PhotoDataBean readPhotoDataFromLdap(final Configuration configuration, final ChaiUser chaiUser, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException {
final LdapProfile ldapProfile = userIdentity.getLdapProfile(configuration);
final String attribute = ldapProfile.readSettingAsString(PwmSetting.PEOPLE_SEARCH_PHOTO_ATTRIBUTE);
if (attribute == null || attribute.isEmpty()) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "ldap photo attribute is not configured"));
}
final byte[] photoData;
final String mimeType;
try {
final byte[][] photoAttributeData = chaiUser.readMultiByteAttribute(attribute);
if (photoAttributeData == null || photoAttributeData.length == 0 || photoAttributeData[0].length == 0) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "user has no photo data stored in LDAP attribute"));
}
photoData = photoAttributeData[0];
mimeType = URLConnection.guessContentTypeFromStream(new ByteArrayInputStream(photoData));
} catch (IOException | ChaiOperationException e) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "error reading user photo ldap attribute: " + e.getMessage()));
}
return new PhotoDataBean(mimeType, photoData);
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ByteArrayInputStream(java.io.ByteArrayInputStream)
IOException(java.io.IOException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
LdapProfile(password.pwm.config.profile.LdapProfile)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 29 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class UserInfoReader method getUserEmailAddress3.
@Override
public String getUserEmailAddress3() throws PwmUnrecoverableException {
final LdapProfile ldapProfile = getUserIdentity().getLdapProfile(pwmApplication.getConfig());
final String ldapEmailAttribute = ldapProfile.readSettingAsString(PwmSetting.EMAIL_USER_MAIL_ATTRIBUTE_3);
return readStringAttribute(ldapEmailAttribute);
}
Also used :
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 30 with LdapProfile
use of password.pwm.config.profile.LdapProfile in project pwm by pwm-project.
the class UserInfoReader method getUsername.
@Override
public String getUsername() throws PwmUnrecoverableException {
final LdapProfile ldapProfile = getUserIdentity().getLdapProfile(pwmApplication.getConfig());
final String uIDattr = ldapProfile.getUsernameAttribute();
return readStringAttribute(uIDattr);
}
Also used :
LdapProfile(password.pwm.config.profile.LdapProfile)
Aggregations
LdapProfile (password.pwm.config.profile.LdapProfile)54
ArrayList (java.util.ArrayList)16
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)16
ErrorInformation (password.pwm.error.ErrorInformation)15
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)12
Map (java.util.Map)11
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)10
ChaiUser (com.novell.ldapchai.ChaiUser)9
Configuration (password.pwm.config.Configuration)9
PwmOperationalException (password.pwm.error.PwmOperationalException)9
ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)8
LinkedHashMap (java.util.LinkedHashMap)8
List (java.util.List)7
FormConfiguration (password.pwm.config.value.data.FormConfiguration)7
UserIdentity (password.pwm.bean.UserIdentity)6
ChaiException (com.novell.ldapchai.exception.ChaiException)5
ChaiConfiguration (com.novell.ldapchai.provider.ChaiConfiguration)5
IOException (java.io.IOException)5
HashSet (java.util.HashSet)5
TreeMap (java.util.TreeMap)5
