Example 1 with ConfigurationReader
use of password.pwm.config.stored.ConfigurationReader in project pwm by pwm-project.
the class ContextManager method initialize.
public void initialize() {
try {
Locale.setDefault(PwmConstants.DEFAULT_LOCALE);
} catch (Exception e) {
outputError("unable to set default locale as Java machine default locale: " + e.getMessage());
}
Configuration configuration = null;
PwmApplicationMode mode = PwmApplicationMode.ERROR;
final ParameterReader parameterReader = new ParameterReader(servletContext);
final File applicationPath;
{
final String applicationPathStr = parameterReader.readApplicationPath();
if (applicationPathStr == null || applicationPathStr.isEmpty()) {
startupErrorInformation = new ErrorInformation(PwmError.ERROR_ENVIRONMENT_ERROR, "application path is not specified");
return;
} else {
applicationPath = new File(applicationPathStr);
}
}
File configurationFile = null;
try {
configurationFile = locateConfigurationFile(applicationPath);
configReader = new ConfigurationReader(configurationFile);
configReader.getStoredConfiguration().lock();
configuration = configReader.getConfiguration();
mode = startupErrorInformation == null ? configReader.getConfigMode() : PwmApplicationMode.ERROR;
if (startupErrorInformation == null) {
startupErrorInformation = configReader.getConfigFileError();
}
if (PwmApplicationMode.ERROR == mode) {
outputError("Startup Error: " + (startupErrorInformation == null ? "un-specified error" : startupErrorInformation.toDebugStr()));
}
} catch (Throwable e) {
handleStartupError("unable to initialize application due to configuration related error: ", e);
}
LOGGER.debug("configuration file was loaded from " + (configurationFile == null ? "null" : configurationFile.getAbsoluteFile()));
final Collection<PwmEnvironment.ApplicationFlag> applicationFlags = parameterReader.readApplicationFlags();
final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = parameterReader.readApplicationParams();
try {
final PwmEnvironment pwmEnvironment = new PwmEnvironment.Builder(configuration, applicationPath).setApplicationMode(mode).setConfigurationFile(configurationFile).setContextManager(this).setFlags(applicationFlags).setParams(applicationParams).createPwmEnvironment();
pwmApplication = new PwmApplication(pwmEnvironment);
} catch (Exception e) {
handleStartupError("unable to initialize application: ", e);
}
final String threadName = JavaHelper.makeThreadName(pwmApplication, this.getClass()) + " timer";
taskMaster = new Timer(threadName, true);
taskMaster.schedule(new RestartFlagWatcher(), 1031, 1031);
boolean reloadOnChange = true;
long fileScanFrequencyMs = 5000;
{
if (pwmApplication != null) {
reloadOnChange = Boolean.parseBoolean(pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_RELOAD_ON_CHANGE));
fileScanFrequencyMs = Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.CONFIG_FILE_SCAN_FREQUENCY));
}
if (reloadOnChange) {
taskMaster.schedule(new ConfigFileWatcher(), fileScanFrequencyMs, fileScanFrequencyMs);
}
checkConfigForSaveOnRestart(configReader, pwmApplication);
}
}
Also used :
PwmApplication(password.pwm.PwmApplication)
Configuration(password.pwm.config.Configuration)
PwmEnvironment(password.pwm.PwmEnvironment)
PwmApplicationMode(password.pwm.PwmApplicationMode)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmException(password.pwm.error.PwmException)
ErrorInformation(password.pwm.error.ErrorInformation)
Timer(java.util.Timer)
File(java.io.File)
ConfigurationReader(password.pwm.config.stored.ConfigurationReader)
Example 2 with ConfigurationReader
use of password.pwm.config.stored.ConfigurationReader in project pwm by pwm-project.
the class ConfigAccessFilter method checkAuthentication.
@SuppressWarnings("checkstyle:MethodLength")
static ProcessStatus checkAuthentication(final PwmRequest pwmRequest, final ConfigManagerBean configManagerBean) throws IOException, PwmUnrecoverableException, ServletException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
final ConfigurationReader runningConfigReader = ContextManager.getContextManager(pwmRequest.getHttpServletRequest().getSession()).getConfigReader();
final StoredConfigurationImpl storedConfig = runningConfigReader.getStoredConfiguration();
boolean authRequired = false;
if (storedConfig.hasPassword()) {
authRequired = true;
}
if (PwmApplicationMode.RUNNING == pwmRequest.getPwmApplication().getApplicationMode()) {
if (!pwmRequest.isAuthenticated()) {
throw new PwmUnrecoverableException(PwmError.ERROR_AUTHENTICATION_REQUIRED);
}
if (!pwmRequest.getPwmSession().getSessionManager().checkPermission(pwmRequest.getPwmApplication(), Permission.PWMADMIN)) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED);
denyAndError(pwmRequest, errorInformation);
return ProcessStatus.Halt;
}
}
if (PwmApplicationMode.CONFIGURATION != pwmRequest.getPwmApplication().getApplicationMode()) {
authRequired = true;
}
if (!authRequired) {
return ProcessStatus.Continue;
}
if (!storedConfig.hasPassword()) {
final String errorMsg = "config file does not have a configuration password";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, errorMsg, new String[] { errorMsg });
return denyAndError(pwmRequest, errorInformation);
}
if (configManagerBean.isPasswordVerified()) {
return ProcessStatus.Continue;
}
String persistentLoginValue = null;
boolean persistentLoginAccepted = false;
boolean persistentLoginEnabled = false;
if (pwmRequest.getConfig().isDefaultValue(PwmSetting.PWM_SECURITY_KEY)) {
LOGGER.debug(pwmRequest, "security not available, persistent login not possible.");
} else {
persistentLoginEnabled = true;
final PwmSecurityKey securityKey = pwmRequest.getConfig().getSecurityKey();
if (PwmApplicationMode.RUNNING == pwmRequest.getPwmApplication().getApplicationMode()) {
persistentLoginValue = SecureEngine.hash(storedConfig.readConfigProperty(ConfigurationProperty.PASSWORD_HASH) + pwmSession.getUserInfo().getUserIdentity().toDelimitedKey(), PwmHashAlgorithm.SHA512);
} else {
persistentLoginValue = SecureEngine.hash(storedConfig.readConfigProperty(ConfigurationProperty.PASSWORD_HASH), PwmHashAlgorithm.SHA512);
}
{
final String cookieStr = pwmRequest.readCookie(PwmConstants.COOKIE_PERSISTENT_CONFIG_LOGIN);
if (securityKey != null && cookieStr != null && !cookieStr.isEmpty()) {
try {
final String jsonStr = pwmApplication.getSecureService().decryptStringValue(cookieStr);
final PersistentLoginInfo persistentLoginInfo = JsonUtil.deserialize(jsonStr, PersistentLoginInfo.class);
if (persistentLoginInfo != null && persistentLoginValue != null) {
if (persistentLoginInfo.getExpireDate().isAfter(Instant.now())) {
if (persistentLoginValue.equals(persistentLoginInfo.getPassword())) {
persistentLoginAccepted = true;
LOGGER.debug(pwmRequest, "accepting persistent config login from cookie (expires " + JavaHelper.toIsoDate(persistentLoginInfo.getExpireDate()) + ")");
}
}
}
} catch (Exception e) {
LOGGER.error(pwmRequest, "error examining persistent config login cookie: " + e.getMessage());
}
if (!persistentLoginAccepted) {
pwmRequest.getPwmResponse().removeCookie(PwmConstants.COOKIE_PERSISTENT_CONFIG_LOGIN, null);
LOGGER.debug(pwmRequest, "removing non-working persistent config login cookie");
}
}
}
}
final String password = pwmRequest.readParameterAsString("password");
boolean passwordAccepted = false;
if (!persistentLoginAccepted) {
if (password != null && password.length() > 0) {
if (storedConfig.verifyPassword(password, pwmRequest.getConfig())) {
passwordAccepted = true;
LOGGER.trace(pwmRequest, "valid configuration password accepted");
updateLoginHistory(pwmRequest, pwmRequest.getUserInfoIfLoggedIn(), true);
} else {
LOGGER.trace(pwmRequest, "configuration password is not correct");
pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
pwmApplication.getIntruderManager().mark(RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME, pwmSession.getLabel());
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_PASSWORD_ONLY_BAD);
updateLoginHistory(pwmRequest, pwmRequest.getUserInfoIfLoggedIn(), false);
return denyAndError(pwmRequest, errorInformation);
}
}
}
if ((persistentLoginAccepted || passwordAccepted)) {
configManagerBean.setPasswordVerified(true);
pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
pwmApplication.getIntruderManager().clear(RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME);
if (persistentLoginEnabled && !persistentLoginAccepted && "on".equals(pwmRequest.readParameterAsString("remember"))) {
final int persistentSeconds = figureMaxLoginSeconds(pwmRequest);
if (persistentSeconds > 0) {
final Instant expirationDate = Instant.ofEpochMilli(System.currentTimeMillis() + (persistentSeconds * 1000));
final PersistentLoginInfo persistentLoginInfo = new PersistentLoginInfo(expirationDate, persistentLoginValue);
final String jsonPersistentLoginInfo = JsonUtil.serialize(persistentLoginInfo);
final String cookieValue = pwmApplication.getSecureService().encryptToString(jsonPersistentLoginInfo);
pwmRequest.getPwmResponse().writeCookie(PwmConstants.COOKIE_PERSISTENT_CONFIG_LOGIN, cookieValue, persistentSeconds);
LOGGER.debug(pwmRequest, "set persistent config login cookie (expires " + JavaHelper.toIsoDate(expirationDate) + ")");
}
}
if (configManagerBean.getPrePasswordEntryUrl() != null) {
final String originalUrl = configManagerBean.getPrePasswordEntryUrl();
configManagerBean.setPrePasswordEntryUrl(null);
pwmRequest.getPwmResponse().sendRedirect(originalUrl);
return ProcessStatus.Halt;
}
return ProcessStatus.Continue;
}
if (configManagerBean.getPrePasswordEntryUrl() == null) {
configManagerBean.setPrePasswordEntryUrl(pwmRequest.getHttpServletRequest().getRequestURL().toString());
}
forwardToJsp(pwmRequest);
return ProcessStatus.Halt;
}
Also used :
PwmApplication(password.pwm.PwmApplication)
StoredConfigurationImpl(password.pwm.config.stored.StoredConfigurationImpl)
Instant(java.time.Instant)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ServletException(javax.servlet.ServletException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmException(password.pwm.error.PwmException)
IOException(java.io.IOException)
ErrorInformation(password.pwm.error.ErrorInformation)
PwmSecurityKey(password.pwm.util.secure.PwmSecurityKey)
PwmSession(password.pwm.http.PwmSession)
ConfigurationReader(password.pwm.config.stored.ConfigurationReader)
Example 3 with ConfigurationReader
use of password.pwm.config.stored.ConfigurationReader in project pwm by pwm-project.
the class ConfigGuideUtils method writeConfig.
static void writeConfig(final ContextManager contextManager, final StoredConfigurationImpl storedConfiguration) throws PwmOperationalException, PwmUnrecoverableException {
final ConfigurationReader configReader = contextManager.getConfigReader();
final PwmApplication pwmApplication = contextManager.getPwmApplication();
try {
// add a random security key
storedConfiguration.initNewRandomSecurityKey();
configReader.saveConfiguration(storedConfiguration, pwmApplication, null);
contextManager.requestPwmApplicationRestart();
} catch (PwmException e) {
throw new PwmOperationalException(e.getErrorInformation());
} catch (Exception e) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_INVALID_CONFIG, "unable to save configuration: " + e.getLocalizedMessage());
throw new PwmOperationalException(errorInformation);
}
}
Also used :
PwmException(password.pwm.error.PwmException)
ErrorInformation(password.pwm.error.ErrorInformation)
PwmApplication(password.pwm.PwmApplication)
ConfigurationReader(password.pwm.config.stored.ConfigurationReader)
ServletException(javax.servlet.ServletException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmException(password.pwm.error.PwmException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
IOException(java.io.IOException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 4 with ConfigurationReader
use of password.pwm.config.stored.ConfigurationReader in project pwm by pwm-project.
the class ConfigSetPasswordCommand method doCommand.
public void doCommand() throws Exception {
final ConfigurationReader configurationReader = cliEnvironment.getConfigurationReader();
final StoredConfigurationImpl storedConfiguration = configurationReader.getStoredConfiguration();
final String password = getOptionalPassword();
storedConfiguration.setPassword(password);
configurationReader.saveConfiguration(storedConfiguration, cliEnvironment.getPwmApplication(), SessionLabel.CLI_SESSION_LABEL);
out("success");
}
Also used :
StoredConfigurationImpl(password.pwm.config.stored.StoredConfigurationImpl)
ConfigurationReader(password.pwm.config.stored.ConfigurationReader)
Example 5 with ConfigurationReader
use of password.pwm.config.stored.ConfigurationReader in project pwm by pwm-project.
the class MainClass method loadConfiguration.
private static ConfigurationReader loadConfiguration(final File configurationFile) throws Exception {
final ConfigurationReader reader = new ConfigurationReader(configurationFile);
if (reader.getConfigMode() == PwmApplicationMode.ERROR) {
final String errorMsg = reader.getConfigFileError() == null ? "error" : reader.getConfigFileError().toDebugStr();
out("unable to load configuration: " + errorMsg);
System.exit(-1);
}
return reader;
}
Also used :
ConfigurationReader(password.pwm.config.stored.ConfigurationReader)
Aggregations
ConfigurationReader (password.pwm.config.stored.ConfigurationReader)13
StoredConfigurationImpl (password.pwm.config.stored.StoredConfigurationImpl)7
File (java.io.File)5
PwmApplication (password.pwm.PwmApplication)4
ErrorInformation (password.pwm.error.ErrorInformation)3
PwmException (password.pwm.error.PwmException)3
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)3
IOException (java.io.IOException)2
Instant (java.time.Instant)2
ServletException (javax.servlet.ServletException)2
Configuration (password.pwm.config.Configuration)2
FileInputStream (java.io.FileInputStream)1
OutputStreamWriter (java.io.OutputStreamWriter)1
Writer (java.io.Writer)1
Timer (java.util.Timer)1
PwmApplicationMode (password.pwm.PwmApplicationMode)1
PwmEnvironment (password.pwm.PwmEnvironment)1
PwmSetting (password.pwm.config.PwmSetting)1
PwmOperationalException (password.pwm.error.PwmOperationalException)1
ContextManager (password.pwm.http.ContextManager)1
