Example 16 with PwmDataValidationException
use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.
the class ChangePasswordServlet method processChangeAction.
@ActionHandler(action = "change")
ProcessStatus processChangeAction(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException {
final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
if (!changePasswordBean.isAllChecksPassed()) {
return ProcessStatus.Continue;
}
final PasswordData password1 = pwmRequest.readParameterAsPassword("password1");
final PasswordData password2 = pwmRequest.readParameterAsPassword("password2");
// check the password meets the requirements
try {
final ChaiUser theUser = pwmRequest.getPwmSession().getSessionManager().getActor(pwmRequest.getPwmApplication());
final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator(pwmRequest.getPwmApplication(), userInfo.getPasswordPolicy());
final PasswordData oldPassword = pwmRequest.getPwmSession().getLoginInfoBean().getUserCurrentPassword();
pwmPasswordRuleValidator.testPassword(password1, oldPassword, userInfo, theUser);
} catch (PwmDataValidationException e) {
setLastError(pwmRequest, e.getErrorInformation());
LOGGER.debug(pwmRequest, "failed password validation check: " + e.getErrorInformation().toDebugStr());
return ProcessStatus.Continue;
}
// make sure the two passwords match
final boolean caseSensitive = userInfo.getPasswordPolicy().getRuleHelper().readBooleanValue(PwmPasswordRule.CaseSensitive);
if (PasswordUtility.PasswordCheckInfo.MatchStatus.MATCH != PasswordUtility.figureMatchStatus(caseSensitive, password1, password2)) {
setLastError(pwmRequest, PwmError.PASSWORD_DOESNOTMATCH.toInfo());
forwardToChangePage(pwmRequest);
return ProcessStatus.Continue;
}
try {
ChangePasswordServletUtil.executeChangePassword(pwmRequest, password1);
} catch (PwmOperationalException e) {
LOGGER.debug(e.getErrorInformation().toDebugStr());
setLastError(pwmRequest, e.getErrorInformation());
}
return ProcessStatus.Continue;
}
Also used :
ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean)
PwmPasswordRuleValidator(password.pwm.util.PwmPasswordRuleValidator)
PwmDataValidationException(password.pwm.error.PwmDataValidationException)
ChaiUser(com.novell.ldapchai.ChaiUser)
PasswordData(password.pwm.util.PasswordData)
UserInfo(password.pwm.ldap.UserInfo)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 17 with PwmDataValidationException
use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.
the class SetupResponsesServlet method generateResponseInfoBean.
private static ResponseInfoBean generateResponseInfoBean(final PwmRequest pwmRequest, final ChallengeSet challengeSet, final Map<Challenge, String> readResponses, final Map<Challenge, String> helpdeskResponses) throws ChaiUnavailableException, PwmDataValidationException, PwmUnrecoverableException {
final ChaiProvider provider = pwmRequest.getPwmSession().getSessionManager().getChaiProvider();
try {
final ResponseInfoBean responseInfoBean = new ResponseInfoBean(readResponses, helpdeskResponses, challengeSet.getLocale(), challengeSet.getMinRandomRequired(), challengeSet.getIdentifier(), null, null);
final ChaiResponseSet responseSet = ChaiCrFactory.newChaiResponseSet(readResponses, challengeSet.getLocale(), challengeSet.getMinRandomRequired(), provider.getChaiConfiguration(), challengeSet.getIdentifier());
responseSet.meetsChallengeSetRequirements(challengeSet);
final SetupResponsesBean setupResponsesBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, SetupResponsesBean.class);
final int minRandomRequiredSetup = setupResponsesBean.getResponseData().getMinRandomSetup();
if (minRandomRequiredSetup == 0) {
// if using recover style, then all readResponseSet must be supplied at this point.
if (responseSet.getChallengeSet().getRandomChallenges().size() < challengeSet.getRandomChallenges().size()) {
throw new ChaiValidationException("too few random responses", ChaiError.CR_TOO_FEW_RANDOM_RESPONSES);
}
}
return responseInfoBean;
} catch (ChaiValidationException e) {
final ErrorInformation errorInfo = convertChaiValidationException(e);
throw new PwmDataValidationException(errorInfo);
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PwmDataValidationException(password.pwm.error.PwmDataValidationException)
ChaiValidationException(com.novell.ldapchai.exception.ChaiValidationException)
ChaiProvider(com.novell.ldapchai.provider.ChaiProvider)
ChaiResponseSet(com.novell.ldapchai.cr.ChaiResponseSet)
SetupResponsesBean(password.pwm.http.bean.SetupResponsesBean)
ResponseInfoBean(password.pwm.bean.ResponseInfoBean)
Example 18 with PwmDataValidationException
use of password.pwm.error.PwmDataValidationException in project pwm by pwm-project.
the class ChangePasswordServletUtil method validateParamsAgainstLDAP.
static void validateParamsAgainstLDAP(final Map<FormConfiguration, String> formValues, final PwmSession pwmSession, final ChaiUser theUser) throws ChaiUnavailableException, PwmDataValidationException {
for (final Map.Entry<FormConfiguration, String> entry : formValues.entrySet()) {
final FormConfiguration formItem = entry.getKey();
final String attrName = formItem.getName();
final String value = entry.getValue();
try {
if (!theUser.compareStringAttribute(attrName, value)) {
final String errorMsg = "incorrect value for '" + attrName + "'";
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, errorMsg, new String[] { attrName });
LOGGER.debug(pwmSession, errorInfo.toDebugStr());
throw new PwmDataValidationException(errorInfo);
}
LOGGER.trace(pwmSession, "successful validation of ldap value for '" + attrName + "'");
} catch (ChaiOperationException e) {
LOGGER.error(pwmSession, "error during param validation of '" + attrName + "', error: " + e.getMessage());
throw new PwmDataValidationException(new ErrorInformation(PwmError.ERROR_INCORRECT_RESPONSE, "ldap error testing value for '" + attrName + "'", new String[] { attrName }));
}
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PwmDataValidationException(password.pwm.error.PwmDataValidationException)
FormConfiguration(password.pwm.config.value.data.FormConfiguration)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
Map(java.util.Map)
Aggregations
PwmDataValidationException (password.pwm.error.PwmDataValidationException)18
ErrorInformation (password.pwm.error.ErrorInformation)13
FormConfiguration (password.pwm.config.value.data.FormConfiguration)7
ChaiUser (com.novell.ldapchai.ChaiUser)5
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)5
LinkedHashMap (java.util.LinkedHashMap)4
Map (java.util.Map)4
PwmOperationalException (password.pwm.error.PwmOperationalException)4
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)4
PwmPasswordRuleValidator (password.pwm.util.PwmPasswordRuleValidator)4
Challenge (com.novell.ldapchai.cr.Challenge)3
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)3
ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)3
PwmApplication (password.pwm.PwmApplication)3
PwmSession (password.pwm.http.PwmSession)3
SetupResponsesBean (password.pwm.http.bean.SetupResponsesBean)3
PasswordData (password.pwm.util.PasswordData)3
ChallengeSet (com.novell.ldapchai.cr.ChallengeSet)2
Instant (java.time.Instant)2
List (java.util.List)2
