use of password.pwm.error.PwmException in project pwm by pwm-project.
the class AbstractUriCertImportFunction method provideFunction.
@Override
public String provideFunction(final PwmRequest pwmRequest, final StoredConfigurationImpl storedConfiguration, final PwmSetting setting, final String profile, final String extraData) throws PwmOperationalException, PwmUnrecoverableException {
final PwmSession pwmSession = pwmRequest.getPwmSession();
final List<X509Certificate> certs;
final String urlString = getUri(storedConfiguration, setting, profile, extraData);
try {
certs = X509Utils.readRemoteCertificates(URI.create(urlString));
} catch (Exception e) {
if (e instanceof PwmException) {
throw new PwmOperationalException(((PwmException) e).getErrorInformation());
}
final ErrorInformation errorInformation = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, "error importing certificates: " + e.getMessage());
throw new PwmOperationalException(errorInformation);
}
final UserIdentity userIdentity = pwmSession.isAuthenticated() ? pwmSession.getUserInfo().getUserIdentity() : null;
store(certs, storedConfiguration, setting, profile, extraData, userIdentity);
final StringBuffer returnStr = new StringBuffer();
for (final X509Certificate loopCert : certs) {
returnStr.append(X509Utils.makeDebugText(loopCert));
returnStr.append("\n\n");
}
return returnStr.toString();
}
use of password.pwm.error.PwmException in project pwm by pwm-project.
the class ClientApiServlet method restHealthProcessor.
@ActionHandler(action = "health")
public ProcessStatus restHealthProcessor(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException {
if (pwmRequest.getPwmApplication().getApplicationMode() == PwmApplicationMode.RUNNING) {
if (!pwmRequest.isAuthenticated()) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_AUTHENTICATION_REQUIRED);
LOGGER.debug(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation);
return ProcessStatus.Halt;
}
if (!pwmRequest.getPwmSession().getSessionManager().checkPermission(pwmRequest.getPwmApplication(), Permission.PWMADMIN)) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, "admin privileges required");
LOGGER.debug(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation);
return ProcessStatus.Halt;
}
}
try {
final HealthData jsonOutput = RestHealthServer.processGetHealthCheckData(pwmRequest.getPwmApplication(), pwmRequest.getLocale(), false);
final RestResultBean restResultBean = RestResultBean.withData(jsonOutput);
pwmRequest.outputJsonResult(restResultBean);
} catch (PwmException e) {
final ErrorInformation errorInformation = e.getErrorInformation();
LOGGER.debug(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation);
} catch (Exception e) {
final String errorMessage = "unexpected error executing web service: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMessage);
LOGGER.debug(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation);
}
return ProcessStatus.Halt;
}
use of password.pwm.error.PwmException in project pwm by pwm-project.
the class SetupOtpServlet method nextStep.
@Override
protected void nextStep(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
if (otpBean.isHasPreExistingOtp()) {
pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_EXISTING);
return;
}
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
if (otpBean.isConfirmed()) {
final OtpService otpService = pwmApplication.getOtpService();
final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
try {
otpService.writeOTPUserConfiguration(pwmSession, theUser, otpBean.getOtpUserRecord());
otpBean.setWritten(true);
// Update the current user info bean, so the user can check the code right away
pwmSession.reloadUserInfoBean(pwmApplication);
// mark the event log
final UserAuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.SET_OTP_SECRET, pwmSession.getUserInfo(), pwmSession);
pwmApplication.getAuditManager().submit(auditRecord);
if (pwmApplication.getStatisticsManager() != null && pwmApplication.getStatisticsManager().status() == PwmService.STATUS.OPEN) {
pwmApplication.getStatisticsManager().incrementValue(Statistic.SETUP_OTP_SECRET);
}
} catch (Exception e) {
final ErrorInformation errorInformation;
if (e instanceof PwmException) {
errorInformation = ((PwmException) e).getErrorInformation();
} else {
errorInformation = new ErrorInformation(PwmError.ERROR_WRITING_OTP_SECRET, "unexpected error saving otp secret: " + e.getMessage());
}
LOGGER.error(pwmSession, errorInformation.toDebugStr());
setLastError(pwmRequest, errorInformation);
}
}
if (otpBean.isCodeSeen()) {
if (otpBean.isWritten()) {
pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_SUCCESS);
} else {
pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET_TEST);
}
} else {
final String qrCodeValue = makeQrCodeDataImageUrl(pwmRequest, otpBean.getOtpUserRecord());
pwmRequest.setAttribute(PwmRequestAttribute.SetupOtp_QrCodeValue, qrCodeValue);
pwmRequest.forwardToJsp(JspUrl.SETUP_OTP_SECRET);
}
}
use of password.pwm.error.PwmException in project pwm by pwm-project.
the class AbstractPwmFilter method doFilter.
@Override
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest req = (HttpServletRequest) servletRequest;
final HttpServletResponse resp = (HttpServletResponse) servletResponse;
final PwmApplicationMode mode = PwmApplicationMode.determineMode(req);
final boolean interested;
try {
final PwmURL pwmURL = new PwmURL(req);
interested = isInterested(mode, pwmURL);
} catch (Exception e) {
LOGGER.error("unexpected error processing filter chain during isInterested(): " + e.getMessage(), e);
resp.sendError(500, "unexpected error processing filter chain during isInterested");
return;
}
if (interested) {
PwmRequest pwmRequest = null;
try {
pwmRequest = PwmRequest.forRequest(req, resp);
} catch (PwmException e) {
final PwmURL pwmURL = new PwmURL(req);
if (pwmURL.isResourceURL()) {
filterChain.doFilter(req, resp);
return;
}
LOGGER.error(pwmRequest, "unexpected error processing filter chain: " + e.getMessage(), e);
}
try {
final PwmFilterChain pwmFilterChain = new PwmFilterChain(servletRequest, servletResponse, filterChain);
processFilter(mode, pwmRequest, pwmFilterChain);
} catch (PwmException e) {
LOGGER.error(pwmRequest, "unexpected error processing filter chain: " + e.getMessage(), e);
} catch (IOException e) {
LOGGER.debug(pwmRequest, "i/o error processing request: " + e.getMessage());
}
} else {
filterChain.doFilter(req, resp);
}
}
use of password.pwm.error.PwmException in project pwm by pwm-project.
the class AuthenticationFilter method attemptAuthenticationMethods.
private static ProcessStatus attemptAuthenticationMethods(final PwmRequest pwmRequest) throws IOException, ServletException {
if (pwmRequest.isAuthenticated()) {
return ProcessStatus.Continue;
}
for (final AuthenticationMethod authenticationMethod : AuthenticationMethod.values()) {
if (!IGNORED_AUTH_METHODS.contains(authenticationMethod)) {
PwmHttpFilterAuthenticationProvider filterAuthenticationProvider = null;
try {
final String className = authenticationMethod.getClassName();
final Class clazz = Class.forName(className);
final Object newInstance = clazz.newInstance();
filterAuthenticationProvider = (PwmHttpFilterAuthenticationProvider) newInstance;
} catch (Exception e) {
LOGGER.trace("could not load authentication class '" + authenticationMethod + "', will ignore");
IGNORED_AUTH_METHODS.add(authenticationMethod);
}
if (filterAuthenticationProvider != null) {
try {
filterAuthenticationProvider.attemptAuthentication(pwmRequest);
if (pwmRequest.isAuthenticated()) {
LOGGER.trace(pwmRequest, "authentication provided by method " + authenticationMethod.name());
}
if (filterAuthenticationProvider.hasRedirectedResponse()) {
LOGGER.trace(pwmRequest, "authentication provider " + authenticationMethod.name() + " has issued a redirect, halting authentication process");
return ProcessStatus.Halt;
}
} catch (Exception e) {
final ErrorInformation errorInformation;
if (e instanceof PwmException) {
final String errorMsg = "error during " + authenticationMethod + " authentication attempt: " + e.getMessage();
errorInformation = new ErrorInformation(((PwmException) e).getError(), errorMsg);
} else {
errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, e.getMessage());
}
LOGGER.error(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation);
return ProcessStatus.Halt;
}
}
}
}
return ProcessStatus.Continue;
}
Aggregations