Search in sources :

Example 1 with PwmOperationalException

use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.

the class StoredConfigurationImpl method setPassword.

public void setPassword(final String password) throws PwmOperationalException {
    if (password == null || password.isEmpty()) {
        throw new PwmOperationalException(new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, null, new String[] { "can not set blank password" }));
    }
    final String trimmedPassword = password.trim();
    if (trimmedPassword.length() < 1) {
        throw new PwmOperationalException(new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, null, new String[] { "can not set blank password" }));
    }
    final String passwordHash = BCrypt.hashPassword(password);
    this.writeConfigProperty(ConfigurationProperty.PASSWORD_HASH, passwordHash);
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 2 with PwmOperationalException

use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.

the class AbstractValue method encryptPwValue.

static String encryptPwValue(final String input, final PwmSecurityKey pwmSecurityKey) throws PwmOperationalException {
    if (input == null) {
        return "";
    }
    if (!input.startsWith(ENC_PW_PREFIX)) {
        try {
            final String salt = PwmRandom.getInstance().alphaNumericString(32);
            final StoredPwData storedPwData = new StoredPwData(salt, input);
            final String jsonData = JsonUtil.serialize(storedPwData);
            final String encryptedValue = SecureEngine.encryptToString(jsonData, pwmSecurityKey, PwmBlockAlgorithm.CONFIG);
            return ENC_PW_PREFIX + encryptedValue;
        } catch (Exception e) {
            final String errorMsg = "unable to encrypt password value for setting: " + e.getMessage();
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.CONFIG_FORMAT_ERROR, errorMsg);
            throw new PwmOperationalException(errorInfo);
        }
    }
    return input;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 3 with PwmOperationalException

use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.

the class AbstractPwmServlet method handleRequest.

private void handleRequest(final HttpServletRequest req, final HttpServletResponse resp, final HttpMethod method) throws ServletException, IOException {
    try {
        final PwmRequest pwmRequest = PwmRequest.forRequest(req, resp);
        if (!method.isIdempotent() && !pwmRequest.getURL().isCommandServletURL()) {
            Validator.validatePwmFormID(pwmRequest);
            try {
                Validator.validatePwmRequestCounter(pwmRequest);
            } catch (PwmOperationalException e) {
                if (e.getError() == PwmError.ERROR_INCORRECT_REQ_SEQUENCE) {
                    final ErrorInformation errorInformation = e.getErrorInformation();
                    final PwmSession pwmSession = PwmSessionWrapper.readPwmSession(req);
                    LOGGER.error(pwmSession, errorInformation.toDebugStr());
                    pwmRequest.respondWithError(errorInformation, false);
                    return;
                }
                throw e;
            }
        }
        // check for incorrect method type.
        final ProcessAction processAction = readProcessAction(pwmRequest);
        if (processAction != null) {
            if (!processAction.permittedMethods().contains(method)) {
                final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "incorrect request method " + method.toString() + " on request to " + pwmRequest.getURLwithQueryString());
                LOGGER.error(pwmRequest.getPwmSession(), errorInformation.toDebugStr());
                pwmRequest.respondWithError(errorInformation, false);
                return;
            }
        }
        this.processAction(pwmRequest);
    } catch (Exception e) {
        final PwmRequest pwmRequest;
        try {
            pwmRequest = PwmRequest.forRequest(req, resp);
        } catch (Exception e2) {
            try {
                LOGGER.fatal("exception occurred, but exception handler unable to load request instance; error=" + e.getMessage(), e);
            } catch (Exception e3) {
                e3.printStackTrace();
            }
            throw new ServletException(e);
        }
        final PwmUnrecoverableException pue = convertToPwmUnrecoverableException(e, pwmRequest);
        if (processUnrecoverableException(req, resp, pwmRequest.getPwmApplication(), pwmRequest.getPwmSession(), pue)) {
            return;
        }
        outputUnrecoverableException(pwmRequest, pue);
        clearModuleBeans(pwmRequest);
    }
}
Also used : ServletException(javax.servlet.ServletException) ErrorInformation(password.pwm.error.ErrorInformation) PwmRequest(password.pwm.http.PwmRequest) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmSession(password.pwm.http.PwmSession) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) IOException(java.io.IOException) ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 4 with PwmOperationalException

use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.

the class ApplianceStatusChecker method figureUrl.

private String figureUrl(final PwmApplication pwmApplication) throws IOException, PwmOperationalException {
    final String hostnameFile = pwmApplication.getPwmEnvironment().getParameters().get(PwmEnvironment.ApplicationParameter.ApplianceHostnameFile);
    if (StringUtil.isEmpty(hostnameFile)) {
        final String msg = "unable to determine appliance hostname, hostname file environment param " + PwmEnvironment.ApplicationParameter.ApplianceHostnameFile.toString() + " is not set";
        throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_UNKNOWN, msg));
    }
    final String hostname = readFileContents(hostnameFile);
    final String port = pwmApplication.getPwmEnvironment().getParameters().get(PwmEnvironment.ApplicationParameter.AppliancePort);
    final String url = "https://" + hostname + ":" + port + "/sspr/appliance-update-status";
    LOGGER.trace(SessionLabel.HEALTH_SESSION_LABEL, "calculated appliance host url as: " + url);
    return url;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 5 with PwmOperationalException

use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.

the class LDAPAuthenticationRequest method testCredentials.

private void testCredentials(final UserIdentity userIdentity, final PasswordData password) throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException {
    log(PwmLogLevel.TRACE, "beginning testCredentials process");
    if (userIdentity == null || userIdentity.getUserDN() == null || userIdentity.getUserDN().length() < 1) {
        final String errorMsg = "attempt to authenticate with null userDN";
        log(PwmLogLevel.DEBUG, errorMsg);
        throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_WRONGPASSWORD, errorMsg));
    }
    if (password == null) {
        final String errorMsg = "attempt to authenticate with null password";
        log(PwmLogLevel.DEBUG, errorMsg);
        throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_WRONGPASSWORD, errorMsg));
    }
    // try authenticating the user using a normal ldap BIND operation.
    log(PwmLogLevel.TRACE, "attempting authentication using ldap BIND");
    boolean bindSucceeded = false;
    try {
        // read a provider using the user's DN and password.
        userProvider = LdapOperationsHelper.createChaiProvider(pwmApplication, sessionLabel, userIdentity.getLdapProfile(pwmApplication.getConfig()), pwmApplication.getConfig(), userIdentity.getUserDN(), password);
        // issue a read operation to trigger a bind.
        userProvider.readStringAttribute(userIdentity.getUserDN(), ChaiConstant.ATTR_LDAP_OBJECTCLASS);
        bindSucceeded = true;
    } catch (ChaiException e) {
        if (e.getErrorCode() != null && e.getErrorCode() == ChaiError.INTRUDER_LOCKOUT) {
            final String errorMsg = "intruder lockout detected for user " + userIdentity + " marking session as locked out: " + e.getMessage();
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_INTRUDER_LDAP, errorMsg);
            log(PwmLogLevel.WARN, errorInformation.toDebugStr());
            throw new PwmUnrecoverableException(errorInformation);
        }
        final PwmError pwmError = PwmError.forChaiError(e.getErrorCode());
        final ErrorInformation errorInformation;
        if (pwmError != null && PwmError.ERROR_UNKNOWN != pwmError) {
            errorInformation = new ErrorInformation(pwmError, e.getMessage());
        } else {
            errorInformation = new ErrorInformation(PwmError.ERROR_WRONGPASSWORD, "ldap error during password check: " + e.getMessage());
        }
        log(PwmLogLevel.DEBUG, errorInformation.toDebugStr());
        throw new PwmOperationalException(errorInformation);
    } finally {
        if (!bindSucceeded && userProvider != null) {
            try {
                userProvider.close();
                userProvider = null;
            } catch (Throwable e) {
                log(PwmLogLevel.ERROR, "unexpected error closing invalid ldap connection after failed login attempt: " + e.getMessage());
            }
        }
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PwmError(password.pwm.error.PwmError) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiException(com.novell.ldapchai.exception.ChaiException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Aggregations

PwmOperationalException (password.pwm.error.PwmOperationalException)134 ErrorInformation (password.pwm.error.ErrorInformation)104 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)57 UserIdentity (password.pwm.bean.UserIdentity)39 PwmApplication (password.pwm.PwmApplication)27 PwmSession (password.pwm.http.PwmSession)26 ChaiUser (com.novell.ldapchai.ChaiUser)20 Configuration (password.pwm.config.Configuration)19 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)17 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)17 FormConfiguration (password.pwm.config.value.data.FormConfiguration)16 PwmException (password.pwm.error.PwmException)16 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)15 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)14 Instant (java.time.Instant)13 LinkedHashMap (java.util.LinkedHashMap)13 MacroMachine (password.pwm.util.macro.MacroMachine)13 ArrayList (java.util.ArrayList)12 Map (java.util.Map)12 UserInfo (password.pwm.ldap.UserInfo)11