Example 76 with PwmOperationalException
use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.
the class LdapOperationsHelper method readPhotoDataFromLdap.
public static PhotoDataBean readPhotoDataFromLdap(final Configuration configuration, final ChaiUser chaiUser, final UserIdentity userIdentity) throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException {
final LdapProfile ldapProfile = userIdentity.getLdapProfile(configuration);
final String attribute = ldapProfile.readSettingAsString(PwmSetting.PEOPLE_SEARCH_PHOTO_ATTRIBUTE);
if (attribute == null || attribute.isEmpty()) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "ldap photo attribute is not configured"));
}
final byte[] photoData;
final String mimeType;
try {
final byte[][] photoAttributeData = chaiUser.readMultiByteAttribute(attribute);
if (photoAttributeData == null || photoAttributeData.length == 0 || photoAttributeData[0].length == 0) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_SERVICE_NOT_AVAILABLE, "user has no photo data stored in LDAP attribute"));
}
photoData = photoAttributeData[0];
mimeType = URLConnection.guessContentTypeFromStream(new ByteArrayInputStream(photoData));
} catch (IOException | ChaiOperationException e) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "error reading user photo ldap attribute: " + e.getMessage()));
}
return new PhotoDataBean(mimeType, photoData);
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ByteArrayInputStream(java.io.ByteArrayInputStream)
IOException(java.io.IOException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
LdapProfile(password.pwm.config.profile.LdapProfile)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 77 with PwmOperationalException
use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.
the class SimpleLdapAuthenticator method authenticateUser.
public static AuthenticationResult authenticateUser(final PwmApplication pwmApplication, final SessionLabel sessionLabel, final UserIdentity userIdentity, final PasswordData password) throws PwmUnrecoverableException {
final AuthenticationRequest authEngine = LDAPAuthenticationRequest.createLDAPAuthenticationRequest(pwmApplication, sessionLabel, userIdentity, AuthenticationType.AUTHENTICATED, PwmAuthenticationSource.BASIC_AUTH);
final AuthenticationResult authResult;
try {
authResult = authEngine.authenticateUser(password);
} catch (ChaiUnavailableException e) {
throw PwmUnrecoverableException.fromChaiException(e);
} catch (PwmOperationalException e) {
throw new PwmUnrecoverableException(e.getErrorInformation());
}
if (authResult.getAuthenticationType() == AuthenticationType.AUTHENTICATED) {
return authResult;
}
return null;
}
Also used :
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 78 with PwmOperationalException
use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.
the class PeopleSearchServlet method processUserPhotoImageRequest.
@ActionHandler(action = "photo")
private ProcessStatus processUserPhotoImageRequest(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
final String userKey = pwmRequest.readParameterAsString(PARAM_USERKEY, PwmHttpRequestWrapper.Flag.BypassValidation);
if (userKey.length() < 1) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, PARAM_USERKEY + " parameter is missing");
LOGGER.error(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation, false);
return ProcessStatus.Halt;
}
final PeopleSearchDataReader peopleSearchDataReader = new PeopleSearchDataReader(pwmRequest);
final UserIdentity userIdentity = UserIdentity.fromKey(userKey, pwmRequest.getPwmApplication());
try {
peopleSearchDataReader.checkIfUserIdentityViewable(userIdentity);
} catch (PwmOperationalException e) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, "error during photo request while checking if requested userIdentity is within search scope: " + e.getMessage());
LOGGER.error(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation, false);
return ProcessStatus.Halt;
}
LOGGER.debug(pwmRequest, "received user photo request to view user " + userIdentity.toString());
final PhotoDataBean photoData;
try {
photoData = peopleSearchDataReader.readPhotoDataFromLdap(userIdentity);
} catch (PwmOperationalException e) {
final ErrorInformation errorInformation = e.getErrorInformation();
LOGGER.error(pwmRequest, errorInformation);
pwmRequest.respondWithError(errorInformation, false);
return ProcessStatus.Halt;
}
addExpiresHeadersToResponse(pwmRequest);
try (OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream()) {
final HttpServletResponse resp = pwmRequest.getPwmResponse().getHttpServletResponse();
resp.setContentType(photoData.getMimeType());
outputStream.write(photoData.getContents());
}
return ProcessStatus.Halt;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PhotoDataBean(password.pwm.ldap.PhotoDataBean)
UserIdentity(password.pwm.bean.UserIdentity)
OutputStream(java.io.OutputStream)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 79 with PwmOperationalException
use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.
the class UserSearchEngine method resolveUsername.
public UserIdentity resolveUsername(final String username, final String context, final String profile, final SessionLabel sessionLabel) throws PwmUnrecoverableException, PwmOperationalException {
// check if username is a key
{
UserIdentity inputIdentity = null;
try {
inputIdentity = UserIdentity.fromKey(username, pwmApplication);
} catch (PwmException e) {
/* input is not a userIdentity */
}
if (inputIdentity != null) {
try {
final ChaiUser theUser = pwmApplication.getProxiedChaiUser(inputIdentity);
if (theUser.exists()) {
final String canonicalDN;
canonicalDN = theUser.readCanonicalDN();
return new UserIdentity(canonicalDN, inputIdentity.getLdapProfileID());
}
} catch (ChaiOperationException e) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, e.getMessage()));
} catch (ChaiUnavailableException e) {
throw PwmUnrecoverableException.fromChaiException(e);
}
}
}
try {
// see if we need to do a contextless search.
if (checkIfStringIsDN(username, sessionLabel)) {
return resolveUserDN(username);
} else {
final SearchConfiguration.SearchConfigurationBuilder builder = SearchConfiguration.builder();
builder.username(username);
if (context != null) {
builder.contexts(Collections.singletonList(context));
}
if (profile != null) {
builder.ldapProfile(profile);
}
final SearchConfiguration searchConfiguration = builder.build();
return performSingleUserSearch(searchConfiguration, sessionLabel);
}
} catch (PwmOperationalException e) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues()));
} catch (ChaiUnavailableException e) {
throw PwmUnrecoverableException.fromChaiException(e);
}
}
Also used :
PwmException(password.pwm.error.PwmException)
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
ChaiUser(com.novell.ldapchai.ChaiUser)
UserIdentity(password.pwm.bean.UserIdentity)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 80 with PwmOperationalException
use of password.pwm.error.PwmOperationalException in project pwm by pwm-project.
the class UserSearchEngine method performSingleUserSearch.
public UserIdentity performSingleUserSearch(final SearchConfiguration searchConfiguration, final SessionLabel sessionLabel) throws PwmUnrecoverableException, PwmOperationalException {
final long startTime = System.currentTimeMillis();
final DuplicateMode dupeMode = pwmApplication.getConfig().readSettingAsEnum(PwmSetting.LDAP_DUPLICATE_MODE, DuplicateMode.class);
final int searchCount = (dupeMode == DuplicateMode.FIRST_ALL) ? 1 : 2;
final Map<UserIdentity, Map<String, String>> searchResults = performMultiUserSearch(searchConfiguration, searchCount, Collections.emptyList(), sessionLabel);
final List<UserIdentity> results = searchResults == null ? Collections.emptyList() : new ArrayList<>(searchResults.keySet());
if (results.isEmpty()) {
final String errorMessage;
if (searchConfiguration.getUsername() != null && searchConfiguration.getUsername().length() > 0) {
errorMessage = "an ldap user for username value '" + searchConfiguration.getUsername() + "' was not found";
} else {
errorMessage = "an ldap user was not found";
}
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, errorMessage));
} else if (results.size() == 1) {
final String userDN = results.get(0).getUserDN();
LOGGER.debug(sessionLabel, "found userDN: " + userDN + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")");
return results.get(0);
}
if (dupeMode == DuplicateMode.FIRST_PROFILE) {
final String profile1 = results.get(0).getLdapProfileID();
final String profile2 = results.get(1).getLdapProfileID();
final boolean sameProfile = (profile1 == null && profile2 == null) || (profile1 != null && profile1.equals(profile2));
if (sameProfile) {
final String errorMessage = "multiple user matches in single profile";
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, errorMessage));
}
LOGGER.trace(sessionLabel, "found multiple matches, but will use first match since second match" + " is in a different profile and dupeMode is set to " + DuplicateMode.FIRST_PROFILE);
return results.get(0);
}
final String errorMessage = "multiple user matches found";
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, errorMessage));
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
UserIdentity(password.pwm.bean.UserIdentity)
Map(java.util.Map)
LinkedHashMap(java.util.LinkedHashMap)
TreeMap(java.util.TreeMap)
DuplicateMode(password.pwm.config.option.DuplicateMode)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Aggregations
PwmOperationalException (password.pwm.error.PwmOperationalException)134
ErrorInformation (password.pwm.error.ErrorInformation)104
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)57
UserIdentity (password.pwm.bean.UserIdentity)39
PwmApplication (password.pwm.PwmApplication)27
PwmSession (password.pwm.http.PwmSession)26
ChaiUser (com.novell.ldapchai.ChaiUser)20
Configuration (password.pwm.config.Configuration)19
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)17
UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)17
FormConfiguration (password.pwm.config.value.data.FormConfiguration)16
PwmException (password.pwm.error.PwmException)16
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)15
SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)14
Instant (java.time.Instant)13
LinkedHashMap (java.util.LinkedHashMap)13
MacroMachine (password.pwm.util.macro.MacroMachine)13
ArrayList (java.util.ArrayList)12
Map (java.util.Map)12
UserInfo (password.pwm.ldap.UserInfo)11
