Example 26 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class LDAPAuthenticationRequest method setTempUserPassword.
private PasswordData setTempUserPassword() throws ChaiUnavailableException, ImpossiblePasswordPolicyException, PwmUnrecoverableException {
final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser(userIdentity.getUserDN());
// try setting a random password on the account to authenticate.
if (!configAlwaysUseProxy && requestedAuthType == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
log(PwmLogLevel.DEBUG, "attempting to set temporary random password");
final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, sessionLabel, userIdentity, chaiUser, PwmConstants.DEFAULT_LOCALE);
// create random password for user
final RandomPasswordGenerator.RandomGeneratorConfig randomGeneratorConfig = RandomPasswordGenerator.RandomGeneratorConfig.builder().seedlistPhrases(RandomPasswordGenerator.DEFAULT_SEED_PHRASES).passwordPolicy(passwordPolicy).build();
final PasswordData currentPass = RandomPasswordGenerator.createRandomPassword(sessionLabel, randomGeneratorConfig, pwmApplication);
try {
final String oracleDSPrePasswordAllowChangeTime = oraclePreTemporaryPwHandler(chaiProvider, chaiUser);
// write the random password for the user.
chaiUser.setPassword(currentPass.getStringValue());
oraclePostTemporaryPwHandler(chaiProvider, chaiUser, oracleDSPrePasswordAllowChangeTime);
log(PwmLogLevel.INFO, "user " + userIdentity + " password has been set to random value to use for user authentication");
} catch (ChaiOperationException e) {
final String errorStr = "error setting random password for user " + userIdentity + " " + e.getMessage();
log(PwmLogLevel.ERROR, errorStr);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
}
return currentPass;
}
return null;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiProvider(com.novell.ldapchai.provider.ChaiProvider)
ChaiUser(com.novell.ldapchai.ChaiUser)
PasswordData(password.pwm.util.PasswordData)
PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy)
RandomPasswordGenerator(password.pwm.util.RandomPasswordGenerator)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
Example 27 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class LDAPAuthenticationRequest method oraclePreTemporaryPwHandler.
private String oraclePreTemporaryPwHandler(final ChaiProvider chaiProvider, final ChaiUser chaiUser) throws PwmUnrecoverableException, ChaiUnavailableException, ChaiOperationException {
if (!pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.ORACLE_DS_ENABLE_MANIP_ALLOWCHANGETIME)) {
return null;
}
if (DirectoryVendor.ORACLE_DS != chaiUser.getChaiProvider().getDirectoryVendor()) {
return null;
}
// oracle DS special case: passwordAllowChangeTime handler
final String oracleDSPrePasswordAllowChangeTime = chaiProvider.readStringAttribute(chaiUser.getEntryDN(), ORACLE_ATTR_PW_ALLOW_CHG_TIME);
log(PwmLogLevel.TRACE, "read OracleDS value of passwordAllowChangeTime value=" + oracleDSPrePasswordAllowChangeTime);
if (oracleDSPrePasswordAllowChangeTime != null && !oracleDSPrePasswordAllowChangeTime.isEmpty()) {
final Instant date = OracleDSEntries.convertZuluToDate(oracleDSPrePasswordAllowChangeTime);
final boolean enforceFromForgotten = !ForgottenPasswordUtil.permitPwChangeDuringMinLifetime(pwmApplication, sessionLabel, userIdentity);
if (enforceFromForgotten) {
if (Instant.now().isBefore(date)) {
final String errorMsg = "change not permitted until " + JavaHelper.toIsoDate(date);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.PASSWORD_TOO_SOON, errorMsg));
}
}
}
return oracleDSPrePasswordAllowChangeTime;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
Instant(java.time.Instant)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
Example 28 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class LDAPAuthenticationRequest method authUsingUnknownPw.
@Override
public AuthenticationResult authUsingUnknownPw() throws ChaiUnavailableException, PwmUnrecoverableException {
initialize();
log(PwmLogLevel.TRACE, "beginning authentication using unknown password procedure");
PasswordData userPassword = null;
final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
if (configAlwaysUseProxy) {
strategy = AuthenticationStrategy.ADMIN_PROXY;
} else {
userPassword = learnUserPassword();
if (userPassword != null) {
strategy = AuthenticationStrategy.READ_THEN_BIND;
} else {
userPassword = setTempUserPassword();
if (userPassword != null) {
strategy = AuthenticationStrategy.WRITE_THEN_BIND;
}
}
if (userPassword == null) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "no available unknown-pw authentication method"));
}
}
try {
return authenticateUserImpl(userPassword);
} catch (PwmOperationalException e) {
if (strategy == AuthenticationStrategy.READ_THEN_BIND) {
final String errorStr = "unable to authenticate with password read from directory, check proxy rights, ldap logs; error: " + e.getMessage();
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
} else if (strategy == AuthenticationStrategy.WRITE_THEN_BIND) {
final String errorStr = "unable to authenticate with temporary password, check proxy rights, ldap logs; error: " + e.getMessage();
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
}
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "unable to authenticate via authWithUnknownPw method: " + e.getMessage()));
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PasswordData(password.pwm.util.PasswordData)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 29 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class EdirSchemaExtender method execute.
private void execute(final boolean readOnly) throws PwmUnrecoverableException {
activityLog.delete(0, activityLog.length());
logActivity("connecting to " + schemaEntry.getChaiProvider().getChaiConfiguration().bindURLsAsList().iterator().next());
stateMap.clear();
try {
final Map<String, SchemaParser> existingAttrs = readSchemaAttributes();
for (final SchemaDefinition schemaDefinition : SchemaDefinition.getPwmSchemaDefinitions()) {
if (schemaDefinition.getSchemaType() == SchemaDefinition.SchemaType.attribute) {
checkAttribute(readOnly, schemaDefinition, existingAttrs);
}
}
final Map<String, SchemaParser> existingObjectclasses = readSchemaObjectclasses();
for (final SchemaDefinition schemaDefinition : SchemaDefinition.getPwmSchemaDefinitions()) {
if (schemaDefinition.getSchemaType() == SchemaDefinition.SchemaType.objectclass) {
checkObjectclass(readOnly, schemaDefinition, existingObjectclasses);
}
}
} catch (ChaiUnavailableException e) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_DIRECTORY_UNAVAILABLE, e.getMessage()));
} catch (ChaiOperationException e) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, e.getMessage()));
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiUnavailableException(com.novell.ldapchai.exception.ChaiUnavailableException)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
SchemaParser(com.novell.ldap.client.SchemaParser)
Example 30 with PwmUnrecoverableException
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class PwmServiceManager method initService.
private PwmService initService(final Class<? extends PwmService> serviceClass) throws PwmUnrecoverableException {
final Instant startTime = Instant.now();
final PwmService newServiceInstance;
final String serviceName = serviceClass.getName();
try {
final Object newInstance = serviceClass.newInstance();
newServiceInstance = (PwmService) newInstance;
} catch (Exception e) {
final String errorMsg = "unexpected error instantiating service class '" + serviceName + "', error: " + e.toString();
LOGGER.fatal(errorMsg, e);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_STARTUP_ERROR, errorMsg));
}
try {
LOGGER.debug("initializing service " + serviceName);
newServiceInstance.init(pwmApplication);
final TimeDuration startupDuration = TimeDuration.fromCurrent(startTime);
LOGGER.debug("completed initialization of service " + serviceName + " in " + startupDuration.asCompactString() + ", status=" + newServiceInstance.status());
} catch (PwmException e) {
LOGGER.warn("error instantiating service class '" + serviceName + "', service will remain unavailable, error: " + e.getMessage());
} catch (Exception e) {
String errorMsg = "unexpected error instantiating service class '" + serviceName + "', cannot load, error: " + e.getMessage();
if (e.getCause() != null) {
errorMsg += ", cause: " + e.getCause();
}
LOGGER.fatal(errorMsg);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_STARTUP_ERROR, errorMsg));
}
return newServiceInstance;
}
Also used :
PwmException(password.pwm.error.PwmException)
ErrorInformation(password.pwm.error.ErrorInformation)
Instant(java.time.Instant)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
TimeDuration(password.pwm.util.java.TimeDuration)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmException(password.pwm.error.PwmException)
Aggregations
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)282
ErrorInformation (password.pwm.error.ErrorInformation)201
PwmOperationalException (password.pwm.error.PwmOperationalException)85
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)75
IOException (java.io.IOException)72
PwmException (password.pwm.error.PwmException)69
PwmApplication (password.pwm.PwmApplication)48
UserIdentity (password.pwm.bean.UserIdentity)48
Configuration (password.pwm.config.Configuration)43
ServletException (javax.servlet.ServletException)38
LinkedHashMap (java.util.LinkedHashMap)37
Instant (java.time.Instant)35
ArrayList (java.util.ArrayList)31
PwmSession (password.pwm.http.PwmSession)30
Map (java.util.Map)28
ChaiUser (com.novell.ldapchai.ChaiUser)26
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)25
FormConfiguration (password.pwm.config.value.data.FormConfiguration)24
HashMap (java.util.HashMap)23
ChaiException (com.novell.ldapchai.exception.ChaiException)22
