Examples with PwmSession password.pwm.http.PwmSession used on opensource projects

Search in sources :

Example 26 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class CommandServlet method processNext.

@ActionHandler(action = "next")
private ProcessStatus processNext(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmApplication.getConfig();
    if (pwmRequest.isAuthenticated()) {
        if (AuthenticationFilter.forceRequiredRedirects(pwmRequest) == ProcessStatus.Halt) {
            return ProcessStatus.Halt;
        }
        // log the user out if our finish action is currently set to log out.
        final boolean forceLogoutOnChange = config.readSettingAsBoolean(PwmSetting.LOGOUT_AFTER_PASSWORD_CHANGE);
        if (forceLogoutOnChange && pwmSession.getSessionStateBean().isPasswordModified()) {
            LOGGER.trace(pwmSession, "logging out user; password has been modified");
            pwmRequest.sendRedirect(PwmServletDefinition.Logout);
            return ProcessStatus.Halt;
        }
    }
    redirectToForwardURL(pwmRequest);
    return ProcessStatus.Halt;
}
Also used : PwmApplication(password.pwm.PwmApplication) Configuration(password.pwm.config.Configuration) PwmSession(password.pwm.http.PwmSession)

Example 27 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class ForgottenUsernameServlet method handleSearchRequest.

public void handleSearchRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            LOGGER.debug(pwmRequest, errorInfo);
            setLastError(pwmRequest, errorInfo);
            forwardToFormJsp(pwmRequest);
            return;
        }
    }
    final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
    final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
    final List<FormConfiguration> forgottenUsernameForm = pwmApplication.getConfig().readSettingAsForm(PwmSetting.FORGOTTEN_USERNAME_FORM);
    // read the values from the request
    Map<FormConfiguration, String> formValues = new HashMap<>();
    try {
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, forgottenUsernameForm, ssBean.getLocale());
        // check for intruder search
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(pwmRequest.getConfig(), formValues, ssBean.getLocale());
        final String searchFilter;
        {
            final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString(PwmSetting.FORGOTTEN_USERNAME_SEARCH_FILTER);
            if (configuredSearchFilter == null || configuredSearchFilter.isEmpty()) {
                searchFilter = FormUtility.ldapSearchFilterForForm(pwmApplication, forgottenUsernameForm);
                LOGGER.trace(pwmSession, "auto generated ldap search filter: " + searchFilter);
            } else {
                searchFilter = configuredSearchFilter;
            }
        }
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).contexts(Collections.singletonList(contextParam)).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
        }
        if (userIdentity == null) {
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
            setLastError(pwmRequest, PwmError.ERROR_CANT_MATCH_USER.toInfo());
            forwardToFormJsp(pwmRequest);
            return;
        }
        // make sure the user isn't locked.
        pwmApplication.getIntruderManager().convenience().checkUserIdentity(userIdentity);
        final UserInfo forgottenUserInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, pwmRequest.getSessionLabel(), userIdentity, pwmRequest.getLocale());
        // send username
        sendUsername(pwmApplication, pwmSession, forgottenUserInfo);
        pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_SUCCESSES);
        // redirect user to success page.
        forwardToCompletePage(pwmRequest, userIdentity);
        return;
    } catch (PwmOperationalException e) {
        final ErrorInformation errorInfo;
        errorInfo = e.getError() == PwmError.ERROR_UNKNOWN ? new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues()) : e.getErrorInformation();
        setLastError(pwmRequest, errorInfo);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
    }
    pwmApplication.getStatisticsManager().incrementValue(Statistic.FORGOTTEN_USERNAME_FAILURES);
    forwardToFormJsp(pwmRequest);
}
Also used : PwmApplication(password.pwm.PwmApplication) HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) UserInfo(password.pwm.ldap.UserInfo) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession)

Example 28 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class SetupOtpServlet method handleClearOtpSecret.

@ActionHandler(action = "clearOtp")
private ProcessStatus handleClearOtpSecret(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException {
    final SetupOtpBean otpBean = getSetupOtpBean(pwmRequest);
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final OtpService service = pwmApplication.getOtpService();
    final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
    try {
        service.clearOTPUserConfiguration(pwmSession, theUser);
    } catch (PwmOperationalException e) {
        setLastError(pwmRequest, e.getErrorInformation());
        LOGGER.error(pwmRequest, e.getErrorInformation());
        return ProcessStatus.Halt;
    }
    otpBean.setHasPreExistingOtp(false);
    initializeBean(pwmRequest, otpBean);
    return ProcessStatus.Continue;
}
Also used : PwmApplication(password.pwm.PwmApplication) SetupOtpBean(password.pwm.http.bean.SetupOtpBean) OtpService(password.pwm.util.operations.OtpService) UserIdentity(password.pwm.bean.UserIdentity) PwmSession(password.pwm.http.PwmSession) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 29 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class LdapCertImportFunction method provideFunction.

@Override
public String provideFunction(final PwmRequest pwmRequest, final StoredConfigurationImpl storedConfiguration, final PwmSetting setting, final String profile, final String extraData) throws PwmOperationalException, PwmUnrecoverableException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final StringArrayValue ldapUrlsValue = (StringArrayValue) storedConfiguration.readSetting(PwmSetting.LDAP_SERVER_URLS, profile);
    final Set<X509Certificate> resultCertificates = new LinkedHashSet<>();
    try {
        if (ldapUrlsValue != null && ldapUrlsValue.toNativeObject() != null) {
            final List<String> ldapUrlStrings = ldapUrlsValue.toNativeObject();
            for (final String ldapUrlString : ldapUrlStrings) {
                final URI ldapURI = new URI(ldapUrlString);
                final List<X509Certificate> certs = X509Utils.readRemoteCertificates(ldapURI);
                if (certs != null) {
                    resultCertificates.addAll(certs);
                }
            }
        }
    } catch (Exception e) {
        if (e instanceof PwmException) {
            throw new PwmOperationalException(((PwmException) e).getErrorInformation());
        }
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, "error importing certificates: " + e.getMessage());
        throw new PwmOperationalException(errorInformation);
    }
    final UserIdentity userIdentity = pwmSession.isAuthenticated() ? pwmSession.getUserInfo().getUserIdentity() : null;
    storedConfiguration.writeSetting(setting, profile, new X509CertificateValue(resultCertificates), userIdentity);
    return Message.getLocalizedMessage(pwmSession.getSessionStateBean().getLocale(), Message.Success_Unknown, pwmApplication.getConfig());
}
Also used : LinkedHashSet(java.util.LinkedHashSet) PwmApplication(password.pwm.PwmApplication) UserIdentity(password.pwm.bean.UserIdentity) URI(java.net.URI) X509Certificate(java.security.cert.X509Certificate) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) PwmOperationalException(password.pwm.error.PwmOperationalException) X509CertificateValue(password.pwm.config.value.X509CertificateValue) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) PwmSession(password.pwm.http.PwmSession) StringArrayValue(password.pwm.config.value.StringArrayValue)

Example 30 with PwmSession

use of password.pwm.http.PwmSession in project pwm by pwm-project.

the class SyslogCertImportFunction method provideFunction.

@Override
public String provideFunction(final PwmRequest pwmRequest, final StoredConfigurationImpl storedConfiguration, final PwmSetting setting, final String profile, final String extraData) throws PwmOperationalException, PwmUnrecoverableException {
    boolean error = false;
    Exception exeception = null;
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Set<X509Certificate> resultCertificates = new LinkedHashSet<>();
    final List<String> syslogConfigStrs = (List<String>) storedConfiguration.readSetting(PwmSetting.AUDIT_SYSLOG_SERVERS).toNativeObject();
    if (syslogConfigStrs != null && !syslogConfigStrs.isEmpty()) {
        for (String entry : syslogConfigStrs) {
            if (entry.toUpperCase().startsWith("TLS")) {
                final SyslogAuditService.SyslogConfig syslogConfig = SyslogAuditService.SyslogConfig.fromConfigString(entry);
                if (syslogConfig != null) {
                    try {
                        final List<X509Certificate> certs = X509Utils.readRemoteCertificates(syslogConfig.getHost(), syslogConfig.getPort());
                        if (certs != null) {
                            resultCertificates.addAll(certs);
                            error = false;
                        }
                    } catch (Exception e) {
                        error = true;
                        exeception = e;
                    }
                }
            }
        }
    }
    if (!error) {
        final UserIdentity userIdentity = pwmSession.isAuthenticated() ? pwmSession.getUserInfo().getUserIdentity() : null;
        storedConfiguration.writeSetting(setting, new X509CertificateValue(resultCertificates), userIdentity);
        return Message.getLocalizedMessage(pwmSession.getSessionStateBean().getLocale(), Message.Success_Unknown, pwmApplication.getConfig());
    } else {
        if (exeception instanceof PwmException) {
            throw new PwmOperationalException(((PwmException) exeception).getErrorInformation());
        }
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, "error importing certificates: " + exeception.getMessage());
        throw new PwmOperationalException(errorInformation);
    }
}
Also used : LinkedHashSet(java.util.LinkedHashSet) PwmApplication(password.pwm.PwmApplication) SyslogAuditService(password.pwm.svc.event.SyslogAuditService) UserIdentity(password.pwm.bean.UserIdentity) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmException(password.pwm.error.PwmException) X509Certificate(java.security.cert.X509Certificate) X509CertificateValue(password.pwm.config.value.X509CertificateValue) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) List(java.util.List) PwmSession(password.pwm.http.PwmSession)

Aggregations

PwmSession (password.pwm.http.PwmSession)74 PwmApplication (password.pwm.PwmApplication)55 ErrorInformation (password.pwm.error.ErrorInformation)38 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)30 PwmOperationalException (password.pwm.error.PwmOperationalException)29 Configuration (password.pwm.config.Configuration)21 UserIdentity (password.pwm.bean.UserIdentity)20 FormConfiguration (password.pwm.config.value.data.FormConfiguration)19 PwmException (password.pwm.error.PwmException)14 ChaiUser (com.novell.ldapchai.ChaiUser)12 ActionConfiguration (password.pwm.config.value.data.ActionConfiguration)12 UserInfo (password.pwm.ldap.UserInfo)12 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)11 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)9 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)9 IOException (java.io.IOException)9 Instant (java.time.Instant)9 RestResultBean (password.pwm.ws.server.RestResultBean)9 ServletException (javax.servlet.ServletException)8 MacroMachine (password.pwm.util.macro.MacroMachine)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial