use of password.pwm.http.PwmURL in project pwm by pwm-project.
the class AuthenticationFilter method processFilter.
public void processFilter(final PwmApplicationMode mode, final PwmRequest pwmRequest, final PwmFilterChain chain) throws IOException, ServletException {
final PwmURL pwmURL = pwmRequest.getURL();
if (pwmURL.isPublicUrl() && !pwmURL.isLoginServlet()) {
chain.doFilter();
return;
}
try {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmSession pwmSession = pwmRequest.getPwmSession();
if (pwmApplication.getApplicationMode() == PwmApplicationMode.NEW) {
if (pwmRequest.getURL().isConfigGuideURL()) {
chain.doFilter();
return;
}
}
if (pwmApplication.getApplicationMode() == PwmApplicationMode.CONFIGURATION) {
if (pwmRequest.getURL().isConfigManagerURL()) {
chain.doFilter();
return;
}
}
// user is already authenticated
if (pwmSession.isAuthenticated()) {
this.processAuthenticatedSession(pwmRequest, chain);
} else {
this.processUnAuthenticatedSession(pwmRequest, chain);
}
} catch (PwmUnrecoverableException e) {
LOGGER.error(e.getErrorInformation());
pwmRequest.respondWithError(e.getErrorInformation(), true);
}
}
use of password.pwm.http.PwmURL in project pwm by pwm-project.
the class ApplicationModeFilter method checkConfigModes.
private static ProcessStatus checkConfigModes(final PwmRequest pwmRequest) throws IOException, ServletException, PwmUnrecoverableException {
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PwmApplicationMode mode = pwmApplication.getApplicationMode();
final PwmURL pwmURL = pwmRequest.getURL();
if (mode == PwmApplicationMode.NEW) {
// check if current request is actually for the config url, if it is, just do nothing.
if (pwmURL.isCommandServletURL() || pwmURL.isRestService()) {
return ProcessStatus.Continue;
}
if (pwmURL.isConfigGuideURL() || pwmURL.isReferenceURL()) {
return ProcessStatus.Continue;
} else {
LOGGER.debug("unable to find a valid configuration, redirecting " + pwmURL + " to ConfigGuide");
pwmRequest.sendRedirect(PwmServletDefinition.ConfigGuide);
return ProcessStatus.Halt;
}
}
if (mode == PwmApplicationMode.ERROR) {
ErrorInformation rootError = ContextManager.getContextManager(pwmRequest.getHttpServletRequest().getSession()).getStartupErrorInformation();
if (rootError == null) {
rootError = new ErrorInformation(PwmError.ERROR_APP_UNAVAILABLE, "Application startup failed.");
}
pwmRequest.respondWithError(rootError);
return ProcessStatus.Halt;
}
// allow oauth
if (pwmURL.isOauthConsumer()) {
return ProcessStatus.Continue;
}
// block if public request and not running or in trial
if (!PwmConstants.TRIAL_MODE) {
if (mode != PwmApplicationMode.RUNNING) {
final boolean permittedURl = pwmURL.isResourceURL() || pwmURL.isIndexPage() || pwmURL.isConfigManagerURL() || pwmURL.isConfigGuideURL() || pwmURL.isCommandServletURL() || pwmURL.isReferenceURL() || pwmURL.isLoginServlet() || pwmURL.isLogoutURL() || pwmURL.isOauthConsumer() || pwmURL.isAdminUrl() || pwmURL.isRestService();
if (!permittedURl) {
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_APPLICATION_NOT_RUNNING);
pwmRequest.respondWithError(errorInformation);
return ProcessStatus.Halt;
}
}
}
return ProcessStatus.Continue;
}
use of password.pwm.http.PwmURL in project pwm by pwm-project.
the class ObsoleteUrlFilter method redirectOldUrls.
private ProcessStatus redirectOldUrls(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException {
if (pwmRequest == null || pwmRequest.getURL() == null) {
return ProcessStatus.Continue;
}
final PwmURL pwmURL = pwmRequest.getURL();
if (pwmURL.isResourceURL() || pwmURL.isCommandServletURL()) {
return ProcessStatus.Continue;
}
if (pwmRequest.getMethod() != HttpMethod.GET) {
return ProcessStatus.Continue;
}
if (!pwmRequest.readParametersAsMap().isEmpty()) {
return ProcessStatus.Continue;
}
final String requestUrl = pwmRequest.getURLwithoutQueryString();
final String requestServletUrl = requestUrl.substring(pwmRequest.getContextPath().length(), requestUrl.length());
for (final PwmServletDefinition pwmServletDefinition : PwmServletDefinition.values()) {
boolean match = false;
for (final String patternUrl : pwmServletDefinition.urlPatterns()) {
if (patternUrl.equals(requestServletUrl)) {
match = true;
break;
}
}
if (match) {
if (!pwmServletDefinition.servletUrl().equals(requestServletUrl)) {
LOGGER.debug(pwmRequest, "obsolete url of '" + requestServletUrl + "' detected, redirecting to canonical URL of '" + pwmServletDefinition.servletUrl() + "'");
StatisticsManager.incrementStat(pwmRequest, Statistic.OBSOLETE_URL_REQUESTS);
pwmRequest.sendRedirect(pwmServletDefinition);
return ProcessStatus.Halt;
}
}
}
return ProcessStatus.Continue;
}
use of password.pwm.http.PwmURL in project pwm by pwm-project.
the class SessionFilter method processFilter.
public void processFilter(final PwmApplicationMode mode, final PwmRequest pwmRequest, final PwmFilterChain chain) throws IOException, ServletException, PwmUnrecoverableException {
final int requestID = REQUEST_COUNTER.incrementAndGet();
// output request information to debug log
final Instant startTime = Instant.now();
pwmRequest.debugHttpRequestToLog("requestID=" + requestID);
final PwmURL pwmURL = pwmRequest.getURL();
if (!pwmURL.isRestService() && !pwmURL.isResourceURL()) {
if (handleStandardRequestOperations(pwmRequest) == ProcessStatus.Halt) {
return;
}
}
try {
chain.doFilter();
} catch (IOException e) {
LOGGER.trace(pwmRequest.getPwmSession(), "IO exception during servlet processing: " + e.getMessage());
throw new ServletException(e);
} catch (Throwable e) {
if (e instanceof ServletException && e.getCause() != null && e.getCause() instanceof NoClassDefFoundError && e.getCause().getMessage() != null && e.getCause().getMessage().contains("JaxbAnnotationIntrospector")) {
// this is a jersey 1.18 bug that occurs once per execution
LOGGER.debug("ignoring JaxbAnnotationIntrospector NoClassDefFoundError: " + e.getMessage());
} else {
LOGGER.warn(pwmRequest.getPwmSession(), "unhandled exception " + e.getMessage(), e);
}
throw new ServletException(e);
}
final TimeDuration requestExecuteTime = TimeDuration.fromCurrent(startTime);
pwmRequest.debugHttpRequestToLog("completed requestID=" + requestID + " in " + requestExecuteTime.asCompactString());
}
use of password.pwm.http.PwmURL in project pwm by pwm-project.
the class CaptchaUtility method captchaEnabledForRequest.
public static boolean captchaEnabledForRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException {
if (!checkIfCaptchaConfigEnabled(pwmRequest)) {
return false;
}
if (checkIfCaptchaParamPresent(pwmRequest)) {
return false;
}
if (checkRequestForCaptchaSkipCookie(pwmRequest)) {
return false;
}
if (!checkIntruderCount(pwmRequest)) {
return false;
}
final Set<ApplicationPage> protectedModules = pwmRequest.getConfig().readSettingAsOptionList(PwmSetting.CAPTCHA_PROTECTED_PAGES, ApplicationPage.class);
final PwmURL pwmURL = pwmRequest.getURL();
boolean enabled = false;
if (protectedModules != null) {
if (protectedModules.contains(ApplicationPage.LOGIN) && pwmURL.isLoginServlet()) {
enabled = true;
} else if (protectedModules.contains(ApplicationPage.FORGOTTEN_PASSWORD) && pwmURL.isForgottenPasswordServlet()) {
enabled = true;
} else if (protectedModules.contains(ApplicationPage.FORGOTTEN_USERNAME) && pwmURL.isForgottenUsernameServlet()) {
enabled = true;
} else if (protectedModules.contains(ApplicationPage.USER_ACTIVATION) && pwmURL.isUserActivationServlet()) {
enabled = true;
} else if (protectedModules.contains(ApplicationPage.NEW_USER_REGISTRATION) && pwmURL.isNewUserRegistrationServlet()) {
enabled = true;
}
}
return enabled;
}
Aggregations