Examples with ChangePasswordBean password.pwm.http.bean.ChangePasswordBean used on opensource projects

Search in sources :

Example 1 with ChangePasswordBean

use of password.pwm.http.bean.ChangePasswordBean in project pwm by pwm-project.

the class ChangePasswordServlet method forwardToWaitPage.

private void forwardToWaitPage(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ServletException, IOException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final ChangePasswordBean changePasswordBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    final Instant maxCompleteTime = changePasswordBean.getChangePasswordMaxCompletion();
    pwmRequest.setAttribute(PwmRequestAttribute.ChangePassword_MaxWaitSeconds, maxCompleteTime == null ? 30 : TimeDuration.fromCurrent(maxCompleteTime).getTotalSeconds());
    pwmRequest.setAttribute(PwmRequestAttribute.ChangePassword_CheckIntervalSeconds, Long.parseLong(pwmRequest.getConfig().readAppProperty(AppProperty.CLIENT_AJAX_PW_WAIT_CHECK_SECONDS)));
    pwmRequest.forwardToJsp(JspUrl.PASSWORD_CHANGE_WAIT);
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean) PwmApplication(password.pwm.PwmApplication) Instant(java.time.Instant)

Example 2 with ChangePasswordBean

use of password.pwm.http.bean.ChangePasswordBean in project pwm by pwm-project.

the class ChangePasswordServlet method processFormAction.

@ActionHandler(action = "form")
ProcessStatus processFormAction(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException {
    final ChangePasswordBean cpb = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    final LocalSessionStateBean ssBean = pwmRequest.getPwmSession().getSessionStateBean();
    final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
    final LoginInfoBean loginBean = pwmRequest.getPwmSession().getLoginInfoBean();
    final PasswordData currentPassword = pwmRequest.readParameterAsPassword("currentPassword");
    // check the current password
    if (cpb.isCurrentPasswordRequired() && loginBean.getUserCurrentPassword() != null) {
        if (currentPassword == null) {
            LOGGER.debug(pwmRequest, "failed password validation check: currentPassword value is missing");
            setLastError(pwmRequest, new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER));
            return ProcessStatus.Continue;
        }
        final boolean passed;
        {
            final boolean caseSensitive = Boolean.parseBoolean(userInfo.getPasswordPolicy().getValue(PwmPasswordRule.CaseSensitive));
            final PasswordData storedPassword = loginBean.getUserCurrentPassword();
            passed = caseSensitive ? storedPassword.equals(currentPassword) : storedPassword.equalsIgnoreCase(currentPassword);
        }
        if (!passed) {
            pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity(userInfo.getUserIdentity(), pwmRequest.getSessionLabel());
            LOGGER.debug(pwmRequest, "failed password validation check: currentPassword value is incorrect");
            setLastError(pwmRequest, new ErrorInformation(PwmError.ERROR_BAD_CURRENT_PASSWORD));
            return ProcessStatus.Continue;
        }
        cpb.setCurrentPasswordPassed(true);
    }
    final List<FormConfiguration> formItem = pwmRequest.getConfig().readSettingAsForm(PwmSetting.PASSWORD_REQUIRE_FORM);
    try {
        // read the values from the request
        final Map<FormConfiguration, String> formValues = FormUtility.readFormValuesFromRequest(pwmRequest, formItem, ssBean.getLocale());
        ChangePasswordServletUtil.validateParamsAgainstLDAP(formValues, pwmRequest.getPwmSession(), pwmRequest.getPwmSession().getSessionManager().getActor(pwmRequest.getPwmApplication()));
        cpb.setFormPassed(true);
    } catch (PwmOperationalException e) {
        pwmRequest.getPwmApplication().getIntruderManager().convenience().markAddressAndSession(pwmRequest.getPwmSession());
        pwmRequest.getPwmApplication().getIntruderManager().convenience().markUserIdentity(userInfo.getUserIdentity(), pwmRequest.getSessionLabel());
        LOGGER.debug(pwmRequest, e.getErrorInformation());
        setLastError(pwmRequest, e.getErrorInformation());
        return ProcessStatus.Continue;
    }
    return ProcessStatus.Continue;
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean) ErrorInformation(password.pwm.error.ErrorInformation) LoginInfoBean(password.pwm.bean.LoginInfoBean) PasswordData(password.pwm.util.PasswordData) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) UserInfo(password.pwm.ldap.UserInfo) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 3 with ChangePasswordBean

use of password.pwm.http.bean.ChangePasswordBean in project pwm by pwm-project.

the class ChangePasswordServlet method nextStep.

public void nextStep(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ServletException {
    final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final Configuration config = pwmApplication.getConfig();
    if (changePasswordBean.getChangeProgressTracker() != null) {
        forwardToWaitPage(pwmRequest);
        return;
    }
    if (ChangePasswordServletUtil.warnPageShouldBeShown(pwmRequest, changePasswordBean)) {
        LOGGER.trace(pwmRequest, "password expiration is within password warn period, forwarding user to warning page");
        pwmRequest.forwardToJsp(JspUrl.PASSWORD_WARN);
        return;
    }
    final String agreementMsg = pwmApplication.getConfig().readSettingAsLocalizedString(PwmSetting.PASSWORD_CHANGE_AGREEMENT_MESSAGE, pwmRequest.getLocale());
    if (agreementMsg != null && agreementMsg.length() > 0 && !changePasswordBean.isAgreementPassed()) {
        final MacroMachine macroMachine = pwmSession.getSessionManager().getMacroMachine(pwmApplication);
        final String expandedText = macroMachine.expandMacros(agreementMsg);
        pwmRequest.setAttribute(PwmRequestAttribute.AgreementText, expandedText);
        pwmRequest.forwardToJsp(JspUrl.PASSWORD_AGREEMENT);
        return;
    }
    if (ChangePasswordServletUtil.determineIfCurrentPasswordRequired(pwmApplication, pwmSession) && !changePasswordBean.isCurrentPasswordPassed()) {
        forwardToFormPage(pwmRequest);
        return;
    }
    if (!config.readSettingAsForm(PwmSetting.PASSWORD_REQUIRE_FORM).isEmpty() && !changePasswordBean.isFormPassed()) {
        forwardToFormPage(pwmRequest);
        return;
    }
    changePasswordBean.setAllChecksPassed(true);
    forwardToChangePage(pwmRequest);
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean) PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) Configuration(password.pwm.config.Configuration) MacroMachine(password.pwm.util.macro.MacroMachine) PwmSession(password.pwm.http.PwmSession)

Example 4 with ChangePasswordBean

use of password.pwm.http.bean.ChangePasswordBean in project pwm by pwm-project.

the class ChangePasswordServlet method processWarnResponse.

@ActionHandler(action = "warnResponse")
public ProcessStatus processWarnResponse(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException {
    final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    if (pwmRequest.getPwmSession().getUserInfo().getPasswordStatus().isWarnPeriod()) {
        final String warnResponseStr = pwmRequest.readParameterAsString("warnResponse");
        final WarnResponseValue warnResponse = JavaHelper.readEnumFromString(WarnResponseValue.class, null, warnResponseStr);
        if (warnResponse != null) {
            switch(warnResponse) {
                case skip:
                    pwmRequest.getPwmSession().getLoginInfoBean().setFlag(LoginInfoBean.LoginFlag.skipNewPw);
                    pwmRequest.sendRedirectToContinue();
                    return ProcessStatus.Halt;
                case change:
                    changePasswordBean.setWarnPassed(true);
                    break;
                default:
                    JavaHelper.unhandledSwitchStatement(warnResponse);
            }
        }
    }
    return ProcessStatus.Continue;
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean)

Example 5 with ChangePasswordBean

use of password.pwm.http.bean.ChangePasswordBean in project pwm by pwm-project.

the class ChangePasswordServlet method processAgreeAction.

@ActionHandler(action = "agree")
ProcessStatus processAgreeAction(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException {
    final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
    LOGGER.debug(pwmRequest, "user accepted password change agreement");
    if (!changePasswordBean.isAgreementPassed()) {
        changePasswordBean.setAgreementPassed(true);
        final AuditRecord auditRecord = new AuditRecordFactory(pwmRequest).createUserAuditRecord(AuditEvent.AGREEMENT_PASSED, pwmRequest.getUserInfoIfLoggedIn(), pwmRequest.getSessionLabel(), "ChangePassword");
        pwmRequest.getPwmApplication().getAuditManager().submit(auditRecord);
    }
    return ProcessStatus.Continue;
}
Also used : ChangePasswordBean(password.pwm.http.bean.ChangePasswordBean) AuditRecordFactory(password.pwm.svc.event.AuditRecordFactory) AuditRecord(password.pwm.svc.event.AuditRecord)

Aggregations

ChangePasswordBean (password.pwm.http.bean.ChangePasswordBean)11 PwmApplication (password.pwm.PwmApplication)4 PwmSession (password.pwm.http.PwmSession)4 PasswordChangeProgressChecker (password.pwm.ldap.PasswordChangeProgressChecker)4 PwmOperationalException (password.pwm.error.PwmOperationalException)3 UserInfo (password.pwm.ldap.UserInfo)3 LoginInfoBean (password.pwm.bean.LoginInfoBean)2 FormConfiguration (password.pwm.config.value.data.FormConfiguration)2 PwmDataValidationException (password.pwm.error.PwmDataValidationException)2 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)2 PasswordData (password.pwm.util.PasswordData)2 MacroMachine (password.pwm.util.macro.MacroMachine)2 ChaiUser (com.novell.ldapchai.ChaiUser)1 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)1 IOException (java.io.IOException)1 Instant (java.time.Instant)1 Locale (java.util.Locale)1 ServletException (javax.servlet.ServletException)1 LocalSessionStateBean (password.pwm.bean.LocalSessionStateBean)1 Configuration (password.pwm.config.Configuration)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial