Examples with SearchConfiguration password.pwm.ldap.search.SearchConfiguration used on opensource projects

Search in sources :

Example 1 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class LdapOperationsHelper method readAllUsersFromLdap.

public static Iterator<UserIdentity> readAllUsersFromLdap(final PwmApplication pwmApplication, final SessionLabel sessionLabel, final String searchFilter, final int maxResults) throws ChaiUnavailableException, ChaiOperationException, PwmUnrecoverableException, PwmOperationalException {
    final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
    final SearchConfiguration searchConfiguration;
    {
        final SearchConfiguration.SearchConfigurationBuilder builder = SearchConfiguration.builder();
        builder.enableValueEscaping(false);
        builder.searchTimeout(Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.REPORTING_LDAP_SEARCH_TIMEOUT)));
        if (searchFilter == null) {
            builder.username("*");
        } else {
            builder.filter(searchFilter);
        }
        searchConfiguration = builder.build();
    }
    LOGGER.debug(sessionLabel, "beginning user search using parameters: " + (JsonUtil.serialize(searchConfiguration)));
    final Map<UserIdentity, Map<String, String>> searchResults = userSearchEngine.performMultiUserSearch(searchConfiguration, maxResults, Collections.emptyList(), sessionLabel);
    LOGGER.debug(sessionLabel, "user search found " + searchResults.size() + " users");
    final Queue<UserIdentity> tempQueue = new LinkedList<>(searchResults.keySet());
    return new Iterator<UserIdentity>() {

        @Override
        public boolean hasNext() {
            return tempQueue.peek() != null;
        }

        @Override
        public UserIdentity next() {
            return tempQueue.poll();
        }
    };
}
Also used : UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) Iterator(java.util.Iterator) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) Map(java.util.Map) HashMap(java.util.HashMap) LinkedList(java.util.LinkedList)

Example 2 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class ResponseStatsCommand method readAllUsersFromLdap.

private static List<UserIdentity> readAllUsersFromLdap(final PwmApplication pwmApplication) throws ChaiUnavailableException, ChaiOperationException, PwmUnrecoverableException, PwmOperationalException {
    final List<UserIdentity> returnList = new ArrayList<>();
    for (final LdapProfile ldapProfile : pwmApplication.getConfig().getLdapProfiles().values()) {
        final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
        final SearchConfiguration searchConfiguration = SearchConfiguration.builder().enableValueEscaping(false).searchTimeout(Long.parseLong(pwmApplication.getConfig().readAppProperty(AppProperty.REPORTING_LDAP_SEARCH_TIMEOUT))).username("*").enableValueEscaping(false).filter(ldapProfile.readSettingAsString(PwmSetting.LDAP_USERNAME_SEARCH_FILTER)).ldapProfile(ldapProfile.getIdentifier()).build();
        final Map<UserIdentity, Map<String, String>> searchResults = userSearchEngine.performMultiUserSearch(searchConfiguration, Integer.MAX_VALUE, Collections.emptyList(), SessionLabel.SYSTEM_LABEL);
        returnList.addAll(searchResults.keySet());
    }
    return returnList;
}
Also used : UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) ArrayList(java.util.ArrayList) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) LdapProfile(password.pwm.config.profile.LdapProfile) Map(java.util.Map) TreeMap(java.util.TreeMap)

Example 3 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class HelpdeskServlet method restSearchRequest.

@ActionHandler(action = "search")
private ProcessStatus restSearchRequest(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
    final HelpdeskProfile helpdeskProfile = getHelpdeskProfile(pwmRequest);
    final Map<String, String> valueMap = pwmRequest.readBodyAsJsonStringMap();
    final String username = valueMap.get("username");
    final boolean useProxy = helpdeskProfile.readSettingAsBoolean(PwmSetting.HELPDESK_USE_PROXY);
    final List<FormConfiguration> searchForm = helpdeskProfile.readSettingAsForm(PwmSetting.HELPDESK_SEARCH_FORM);
    final int maxResults = (int) helpdeskProfile.readSettingAsLong(PwmSetting.HELPDESK_RESULT_LIMIT);
    if (username == null || username.isEmpty()) {
        final HelpdeskSearchResultsBean emptyResults = new HelpdeskSearchResultsBean();
        emptyResults.setSearchResults(new ArrayList<>());
        emptyResults.setSizeExceeded(false);
        final RestResultBean restResultBean = RestResultBean.withData(emptyResults);
        pwmRequest.outputJsonResult(restResultBean);
        return ProcessStatus.Halt;
    }
    final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
    final SearchConfiguration searchConfiguration;
    {
        final SearchConfiguration.SearchConfigurationBuilder builder = SearchConfiguration.builder();
        builder.contexts(helpdeskProfile.readSettingAsStringArray(PwmSetting.HELPDESK_SEARCH_BASE));
        builder.enableContextValidation(false);
        builder.username(username);
        builder.enableValueEscaping(false);
        builder.filter(HelpdeskServletUtil.getSearchFilter(pwmRequest.getConfig(), helpdeskProfile));
        builder.enableSplitWhitespace(true);
        if (!useProxy) {
            final UserIdentity loggedInUser = pwmRequest.getPwmSession().getUserInfo().getUserIdentity();
            builder.ldapProfile(loggedInUser.getLdapProfileID());
            builder.chaiProvider(getChaiUser(pwmRequest, helpdeskProfile, loggedInUser).getChaiProvider());
        }
        searchConfiguration = builder.build();
    }
    final UserSearchResults results;
    final boolean sizeExceeded;
    try {
        final Locale locale = pwmRequest.getLocale();
        results = userSearchEngine.performMultiUserSearchFromForm(locale, searchConfiguration, maxResults, searchForm, pwmRequest.getSessionLabel());
        sizeExceeded = results.isSizeExceeded();
    } catch (PwmOperationalException e) {
        final ErrorInformation errorInformation = e.getErrorInformation();
        LOGGER.error(pwmRequest, errorInformation);
        final RestResultBean restResultBean = RestResultBean.fromError(errorInformation, pwmRequest);
        pwmRequest.outputJsonResult(restResultBean);
        return ProcessStatus.Halt;
    }
    final HelpdeskSearchResultsBean outputData = new HelpdeskSearchResultsBean();
    outputData.setSearchResults(results.resultsAsJsonOutput(pwmRequest.getPwmApplication(), pwmRequest.getUserInfoIfLoggedIn()));
    outputData.setSizeExceeded(sizeExceeded);
    final RestResultBean restResultBean = RestResultBean.withData(outputData);
    pwmRequest.outputJsonResult(restResultBean);
    return ProcessStatus.Halt;
}
Also used : Locale(java.util.Locale) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) UserSearchResults(password.pwm.ldap.search.UserSearchResults) HelpdeskProfile(password.pwm.config.profile.HelpdeskProfile) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) FormConfiguration(password.pwm.config.value.data.FormConfiguration) RestResultBean(password.pwm.ws.server.RestResultBean)

Example 4 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class GuestRegistrationServlet method handleSearchRequest.

protected void handleSearchRequest(final PwmRequest pwmRequest, final GuestRegistrationBean guestRegistrationBean) throws ServletException, ChaiUnavailableException, IOException, PwmUnrecoverableException {
    LOGGER.trace(pwmRequest, "Enter: handleSearchRequest(...)");
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final ChaiProvider chaiProvider = pwmSession.getSessionManager().getChaiProvider();
    final Configuration config = pwmApplication.getConfig();
    final String adminDnAttribute = config.readSettingAsString(PwmSetting.GUEST_ADMIN_ATTRIBUTE);
    final Boolean origAdminOnly = config.readSettingAsBoolean(PwmSetting.GUEST_EDIT_ORIG_ADMIN_ONLY);
    final String usernameParam = pwmRequest.readParameterAsString("username");
    final GuestRegistrationBean guBean = pwmApplication.getSessionStateService().getBean(pwmRequest, GuestRegistrationBean.class);
    final SearchConfiguration searchConfiguration = SearchConfiguration.builder().chaiProvider(chaiProvider).contexts(Collections.singletonList(config.readSettingAsString(PwmSetting.GUEST_CONTEXT))).enableContextValidation(false).username(usernameParam).build();
    final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
    try {
        final UserIdentity theGuest = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmSession.getLabel());
        final FormMap formProps = guBean.getFormValues();
        try {
            final List<FormConfiguration> guestUpdateForm = config.readSettingAsForm(PwmSetting.GUEST_UPDATE_FORM);
            final Set<String> involvedAttrs = new HashSet<>();
            for (final FormConfiguration formItem : guestUpdateForm) {
                if (!formItem.getName().equalsIgnoreCase(HTTP_PARAM_EXPIRATION_DATE)) {
                    involvedAttrs.add(formItem.getName());
                }
            }
            final UserInfo guestUserInfo = UserInfoFactory.newUserInfo(pwmApplication, pwmSession.getLabel(), pwmRequest.getLocale(), theGuest, pwmSession.getSessionManager().getChaiProvider());
            final Map<String, String> userAttrValues = guestUserInfo.readStringAttributes(involvedAttrs);
            if (origAdminOnly && adminDnAttribute != null && adminDnAttribute.length() > 0) {
                final String origAdminDn = userAttrValues.get(adminDnAttribute);
                if (origAdminDn != null && origAdminDn.length() > 0) {
                    if (!pwmSession.getUserInfo().getUserIdentity().getUserDN().equalsIgnoreCase(origAdminDn)) {
                        final ErrorInformation info = new ErrorInformation(PwmError.ERROR_ORIG_ADMIN_ONLY);
                        setLastError(pwmRequest, info);
                        LOGGER.warn(pwmSession, info);
                        this.forwardToJSP(pwmRequest, guestRegistrationBean);
                    }
                }
            }
            final String expirationAttribute = config.readSettingAsString(PwmSetting.GUEST_EXPIRATION_ATTRIBUTE);
            if (expirationAttribute != null && expirationAttribute.length() > 0) {
                final Instant expiration = guestUserInfo.readDateAttribute(expirationAttribute);
                if (expiration != null) {
                    guBean.setUpdateUserExpirationDate(expiration);
                }
            }
            for (final FormConfiguration formItem : guestUpdateForm) {
                final String key = formItem.getName();
                final String value = userAttrValues.get(key);
                if (value != null) {
                    formProps.put(key, value);
                }
            }
            guBean.setUpdateUserIdentity(theGuest);
            this.forwardToUpdateJSP(pwmRequest, guestRegistrationBean);
            return;
        } catch (PwmUnrecoverableException e) {
            LOGGER.warn(pwmSession, "error reading current attributes for user: " + e.getMessage());
        }
    } catch (PwmOperationalException e) {
        final ErrorInformation error = e.getErrorInformation();
        setLastError(pwmRequest, error);
        this.forwardToJSP(pwmRequest, guestRegistrationBean);
        return;
    }
    this.forwardToJSP(pwmRequest, guestRegistrationBean);
}
Also used : PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) ActionConfiguration(password.pwm.config.value.data.ActionConfiguration) Configuration(password.pwm.config.Configuration) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) Instant(java.time.Instant) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) UserInfo(password.pwm.ldap.UserInfo) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) FormMap(password.pwm.util.FormMap) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession) GuestRegistrationBean(password.pwm.http.bean.GuestRegistrationBean) HashSet(java.util.HashSet)

Example 5 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class ActivateUserServlet method handleActivateRequest.

@ActionHandler(action = "activate")
public ProcessStatus handleActivateRequest(final PwmRequest pwmRequest) throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException {
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Configuration config = pwmApplication.getConfig();
    final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            throw new PwmUnrecoverableException(errorInfo);
        }
    }
    pwmApplication.getSessionStateService().clearBean(pwmRequest, ActivateUserBean.class);
    final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm(PwmSetting.ACTIVATE_USER_FORM);
    Map<FormConfiguration, String> formValues = new HashMap<>();
    try {
        // read the values from the request
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, configuredActivationForm, ssBean.getLocale());
        // check for intruders
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // read the context attr
        final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
        // read the profile attr
        final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(config, formValues, ssBean.getLocale());
        final String searchFilter = ActivateUserUtils.figureLdapSearchFilter(pwmRequest);
        // read an ldap user object based on the params
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().contexts(Collections.singletonList(contextParam)).filter(searchFilter).formValues(formValues).ldapProfile(ldapProfile).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmRequest.getSessionLabel());
        }
        ActivateUserUtils.validateParamsAgainstLDAP(pwmRequest, formValues, userIdentity);
        final List<UserPermission> userPermissions = config.readSettingAsUserPermission(PwmSetting.ACTIVATE_USER_QUERY_MATCH);
        if (!LdapPermissionTester.testUserPermissions(pwmApplication, pwmSession.getLabel(), userIdentity, userPermissions)) {
            final String errorMsg = "user " + userIdentity + " attempted activation, but does not match query string";
            final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_ACTIVATE_NO_PERMISSION, errorMsg);
            pwmApplication.getIntruderManager().convenience().markUserIdentity(userIdentity, pwmSession);
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            throw new PwmUnrecoverableException(errorInformation);
        }
        final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean(pwmRequest, ActivateUserBean.class);
        activateUserBean.setUserIdentity(userIdentity);
        activateUserBean.setFormValidated(true);
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        pwmApplication.getIntruderManager().convenience().clearAddressAndSession(pwmSession);
    } catch (PwmOperationalException e) {
        pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
        pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
        setLastError(pwmRequest, e.getErrorInformation());
        LOGGER.debug(pwmSession.getLabel(), e.getErrorInformation().toDebugStr());
    }
    return ProcessStatus.Continue;
}
Also used : PwmApplication(password.pwm.PwmApplication) FormConfiguration(password.pwm.config.value.data.FormConfiguration) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) Configuration(password.pwm.config.Configuration) HashMap(java.util.HashMap) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) ActivateUserBean(password.pwm.http.bean.ActivateUserBean) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) LocalSessionStateBean(password.pwm.bean.LocalSessionStateBean) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession) UserPermission(password.pwm.config.value.data.UserPermission)

Aggregations

UserIdentity (password.pwm.bean.UserIdentity)13 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)13 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)13 ErrorInformation (password.pwm.error.ErrorInformation)10 PwmOperationalException (password.pwm.error.PwmOperationalException)10 Map (java.util.Map)8 FormConfiguration (password.pwm.config.value.data.FormConfiguration)7 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)7 HashMap (java.util.HashMap)5 PwmApplication (password.pwm.PwmApplication)5 LinkedHashMap (java.util.LinkedHashMap)4 PwmSession (password.pwm.http.PwmSession)4 Locale (java.util.Locale)3 TreeMap (java.util.TreeMap)3 UserInfo (password.pwm.ldap.UserInfo)3 ChaiUser (com.novell.ldapchai.ChaiUser)2 SearchHelper (com.novell.ldapchai.util.SearchHelper)2 Instant (java.time.Instant)2 ArrayList (java.util.ArrayList)2 LocalSessionStateBean (password.pwm.bean.LocalSessionStateBean)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial