Examples with SearchConfiguration password.pwm.ldap.search.SearchConfiguration used on opensource projects

Search in sources :

Example 11 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class LdapTokenMachine method retrieveToken.

public TokenPayload retrieveToken(final TokenKey tokenKey) throws PwmOperationalException, PwmUnrecoverableException {
    final String searchFilter;
    {
        final String storedHash = tokenKey.getStoredHash();
        final SearchHelper tempSearchHelper = new SearchHelper();
        final Map<String, String> filterAttributes = new HashMap<>();
        for (final String loopStr : pwmApplication.getConfig().readSettingAsStringArray(PwmSetting.DEFAULT_OBJECT_CLASSES)) {
            filterAttributes.put("objectClass", loopStr);
        }
        filterAttributes.put(tokenAttribute, storedHash + "*");
        tempSearchHelper.setFilterAnd(filterAttributes);
        searchFilter = tempSearchHelper.getFilter();
    }
    try {
        final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
        final SearchConfiguration searchConfiguration = SearchConfiguration.builder().filter(searchFilter).build();
        final UserIdentity user = userSearchEngine.performSingleUserSearch(searchConfiguration, null);
        if (user == null) {
            return null;
        }
        final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy(pwmApplication, null, user, null);
        final String tokenAttributeValue = userInfo.readStringAttribute(tokenAttribute);
        if (tokenAttribute != null && tokenAttributeValue.length() > 0) {
            final String[] splitString = tokenAttributeValue.split(KEY_VALUE_DELIMITER);
            if (splitString.length != 2) {
                final String errorMsg = "error parsing ldap stored token, not enough delimited values";
                final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
                throw new PwmOperationalException(errorInformation);
            }
            return tokenService.fromEncryptedString(splitString[1]);
        }
    } catch (PwmOperationalException e) {
        if (e.getError() == PwmError.ERROR_CANT_MATCH_USER) {
            return null;
        }
        throw e;
    } catch (PwmUnrecoverableException e) {
        final String errorMsg = "unexpected ldap error searching for token: " + e.getMessage();
        final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_TOKEN_INCORRECT, errorMsg);
        throw new PwmOperationalException(errorInformation);
    }
    return null;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) UserInfo(password.pwm.ldap.UserInfo) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) SearchHelper(com.novell.ldapchai.util.SearchHelper) HashMap(java.util.HashMap) Map(java.util.Map) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 12 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class ForgottenPasswordServlet method processSearch.

@ActionHandler(action = "search")
private ProcessStatus processSearch(final PwmRequest pwmRequest) throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException {
    final PwmSession pwmSession = pwmRequest.getPwmSession();
    final Locale userLocale = pwmRequest.getLocale();
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final String contextParam = pwmRequest.readParameterAsString(PwmConstants.PARAM_CONTEXT);
    final String ldapProfile = pwmRequest.readParameterAsString(PwmConstants.PARAM_LDAP_PROFILE);
    final boolean bogusUserModeEnabled = pwmRequest.getConfig().readSettingAsBoolean(PwmSetting.RECOVERY_BOGUS_USER_ENABLE);
    // clear the bean
    clearForgottenPasswordBean(pwmRequest);
    if (CaptchaUtility.captchaEnabledForRequest(pwmRequest)) {
        if (!CaptchaUtility.verifyReCaptcha(pwmRequest)) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_BAD_CAPTCHA_RESPONSE);
            LOGGER.debug(pwmRequest, errorInfo);
            setLastError(pwmRequest, errorInfo);
            return ProcessStatus.Continue;
        }
    }
    final List<FormConfiguration> forgottenPasswordForm = pwmApplication.getConfig().readSettingAsForm(PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FORM);
    Map<FormConfiguration, String> formValues = new LinkedHashMap<>();
    try {
        // read the values from the request
        formValues = FormUtility.readFormValuesFromRequest(pwmRequest, forgottenPasswordForm, userLocale);
        // check for intruder search values
        pwmApplication.getIntruderManager().convenience().checkAttributes(formValues);
        // see if the values meet the configured form requirements.
        FormUtility.validateFormValues(pwmRequest.getConfig(), formValues, userLocale);
        final String searchFilter;
        {
            final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString(PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FILTER);
            if (configuredSearchFilter == null || configuredSearchFilter.isEmpty()) {
                searchFilter = FormUtility.ldapSearchFilterForForm(pwmApplication, forgottenPasswordForm);
                LOGGER.trace(pwmSession, "auto generated ldap search filter: " + searchFilter);
            } else {
                searchFilter = configuredSearchFilter;
            }
        }
        // convert the username field to an identity
        final UserIdentity userIdentity;
        {
            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
            final SearchConfiguration searchConfiguration = SearchConfiguration.builder().filter(searchFilter).formValues(formValues).contexts(Collections.singletonList(contextParam)).ldapProfile(ldapProfile).build();
            userIdentity = userSearchEngine.performSingleUserSearch(searchConfiguration, pwmRequest.getSessionLabel());
        }
        if (userIdentity == null) {
            throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_CANT_MATCH_USER));
        }
        AuthenticationUtility.checkIfUserEligibleToAuthentication(pwmApplication, userIdentity);
        final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean(pwmRequest);
        ForgottenPasswordUtil.initForgottenPasswordBean(pwmRequest, userIdentity, forgottenPasswordBean);
        // clear intruder search values
        pwmApplication.getIntruderManager().convenience().clearAttributes(formValues);
        return ProcessStatus.Continue;
    } catch (PwmOperationalException e) {
        if (e.getError() != PwmError.ERROR_CANT_MATCH_USER || !bogusUserModeEnabled) {
            final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_RESPONSES_NORESPONSES, e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues());
            pwmApplication.getStatisticsManager().incrementValue(Statistic.RECOVERY_FAILURES);
            pwmApplication.getIntruderManager().convenience().markAddressAndSession(pwmSession);
            pwmApplication.getIntruderManager().convenience().markAttributes(formValues, pwmSession);
            LOGGER.debug(pwmSession, errorInfo.toDebugStr());
            setLastError(pwmRequest, errorInfo);
            return ProcessStatus.Continue;
        }
    }
    if (bogusUserModeEnabled) {
        ForgottenPasswordUtil.initBogusForgottenPasswordBean(pwmRequest);
        forgottenPasswordBean(pwmRequest).setUserSearchValues(FormUtility.asStringMap(formValues));
    }
    return ProcessStatus.Continue;
}
Also used : Locale(java.util.Locale) PwmApplication(password.pwm.PwmApplication) UserIdentity(password.pwm.bean.UserIdentity) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) LinkedHashMap(java.util.LinkedHashMap) PwmOperationalException(password.pwm.error.PwmOperationalException) ErrorInformation(password.pwm.error.ErrorInformation) FormConfiguration(password.pwm.config.value.data.FormConfiguration) PwmSession(password.pwm.http.PwmSession) ForgottenPasswordBean(password.pwm.http.bean.ForgottenPasswordBean)

Example 13 with SearchConfiguration

use of password.pwm.ldap.search.SearchConfiguration in project pwm by pwm-project.

the class NewUserUtils method testIfEntryNameExists.

private static boolean testIfEntryNameExists(final PwmRequest pwmRequest, final String rdnValue) throws PwmUnrecoverableException, ChaiUnavailableException {
    final UserSearchEngine userSearchEngine = pwmRequest.getPwmApplication().getUserSearchEngine();
    final SearchConfiguration searchConfiguration = SearchConfiguration.builder().username(rdnValue).build();
    try {
        final Map<UserIdentity, Map<String, String>> results = userSearchEngine.performMultiUserSearch(searchConfiguration, 2, Collections.emptyList(), pwmRequest.getSessionLabel());
        return results != null && !results.isEmpty();
    } catch (PwmOperationalException e) {
        final String msg = "ldap error while searching for duplicate entry names: " + e.getMessage();
        NewUserUtils.LOGGER.error(pwmRequest, msg);
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_NEW_USER_FAILURE, msg));
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) UserSearchEngine(password.pwm.ldap.search.UserSearchEngine) UserIdentity(password.pwm.bean.UserIdentity) SearchConfiguration(password.pwm.ldap.search.SearchConfiguration) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) Map(java.util.Map) LinkedHashMap(java.util.LinkedHashMap) PwmOperationalException(password.pwm.error.PwmOperationalException)

Aggregations

UserIdentity (password.pwm.bean.UserIdentity)13 SearchConfiguration (password.pwm.ldap.search.SearchConfiguration)13 UserSearchEngine (password.pwm.ldap.search.UserSearchEngine)13 ErrorInformation (password.pwm.error.ErrorInformation)10 PwmOperationalException (password.pwm.error.PwmOperationalException)10 Map (java.util.Map)8 FormConfiguration (password.pwm.config.value.data.FormConfiguration)7 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)7 HashMap (java.util.HashMap)5 PwmApplication (password.pwm.PwmApplication)5 LinkedHashMap (java.util.LinkedHashMap)4 PwmSession (password.pwm.http.PwmSession)4 Locale (java.util.Locale)3 TreeMap (java.util.TreeMap)3 UserInfo (password.pwm.ldap.UserInfo)3 ChaiUser (com.novell.ldapchai.ChaiUser)2 SearchHelper (com.novell.ldapchai.util.SearchHelper)2 Instant (java.time.Instant)2 ArrayList (java.util.ArrayList)2 LocalSessionStateBean (password.pwm.bean.LocalSessionStateBean)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial