Example 6 with PasswordData
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LDAPAuthenticationRequest method makeProxyProvider.
private ChaiProvider makeProxyProvider() throws ChaiUnavailableException, PwmUnrecoverableException {
final LdapProfile profile = pwmApplication.getConfig().getLdapProfiles().get(userIdentity.getLdapProfileID());
final String proxyDN = profile.readSettingAsString(PwmSetting.LDAP_PROXY_USER_DN);
final PasswordData proxyPassword = profile.readSettingAsPassword(PwmSetting.LDAP_PROXY_USER_PASSWORD);
return LdapOperationsHelper.createChaiProvider(pwmApplication, sessionLabel, profile, pwmApplication.getConfig(), proxyDN, proxyPassword);
}
Also used :
PasswordData(password.pwm.util.PasswordData)
LdapProfile(password.pwm.config.profile.LdapProfile)
Example 7 with PasswordData
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LDAPAuthenticationRequest method setTempUserPassword.
private PasswordData setTempUserPassword() throws ChaiUnavailableException, ImpossiblePasswordPolicyException, PwmUnrecoverableException {
final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser(userIdentity.getUserDN());
// try setting a random password on the account to authenticate.
if (!configAlwaysUseProxy && requestedAuthType == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
log(PwmLogLevel.DEBUG, "attempting to set temporary random password");
final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, sessionLabel, userIdentity, chaiUser, PwmConstants.DEFAULT_LOCALE);
// create random password for user
final RandomPasswordGenerator.RandomGeneratorConfig randomGeneratorConfig = RandomPasswordGenerator.RandomGeneratorConfig.builder().seedlistPhrases(RandomPasswordGenerator.DEFAULT_SEED_PHRASES).passwordPolicy(passwordPolicy).build();
final PasswordData currentPass = RandomPasswordGenerator.createRandomPassword(sessionLabel, randomGeneratorConfig, pwmApplication);
try {
final String oracleDSPrePasswordAllowChangeTime = oraclePreTemporaryPwHandler(chaiProvider, chaiUser);
// write the random password for the user.
chaiUser.setPassword(currentPass.getStringValue());
oraclePostTemporaryPwHandler(chaiProvider, chaiUser, oracleDSPrePasswordAllowChangeTime);
log(PwmLogLevel.INFO, "user " + userIdentity + " password has been set to random value to use for user authentication");
} catch (ChaiOperationException e) {
final String errorStr = "error setting random password for user " + userIdentity + " " + e.getMessage();
log(PwmLogLevel.ERROR, errorStr);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
}
return currentPass;
}
return null;
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
ChaiProvider(com.novell.ldapchai.provider.ChaiProvider)
ChaiUser(com.novell.ldapchai.ChaiUser)
PasswordData(password.pwm.util.PasswordData)
PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy)
RandomPasswordGenerator(password.pwm.util.RandomPasswordGenerator)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)
Example 8 with PasswordData
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LDAPAuthenticationRequest method authUsingUnknownPw.
@Override
public AuthenticationResult authUsingUnknownPw() throws ChaiUnavailableException, PwmUnrecoverableException {
initialize();
log(PwmLogLevel.TRACE, "beginning authentication using unknown password procedure");
PasswordData userPassword = null;
final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
if (configAlwaysUseProxy) {
strategy = AuthenticationStrategy.ADMIN_PROXY;
} else {
userPassword = learnUserPassword();
if (userPassword != null) {
strategy = AuthenticationStrategy.READ_THEN_BIND;
} else {
userPassword = setTempUserPassword();
if (userPassword != null) {
strategy = AuthenticationStrategy.WRITE_THEN_BIND;
}
}
if (userPassword == null) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "no available unknown-pw authentication method"));
}
}
try {
return authenticateUserImpl(userPassword);
} catch (PwmOperationalException e) {
if (strategy == AuthenticationStrategy.READ_THEN_BIND) {
final String errorStr = "unable to authenticate with password read from directory, check proxy rights, ldap logs; error: " + e.getMessage();
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
} else if (strategy == AuthenticationStrategy.WRITE_THEN_BIND) {
final String errorStr = "unable to authenticate with temporary password, check proxy rights, ldap logs; error: " + e.getMessage();
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
}
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "unable to authenticate via authWithUnknownPw method: " + e.getMessage()));
}
}
Also used :
ErrorInformation(password.pwm.error.ErrorInformation)
PasswordData(password.pwm.util.PasswordData)
PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException)
PwmOperationalException(password.pwm.error.PwmOperationalException)
Example 9 with PasswordData
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class SmsQueueManager method smsIsConfigured.
public static boolean smsIsConfigured(final Configuration config) {
final String gatewayUrl = config.readSettingAsString(PwmSetting.SMS_GATEWAY_URL);
final String gatewayUser = config.readSettingAsString(PwmSetting.SMS_GATEWAY_USER);
final PasswordData gatewayPass = config.readSettingAsPassword(PwmSetting.SMS_GATEWAY_PASSWORD);
if (gatewayUrl == null || gatewayUrl.length() < 1) {
LOGGER.debug("SMS gateway url is not configured");
return false;
}
if (gatewayUser != null && gatewayUser.length() > 0 && (gatewayPass == null)) {
LOGGER.debug("SMS gateway user configured, but no password provided");
return false;
}
return true;
}
Also used :
PasswordData(password.pwm.util.PasswordData)
Example 10 with PasswordData
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LoginInfoBean method toDebugString.
public String toDebugString() throws PwmUnrecoverableException {
final LoginInfoBean debugLoginCookieBean = JsonUtil.cloneUsingJson(this, LoginInfoBean.class);
debugLoginCookieBean.setUserCurrentPassword(new PasswordData(PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT));
return JsonUtil.serialize(debugLoginCookieBean);
}
Also used :
PasswordData(password.pwm.util.PasswordData)
Aggregations
PasswordData (password.pwm.util.PasswordData)44
ErrorInformation (password.pwm.error.ErrorInformation)20
PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)17
PwmOperationalException (password.pwm.error.PwmOperationalException)12
ChaiUser (com.novell.ldapchai.ChaiUser)10
UserInfo (password.pwm.ldap.UserInfo)10
ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)8
ArrayList (java.util.ArrayList)8
UserIdentity (password.pwm.bean.UserIdentity)7
PwmException (password.pwm.error.PwmException)7
PwmPasswordPolicy (password.pwm.config.profile.PwmPasswordPolicy)6
ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)5
LinkedHashMap (java.util.LinkedHashMap)5
ChaiException (com.novell.ldapchai.exception.ChaiException)4
ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)4
Locale (java.util.Locale)4
Map (java.util.Map)4
FormConfiguration (password.pwm.config.value.data.FormConfiguration)4
RandomPasswordGenerator (password.pwm.util.RandomPasswordGenerator)4
PwmSecurityKey (password.pwm.util.secure.PwmSecurityKey)4
