use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LDAPAuthenticationRequest method makeProxyProvider.
private ChaiProvider makeProxyProvider() throws ChaiUnavailableException, PwmUnrecoverableException {
final LdapProfile profile = pwmApplication.getConfig().getLdapProfiles().get(userIdentity.getLdapProfileID());
final String proxyDN = profile.readSettingAsString(PwmSetting.LDAP_PROXY_USER_DN);
final PasswordData proxyPassword = profile.readSettingAsPassword(PwmSetting.LDAP_PROXY_USER_PASSWORD);
return LdapOperationsHelper.createChaiProvider(pwmApplication, sessionLabel, profile, pwmApplication.getConfig(), proxyDN, proxyPassword);
}
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LDAPAuthenticationRequest method setTempUserPassword.
private PasswordData setTempUserPassword() throws ChaiUnavailableException, ImpossiblePasswordPolicyException, PwmUnrecoverableException {
final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser(userIdentity.getUserDN());
// try setting a random password on the account to authenticate.
if (!configAlwaysUseProxy && requestedAuthType == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
log(PwmLogLevel.DEBUG, "attempting to set temporary random password");
final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, sessionLabel, userIdentity, chaiUser, PwmConstants.DEFAULT_LOCALE);
// create random password for user
final RandomPasswordGenerator.RandomGeneratorConfig randomGeneratorConfig = RandomPasswordGenerator.RandomGeneratorConfig.builder().seedlistPhrases(RandomPasswordGenerator.DEFAULT_SEED_PHRASES).passwordPolicy(passwordPolicy).build();
final PasswordData currentPass = RandomPasswordGenerator.createRandomPassword(sessionLabel, randomGeneratorConfig, pwmApplication);
try {
final String oracleDSPrePasswordAllowChangeTime = oraclePreTemporaryPwHandler(chaiProvider, chaiUser);
// write the random password for the user.
chaiUser.setPassword(currentPass.getStringValue());
oraclePostTemporaryPwHandler(chaiProvider, chaiUser, oracleDSPrePasswordAllowChangeTime);
log(PwmLogLevel.INFO, "user " + userIdentity + " password has been set to random value to use for user authentication");
} catch (ChaiOperationException e) {
final String errorStr = "error setting random password for user " + userIdentity + " " + e.getMessage();
log(PwmLogLevel.ERROR, errorStr);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
}
return currentPass;
}
return null;
}
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LDAPAuthenticationRequest method authUsingUnknownPw.
@Override
public AuthenticationResult authUsingUnknownPw() throws ChaiUnavailableException, PwmUnrecoverableException {
initialize();
log(PwmLogLevel.TRACE, "beginning authentication using unknown password procedure");
PasswordData userPassword = null;
final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
if (configAlwaysUseProxy) {
strategy = AuthenticationStrategy.ADMIN_PROXY;
} else {
userPassword = learnUserPassword();
if (userPassword != null) {
strategy = AuthenticationStrategy.READ_THEN_BIND;
} else {
userPassword = setTempUserPassword();
if (userPassword != null) {
strategy = AuthenticationStrategy.WRITE_THEN_BIND;
}
}
if (userPassword == null) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "no available unknown-pw authentication method"));
}
}
try {
return authenticateUserImpl(userPassword);
} catch (PwmOperationalException e) {
if (strategy == AuthenticationStrategy.READ_THEN_BIND) {
final String errorStr = "unable to authenticate with password read from directory, check proxy rights, ldap logs; error: " + e.getMessage();
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
} else if (strategy == AuthenticationStrategy.WRITE_THEN_BIND) {
final String errorStr = "unable to authenticate with temporary password, check proxy rights, ldap logs; error: " + e.getMessage();
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
}
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "unable to authenticate via authWithUnknownPw method: " + e.getMessage()));
}
}
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class SmsQueueManager method smsIsConfigured.
public static boolean smsIsConfigured(final Configuration config) {
final String gatewayUrl = config.readSettingAsString(PwmSetting.SMS_GATEWAY_URL);
final String gatewayUser = config.readSettingAsString(PwmSetting.SMS_GATEWAY_USER);
final PasswordData gatewayPass = config.readSettingAsPassword(PwmSetting.SMS_GATEWAY_PASSWORD);
if (gatewayUrl == null || gatewayUrl.length() < 1) {
LOGGER.debug("SMS gateway url is not configured");
return false;
}
if (gatewayUser != null && gatewayUser.length() > 0 && (gatewayPass == null)) {
LOGGER.debug("SMS gateway user configured, but no password provided");
return false;
}
return true;
}
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class LoginInfoBean method toDebugString.
public String toDebugString() throws PwmUnrecoverableException {
final LoginInfoBean debugLoginCookieBean = JsonUtil.cloneUsingJson(this, LoginInfoBean.class);
debugLoginCookieBean.setUserCurrentPassword(new PasswordData(PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT));
return JsonUtil.serialize(debugLoginCookieBean);
}
Aggregations