Search in sources :

Example 6 with PasswordData

use of password.pwm.util.PasswordData in project pwm by pwm-project.

the class LDAPAuthenticationRequest method makeProxyProvider.

private ChaiProvider makeProxyProvider() throws ChaiUnavailableException, PwmUnrecoverableException {
    final LdapProfile profile = pwmApplication.getConfig().getLdapProfiles().get(userIdentity.getLdapProfileID());
    final String proxyDN = profile.readSettingAsString(PwmSetting.LDAP_PROXY_USER_DN);
    final PasswordData proxyPassword = profile.readSettingAsPassword(PwmSetting.LDAP_PROXY_USER_PASSWORD);
    return LdapOperationsHelper.createChaiProvider(pwmApplication, sessionLabel, profile, pwmApplication.getConfig(), proxyDN, proxyPassword);
}
Also used : PasswordData(password.pwm.util.PasswordData) LdapProfile(password.pwm.config.profile.LdapProfile)

Example 7 with PasswordData

use of password.pwm.util.PasswordData in project pwm by pwm-project.

the class LDAPAuthenticationRequest method setTempUserPassword.

private PasswordData setTempUserPassword() throws ChaiUnavailableException, ImpossiblePasswordPolicyException, PwmUnrecoverableException {
    final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
    final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
    final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser(userIdentity.getUserDN());
    // try setting a random password on the account to authenticate.
    if (!configAlwaysUseProxy && requestedAuthType == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
        log(PwmLogLevel.DEBUG, "attempting to set temporary random password");
        final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(pwmApplication, sessionLabel, userIdentity, chaiUser, PwmConstants.DEFAULT_LOCALE);
        // create random password for user
        final RandomPasswordGenerator.RandomGeneratorConfig randomGeneratorConfig = RandomPasswordGenerator.RandomGeneratorConfig.builder().seedlistPhrases(RandomPasswordGenerator.DEFAULT_SEED_PHRASES).passwordPolicy(passwordPolicy).build();
        final PasswordData currentPass = RandomPasswordGenerator.createRandomPassword(sessionLabel, randomGeneratorConfig, pwmApplication);
        try {
            final String oracleDSPrePasswordAllowChangeTime = oraclePreTemporaryPwHandler(chaiProvider, chaiUser);
            // write the random password for the user.
            chaiUser.setPassword(currentPass.getStringValue());
            oraclePostTemporaryPwHandler(chaiProvider, chaiUser, oracleDSPrePasswordAllowChangeTime);
            log(PwmLogLevel.INFO, "user " + userIdentity + " password has been set to random value to use for user authentication");
        } catch (ChaiOperationException e) {
            final String errorStr = "error setting random password for user " + userIdentity + " " + e.getMessage();
            log(PwmLogLevel.ERROR, errorStr);
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
        }
        return currentPass;
    }
    return null;
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) ChaiProvider(com.novell.ldapchai.provider.ChaiProvider) ChaiUser(com.novell.ldapchai.ChaiUser) PasswordData(password.pwm.util.PasswordData) PwmPasswordPolicy(password.pwm.config.profile.PwmPasswordPolicy) RandomPasswordGenerator(password.pwm.util.RandomPasswordGenerator) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) ChaiOperationException(com.novell.ldapchai.exception.ChaiOperationException)

Example 8 with PasswordData

use of password.pwm.util.PasswordData in project pwm by pwm-project.

the class LDAPAuthenticationRequest method authUsingUnknownPw.

@Override
public AuthenticationResult authUsingUnknownPw() throws ChaiUnavailableException, PwmUnrecoverableException {
    initialize();
    log(PwmLogLevel.TRACE, "beginning authentication using unknown password procedure");
    PasswordData userPassword = null;
    final boolean configAlwaysUseProxy = pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.AD_USE_PROXY_FOR_FORGOTTEN);
    if (configAlwaysUseProxy) {
        strategy = AuthenticationStrategy.ADMIN_PROXY;
    } else {
        userPassword = learnUserPassword();
        if (userPassword != null) {
            strategy = AuthenticationStrategy.READ_THEN_BIND;
        } else {
            userPassword = setTempUserPassword();
            if (userPassword != null) {
                strategy = AuthenticationStrategy.WRITE_THEN_BIND;
            }
        }
        if (userPassword == null) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "no available unknown-pw authentication method"));
        }
    }
    try {
        return authenticateUserImpl(userPassword);
    } catch (PwmOperationalException e) {
        if (strategy == AuthenticationStrategy.READ_THEN_BIND) {
            final String errorStr = "unable to authenticate with password read from directory, check proxy rights, ldap logs; error: " + e.getMessage();
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
        } else if (strategy == AuthenticationStrategy.WRITE_THEN_BIND) {
            final String errorStr = "unable to authenticate with temporary password, check proxy rights, ldap logs; error: " + e.getMessage();
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_BAD_SESSION_PASSWORD, errorStr));
        }
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "unable to authenticate via authWithUnknownPw method: " + e.getMessage()));
    }
}
Also used : ErrorInformation(password.pwm.error.ErrorInformation) PasswordData(password.pwm.util.PasswordData) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmOperationalException(password.pwm.error.PwmOperationalException)

Example 9 with PasswordData

use of password.pwm.util.PasswordData in project pwm by pwm-project.

the class SmsQueueManager method smsIsConfigured.

public static boolean smsIsConfigured(final Configuration config) {
    final String gatewayUrl = config.readSettingAsString(PwmSetting.SMS_GATEWAY_URL);
    final String gatewayUser = config.readSettingAsString(PwmSetting.SMS_GATEWAY_USER);
    final PasswordData gatewayPass = config.readSettingAsPassword(PwmSetting.SMS_GATEWAY_PASSWORD);
    if (gatewayUrl == null || gatewayUrl.length() < 1) {
        LOGGER.debug("SMS gateway url is not configured");
        return false;
    }
    if (gatewayUser != null && gatewayUser.length() > 0 && (gatewayPass == null)) {
        LOGGER.debug("SMS gateway user configured, but no password provided");
        return false;
    }
    return true;
}
Also used : PasswordData(password.pwm.util.PasswordData)

Example 10 with PasswordData

use of password.pwm.util.PasswordData in project pwm by pwm-project.

the class LoginInfoBean method toDebugString.

public String toDebugString() throws PwmUnrecoverableException {
    final LoginInfoBean debugLoginCookieBean = JsonUtil.cloneUsingJson(this, LoginInfoBean.class);
    debugLoginCookieBean.setUserCurrentPassword(new PasswordData(PwmConstants.LOG_REMOVED_VALUE_REPLACEMENT));
    return JsonUtil.serialize(debugLoginCookieBean);
}
Also used : PasswordData(password.pwm.util.PasswordData)

Aggregations

PasswordData (password.pwm.util.PasswordData)44 ErrorInformation (password.pwm.error.ErrorInformation)20 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)17 PwmOperationalException (password.pwm.error.PwmOperationalException)12 ChaiUser (com.novell.ldapchai.ChaiUser)10 UserInfo (password.pwm.ldap.UserInfo)10 ChaiProvider (com.novell.ldapchai.provider.ChaiProvider)8 ArrayList (java.util.ArrayList)8 UserIdentity (password.pwm.bean.UserIdentity)7 PwmException (password.pwm.error.PwmException)7 PwmPasswordPolicy (password.pwm.config.profile.PwmPasswordPolicy)6 ChaiOperationException (com.novell.ldapchai.exception.ChaiOperationException)5 LinkedHashMap (java.util.LinkedHashMap)5 ChaiException (com.novell.ldapchai.exception.ChaiException)4 ChaiUnavailableException (com.novell.ldapchai.exception.ChaiUnavailableException)4 Locale (java.util.Locale)4 Map (java.util.Map)4 FormConfiguration (password.pwm.config.value.data.FormConfiguration)4 RandomPasswordGenerator (password.pwm.util.RandomPasswordGenerator)4 PwmSecurityKey (password.pwm.util.secure.PwmSecurityKey)4