use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class ChangePasswordServlet method processRandomPasswordAction.
@ActionHandler(action = "randomPassword")
private ProcessStatus processRandomPasswordAction(final PwmRequest pwmRequest) throws IOException, PwmUnrecoverableException, ChaiUnavailableException {
final PasswordData passwordData = RandomPasswordGenerator.createRandomPassword(pwmRequest.getPwmSession(), pwmRequest.getPwmApplication());
final RestRandomPasswordServer.JsonOutput jsonOutput = new RestRandomPasswordServer.JsonOutput();
jsonOutput.setPassword(passwordData.getStringValue());
final RestResultBean restResultBean = RestResultBean.withData(jsonOutput);
pwmRequest.outputJsonResult(restResultBean);
return ProcessStatus.Halt;
}
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class ChangePasswordServlet method processChangeAction.
@ActionHandler(action = "change")
ProcessStatus processChangeAction(final PwmRequest pwmRequest) throws ServletException, PwmUnrecoverableException, IOException, ChaiUnavailableException {
final ChangePasswordBean changePasswordBean = pwmRequest.getPwmApplication().getSessionStateService().getBean(pwmRequest, ChangePasswordBean.class);
final UserInfo userInfo = pwmRequest.getPwmSession().getUserInfo();
if (!changePasswordBean.isAllChecksPassed()) {
return ProcessStatus.Continue;
}
final PasswordData password1 = pwmRequest.readParameterAsPassword("password1");
final PasswordData password2 = pwmRequest.readParameterAsPassword("password2");
// check the password meets the requirements
try {
final ChaiUser theUser = pwmRequest.getPwmSession().getSessionManager().getActor(pwmRequest.getPwmApplication());
final PwmPasswordRuleValidator pwmPasswordRuleValidator = new PwmPasswordRuleValidator(pwmRequest.getPwmApplication(), userInfo.getPasswordPolicy());
final PasswordData oldPassword = pwmRequest.getPwmSession().getLoginInfoBean().getUserCurrentPassword();
pwmPasswordRuleValidator.testPassword(password1, oldPassword, userInfo, theUser);
} catch (PwmDataValidationException e) {
setLastError(pwmRequest, e.getErrorInformation());
LOGGER.debug(pwmRequest, "failed password validation check: " + e.getErrorInformation().toDebugStr());
return ProcessStatus.Continue;
}
// make sure the two passwords match
final boolean caseSensitive = userInfo.getPasswordPolicy().getRuleHelper().readBooleanValue(PwmPasswordRule.CaseSensitive);
if (PasswordUtility.PasswordCheckInfo.MatchStatus.MATCH != PasswordUtility.figureMatchStatus(caseSensitive, password1, password2)) {
setLastError(pwmRequest, PwmError.PASSWORD_DOESNOTMATCH.toInfo());
forwardToChangePage(pwmRequest);
return ProcessStatus.Continue;
}
try {
ChangePasswordServletUtil.executeChangePassword(pwmRequest, password1);
} catch (PwmOperationalException e) {
LOGGER.debug(e.getErrorInformation().toDebugStr());
setLastError(pwmRequest, e.getErrorInformation());
}
return ProcessStatus.Continue;
}
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class ChangePasswordServletUtil method determineIfCurrentPasswordRequired.
static boolean determineIfCurrentPasswordRequired(final PwmApplication pwmApplication, final PwmSession pwmSession) throws PwmUnrecoverableException {
final RequireCurrentPasswordMode currentSetting = pwmApplication.getConfig().readSettingAsEnum(PwmSetting.PASSWORD_REQUIRE_CURRENT, RequireCurrentPasswordMode.class);
if (currentSetting == RequireCurrentPasswordMode.FALSE) {
return false;
}
if (pwmSession.getLoginInfoBean().getType() == AuthenticationType.AUTH_FROM_PUBLIC_MODULE) {
LOGGER.debug(pwmSession, "skipping user current password requirement, authentication type is " + AuthenticationType.AUTH_FROM_PUBLIC_MODULE);
return false;
}
{
final PasswordData currentPassword = pwmSession.getLoginInfoBean().getUserCurrentPassword();
if (currentPassword == null) {
LOGGER.debug(pwmSession, "skipping user current password requirement, current password is not known to application");
return false;
}
}
if (currentSetting == RequireCurrentPasswordMode.TRUE) {
return true;
}
final PasswordStatus passwordStatus = pwmSession.getUserInfo().getPasswordStatus();
return currentSetting == RequireCurrentPasswordMode.NOTEXPIRED && !passwordStatus.isExpired() && !passwordStatus.isPreExpired() && !passwordStatus.isViolatesPolicy() && !pwmSession.getUserInfo().isRequiresNewPassword();
}
use of password.pwm.util.PasswordData in project pwm by pwm-project.
the class ConfigEditorServlet method doUploadFile.
@ActionHandler(action = "uploadFile")
private ProcessStatus doUploadFile(final PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException {
final ConfigManagerBean configManagerBean = getBean(pwmRequest);
final String key = pwmRequest.readParameterAsString("key");
final PwmSetting setting = PwmSetting.forKey(key);
final int maxFileSize = Integer.parseInt(pwmRequest.getConfig().readAppProperty(AppProperty.CONFIG_MAX_JDBC_JAR_SIZE));
if (setting == PwmSetting.HTTPS_CERT) {
try {
final PasswordData passwordData = pwmRequest.readParameterAsPassword("password");
final String alias = pwmRequest.readParameterAsString("alias");
final HttpsServerCertificateManager.KeyStoreFormat keyStoreFormat;
try {
keyStoreFormat = HttpsServerCertificateManager.KeyStoreFormat.valueOf(pwmRequest.readParameterAsString("format"));
} catch (IllegalArgumentException e) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, "unknown format type: " + e.getMessage(), new String[] { "format" }));
}
final Map<String, PwmRequest.FileUploadItem> fileUploads = pwmRequest.readFileUploads(maxFileSize, 1);
final ByteArrayInputStream fileIs = new ByteArrayInputStream(fileUploads.get(PwmConstants.PARAM_FILE_UPLOAD).getContent().getBytes());
HttpsServerCertificateManager.importKey(configManagerBean.getStoredConfiguration(), keyStoreFormat, fileIs, passwordData, alias);
pwmRequest.outputJsonResult(RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown));
return ProcessStatus.Halt;
} catch (PwmException e) {
LOGGER.error(pwmRequest, "error during https certificate upload: " + e.getMessage());
pwmRequest.respondWithError(e.getErrorInformation(), false);
return ProcessStatus.Halt;
}
}
final FileValue fileValue = ConfigEditorServletUtils.readFileUploadToSettingValue(pwmRequest, maxFileSize);
if (fileValue != null) {
final UserIdentity userIdentity = pwmRequest.isAuthenticated() ? pwmRequest.getPwmSession().getUserInfo().getUserIdentity() : null;
configManagerBean.getStoredConfiguration().writeSetting(setting, fileValue, userIdentity);
pwmRequest.outputJsonResult(RestResultBean.forSuccessMessage(pwmRequest, Message.Success_Unknown));
}
return ProcessStatus.Halt;
}
Aggregations