Example #1
0
  private static void invokePostChangePasswordActions(
      final PwmSession pwmSession, final String newPassword) throws PwmUnrecoverableException {
    final List<PostChangePasswordAction> postChangePasswordActions =
        pwmSession.getUserSessionDataCacheBean().removePostChangePasswordActions();
    if (postChangePasswordActions == null || postChangePasswordActions.isEmpty()) {
      LOGGER.trace(pwmSession, "no post change password actions pending from previous operations");
      return;
    }

    for (final PostChangePasswordAction postChangePasswordAction : postChangePasswordActions) {
      try {
        postChangePasswordAction.doAction(pwmSession, newPassword);
      } catch (PwmUnrecoverableException e) {
        LOGGER.error(
            pwmSession,
            "error during post change password action '"
                + postChangePasswordAction.getLabel()
                + "' "
                + e.getMessage());
        throw e;
      } catch (Exception e) {
        LOGGER.error(
            pwmSession,
            "unexpected error during post change password action '"
                + postChangePasswordAction.getLabel()
                + "' "
                + e.getMessage(),
            e);
        final ErrorInformation errorInfo =
            new ErrorInformation(PwmError.ERROR_UNKNOWN, e.getMessage());
        throw new PwmUnrecoverableException(errorInfo);
      }
    }
  }
Example #2
0
  protected static PwmPasswordPolicy determineConfiguredPolicyProfileForUser(
      final PwmApplication pwmApplication,
      final SessionLabel pwmSession,
      final UserIdentity userIdentity,
      final Locale locale)
      throws PwmUnrecoverableException {
    final List<String> profiles = pwmApplication.getConfig().getPasswordProfileIDs();
    if (profiles.isEmpty()) {
      throw new PwmUnrecoverableException(
          new ErrorInformation(
              PwmError.ERROR_NO_PROFILE_ASSIGNED, "no password profiles are configured"));
    }

    for (final String profile : profiles) {
      final PwmPasswordPolicy loopPolicy =
          pwmApplication.getConfig().getPasswordPolicy(profile, locale);
      final List<UserPermission> userPermissions = loopPolicy.getUserPermissions();
      LOGGER.debug(pwmSession, "testing password policy profile '" + profile + "'");
      try {
        boolean match =
            LdapPermissionTester.testUserPermissions(
                pwmApplication, pwmSession, userIdentity, userPermissions);
        if (match) {
          return loopPolicy;
        }
      } catch (PwmUnrecoverableException e) {
        LOGGER.error(
            pwmSession,
            "unexpected error while testing password policy profile '"
                + profile
                + "', error: "
                + e.getMessage());
      }
    }

    throw new PwmUnrecoverableException(
        new ErrorInformation(
            PwmError.ERROR_NO_PROFILE_ASSIGNED, "no challenge profile is configured"));
  }