private PasswordData learnUserPassword()
throws ChaiUnavailableException, PwmUnrecoverableException {
log(PwmLogLevel.TRACE, "beginning auth processes for user with unknown password");
if (userIdentity == null
|| userIdentity.getUserDN() == null
|| userIdentity.getUserDN().length() < 1) {
throw new NullPointerException("invalid user (null)");
}
final ChaiProvider chaiProvider =
pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
final ChaiUser chaiUser = ChaiFactory.createChaiUser(userIdentity.getUserDN(), chaiProvider);
// use chai (nmas) to retrieve user password
if (pwmApplication.getConfig().readSettingAsBoolean(PwmSetting.EDIRECTORY_READ_USER_PWD)) {
String currentPass = null;
try {
final String readPassword = chaiUser.readPassword();
if (readPassword != null && readPassword.length() > 0) {
currentPass = readPassword;
log(
PwmLogLevel.DEBUG,
"successfully retrieved user's current password from ldap, now conducting standard authentication");
}
} catch (Exception e) {
log(PwmLogLevel.ERROR, "unable to retrieve user password from ldap: " + e.getMessage());
}
// actually do the authentication since we have user pw.
if (currentPass != null && currentPass.length() > 0) {
return new PasswordData(currentPass);
}
} else {
log(PwmLogLevel.TRACE, "skipping attempt to read user password, option disabled");
}
return null;
}
