private void initTempData() throws LocalDBException, PwmUnrecoverableException {
final String cleanFlag =
pwmApplication.readAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG);
if (!"true".equals(cleanFlag)) {
LOGGER.error(PwmConstants.REPORTING_SESSION_LABEL, "did not shut down cleanly");
reportStatus = new ReportStatusInfo(settings.getSettingsHash());
reportStatus.setTotal(userCacheService.size());
} else {
try {
final String jsonInfo =
pwmApplication.readAppAttribute(PwmApplication.AppAttribute.REPORT_STATUS);
if (jsonInfo != null && !jsonInfo.isEmpty()) {
reportStatus = JsonUtil.deserialize(jsonInfo, ReportStatusInfo.class);
}
} catch (Exception e) {
LOGGER.error(
PwmConstants.REPORTING_SESSION_LABEL,
"error loading cached report status info into memory: " + e.getMessage());
}
}
reportStatus =
reportStatus == null
? new ReportStatusInfo(settings.getSettingsHash())
: reportStatus; // safety
final String currentSettingCache = settings.getSettingsHash();
if (reportStatus.getSettingsHash() != null
&& !reportStatus.getSettingsHash().equals(currentSettingCache)) {
LOGGER.error(
PwmConstants.REPORTING_SESSION_LABEL,
"configuration has changed, will clear cached report data");
clear();
}
reportStatus.setInProgress(false);
pwmApplication.writeAppAttribute(PwmApplication.AppAttribute.REPORT_CLEAN_FLAG, "false");
}
public static PasswordCheckInfo checkEnteredPassword(
final PwmApplication pwmApplication,
final Locale locale,
final ChaiUser user,
final UserInfoBean userInfoBean,
final LoginInfoBean loginInfoBean,
final PasswordData password,
final PasswordData confirmPassword)
throws PwmUnrecoverableException, ChaiUnavailableException {
if (userInfoBean == null) {
throw new NullPointerException("userInfoBean cannot be null");
}
boolean pass = false;
String userMessage = "";
int errorCode = 0;
final boolean passwordIsCaseSensitive =
userInfoBean.getPasswordPolicy() == null
|| userInfoBean
.getPasswordPolicy()
.getRuleHelper()
.readBooleanValue(PwmPasswordRule.CaseSensitive);
final CachePolicy cachePolicy;
{
final long cacheLifetimeMS =
Long.parseLong(
pwmApplication
.getConfig()
.readAppProperty(AppProperty.CACHE_PWRULECHECK_LIFETIME_MS));
cachePolicy = CachePolicy.makePolicyWithExpirationMS(cacheLifetimeMS);
}
if (password == null) {
userMessage =
new ErrorInformation(PwmError.PASSWORD_MISSING)
.toUserStr(locale, pwmApplication.getConfig());
} else {
final CacheService cacheService = pwmApplication.getCacheService();
final CacheKey cacheKey =
user != null && userInfoBean.getUserIdentity() != null
? CacheKey.makeCacheKey(
PasswordUtility.class,
userInfoBean.getUserIdentity(),
user.getEntryDN() + ":" + password.hash())
: null;
if (pwmApplication.getConfig().isDevDebugMode()) {
LOGGER.trace("generated cacheKey for password check request: " + cacheKey);
}
try {
if (cacheService != null && cacheKey != null) {
final String cachedValue = cacheService.get(cacheKey);
if (cachedValue != null) {
if (NEGATIVE_CACHE_HIT.equals(cachedValue)) {
pass = true;
} else {
LOGGER.trace("cache hit!");
final ErrorInformation errorInformation =
JsonUtil.deserialize(cachedValue, ErrorInformation.class);
throw new PwmDataValidationException(errorInformation);
}
}
}
if (!pass) {
final PwmPasswordRuleValidator pwmPasswordRuleValidator =
new PwmPasswordRuleValidator(
pwmApplication, userInfoBean.getPasswordPolicy(), locale);
final PasswordData oldPassword =
loginInfoBean == null ? null : loginInfoBean.getUserCurrentPassword();
pwmPasswordRuleValidator.testPassword(password, oldPassword, userInfoBean, user);
pass = true;
if (cacheService != null && cacheKey != null) {
cacheService.put(cacheKey, cachePolicy, NEGATIVE_CACHE_HIT);
}
}
} catch (PwmDataValidationException e) {
errorCode = e.getError().getErrorCode();
userMessage = e.getErrorInformation().toUserStr(locale, pwmApplication.getConfig());
pass = false;
if (cacheService != null && cacheKey != null) {
final String jsonPayload = JsonUtil.serialize(e.getErrorInformation());
cacheService.put(cacheKey, cachePolicy, jsonPayload);
}
}
}
final PasswordCheckInfo.MATCH_STATUS matchStatus =
figureMatchStatus(passwordIsCaseSensitive, password, confirmPassword);
if (pass) {
switch (matchStatus) {
case EMPTY:
userMessage =
new ErrorInformation(PwmError.PASSWORD_MISSING_CONFIRM)
.toUserStr(locale, pwmApplication.getConfig());
break;
case MATCH:
userMessage =
new ErrorInformation(PwmError.PASSWORD_MEETS_RULES)
.toUserStr(locale, pwmApplication.getConfig());
break;
case NO_MATCH:
userMessage =
new ErrorInformation(PwmError.PASSWORD_DOESNOTMATCH)
.toUserStr(locale, pwmApplication.getConfig());
break;
default:
userMessage = "";
}
}
final int strength = judgePasswordStrength(password == null ? null : password.getStringValue());
return new PasswordCheckInfo(userMessage, pass, strength, matchStatus, errorCode);
}