예제 #1
0
  public static PwmPasswordPolicy readLdapPasswordPolicy(
      final PwmApplication pwmApplication, final ChaiUser theUser)
      throws PwmUnrecoverableException {
    try {
      final Map<String, String> ruleMap = new HashMap<>();
      final ChaiPasswordPolicy chaiPolicy;
      try {
        chaiPolicy = theUser.getPasswordPolicy();
      } catch (ChaiUnavailableException e) {
        throw new PwmUnrecoverableException(PwmError.forChaiError(e.getErrorCode()));
      }
      if (chaiPolicy != null) {
        for (final String key : chaiPolicy.getKeys()) {
          ruleMap.put(key, chaiPolicy.getValue(key));
        }

        if (!"read"
            .equals(
                pwmApplication
                    .getConfig()
                    .readSettingAsString(PwmSetting.PASSWORD_POLICY_CASE_SENSITIVITY))) {
          ruleMap.put(
              PwmPasswordRule.CaseSensitive.getKey(),
              pwmApplication
                  .getConfig()
                  .readSettingAsString(PwmSetting.PASSWORD_POLICY_CASE_SENSITIVITY));
        }

        return PwmPasswordPolicy.createPwmPasswordPolicy(ruleMap, chaiPolicy);
      }
    } catch (ChaiOperationException e) {
      LOGGER.warn(
          "error reading password policy for user "
              + theUser.getEntryDN()
              + ", error: "
              + e.getMessage());
    }
    return PwmPasswordPolicy.defaultPolicy();
  }
예제 #2
0
 public static Map<String, Date> readIndividualReplicaLastPasswordTimes(
     final PwmApplication pwmApplication,
     final SessionLabel sessionLabel,
     final UserIdentity userIdentity)
     throws PwmUnrecoverableException {
   final Map<String, Date> returnValue = new LinkedHashMap<>();
   final ChaiProvider chaiProvider =
       pwmApplication.getProxyChaiProvider(userIdentity.getLdapProfileID());
   final Collection<ChaiConfiguration> perReplicaConfigs =
       ChaiUtility.splitConfigurationPerReplica(
           chaiProvider.getChaiConfiguration(),
           Collections.singletonMap(ChaiSetting.FAILOVER_CONNECT_RETRIES, "1"));
   for (final ChaiConfiguration loopConfiguration : perReplicaConfigs) {
     final String loopReplicaUrl = loopConfiguration.getSetting(ChaiSetting.BIND_DN);
     ChaiProvider loopProvider = null;
     try {
       loopProvider = ChaiProviderFactory.createProvider(loopConfiguration);
       final Date lastModifiedDate =
           determinePwdLastModified(pwmApplication, sessionLabel, userIdentity);
       returnValue.put(loopReplicaUrl, lastModifiedDate);
     } catch (ChaiUnavailableException e) {
       LOGGER.error(sessionLabel, "unreachable server during replica password sync check");
       e.printStackTrace();
     } finally {
       if (loopProvider != null) {
         try {
           loopProvider.close();
         } catch (Exception e) {
           final String errorMsg =
               "error closing loopProvider to "
                   + loopReplicaUrl
                   + " while checking individual password sync status";
           LOGGER.error(sessionLabel, errorMsg);
         }
       }
     }
   }
   return returnValue;
 }