misc fixes

server/src/build/checkstyle.xml

@@ -178,7 +178,7 @@
         <module name="RedundantImport"/>
         <module name="UnusedImports"/>
         <module name="ImportControl">
-            <property name="file" value="${basedir}/src/build/import-control.xml"/>
+            <property name="file" value="${basedir}/src/build/checkstyle-import.xml"/>
         </module>
 
 

server/src/main/java/password/pwm/http/servlet/newuser/NewUserUtils.java

@@ -617,7 +617,7 @@ class NewUserUtils {
     )
             throws PwmUnrecoverableException, PwmDataValidationException
     {
-        final RestFormDataClient restFormDataClient = new RestFormDataClient(pwmRequest.getPwmApplication());
+        final RestFormDataClient restFormDataClient = new RestFormDataClient(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel());
         if (!restFormDataClient.isEnabled()) {
             return;
         }

server/src/main/java/password/pwm/ldap/LdapPermissionTester.java

@@ -149,7 +149,7 @@ public class LdapPermissionTester {
         final String logMsg = "user " + userIdentity.toDisplayString() + " is "
                 + (result ? "" : "not ")
                 + "a match for group '" + groupDN + "'"
-                + " (" + TimeDuration.fromCurrent(startTime) + ")";
+                + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")";
 
         LOGGER.debug(pwmSession, logMsg);
 
@@ -194,7 +194,7 @@ public class LdapPermissionTester {
         final String logMsg = "user " + userIdentity.toDisplayString() + " is "
                 + (result ? "" : "not ")
                 + "a match for filter '" + filterString + "'"
-                + " (" + TimeDuration.fromCurrent(startTime) + ")";
+                + " (" + TimeDuration.fromCurrent(startTime).asCompactString() + ")";
 
         LOGGER.debug(pwmSession, logMsg);
 

server/src/main/java/password/pwm/ldap/UserInfoReader.java

@@ -34,10 +34,7 @@ import password.pwm.bean.ResponseInfoBean;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.Configuration;
-import password.pwm.config.value.data.FormConfiguration;
-import password.pwm.util.form.FormUtility;
 import password.pwm.config.PwmSetting;
-import password.pwm.config.value.data.UserPermission;
 import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.config.option.ForceSetupPolicy;
 import password.pwm.config.profile.ChallengeProfile;
@@ -47,6 +44,8 @@ import password.pwm.config.profile.ProfileUtility;
 import password.pwm.config.profile.PwmPasswordPolicy;
 import password.pwm.config.profile.PwmPasswordRule;
 import password.pwm.config.profile.UpdateAttributesProfile;
+import password.pwm.config.value.data.FormConfiguration;
+import password.pwm.config.value.data.UserPermission;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmDataValidationException;
 import password.pwm.error.PwmError;
@@ -54,6 +53,7 @@ import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.svc.PwmService;
 import password.pwm.util.PasswordData;
 import password.pwm.util.PwmPasswordRuleValidator;
+import password.pwm.util.form.FormUtility;
 import password.pwm.util.java.CachingProxyWrapper;
 import password.pwm.util.java.JavaHelper;
 import password.pwm.util.java.TimeDuration;
@@ -119,8 +119,10 @@ public class UserInfoReader implements UserInfo {
             final PwmApplication pwmApplication,
             final ChaiProvider chaiProvider
     )
-            throws ChaiUnavailableException
+            throws ChaiUnavailableException, PwmUnrecoverableException
     {
+        LdapOperationsHelper.addConfiguredUserObjectClass(sessionLabel, userIdentity, pwmApplication);
+
         final UserInfoReader userInfo = new UserInfoReader(userIdentity, currentPassword, sessionLabel, locale, pwmApplication, chaiProvider);
         final UserInfo selfCachedReference = CachingProxyWrapper.create(UserInfo.class, userInfo);
         userInfo.selfCachedReference = selfCachedReference;

server/src/main/java/password/pwm/util/LDAPPermissionCalculator.java

@@ -357,12 +357,15 @@ public class LDAPPermissionCalculator implements Serializable {
         return records;
     }
 
-    private static final Set<PwmSettingTemplate> EDIR_INTERESTED_TEMPLATES = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(
-            new PwmSettingTemplate[]{ PwmSettingTemplate.NOVL, PwmSettingTemplate.NOVL_IDM}
-    )));
+
 
     private Collection<PermissionRecord> figureStaticRecords() {
 
+        final Set<PwmSettingTemplate> EDIR_INTERESTED_TEMPLATES =
+                Collections.unmodifiableSet(new HashSet<>(Arrays.asList(
+                        PwmSettingTemplate.NOVL, PwmSettingTemplate.NOVL_IDM))
+                );
+
         final List<PermissionRecord> permissionRecords = new ArrayList<>();
 
         final PwmSettingTemplateSet templateSet =  storedConfiguration.getTemplateSet();
@@ -390,6 +393,21 @@ public class LDAPPermissionCalculator implements Serializable {
             }
         }
 
+        if (configuration.getLdapProfiles() != null && !configuration.getLdapProfiles().isEmpty()) {
+            for (final LdapProfile ldapProfile : configuration.getLdapProfiles().values()) {
+                final List<String> autoAddObjectClasses = ldapProfile.readSettingAsStringArray(PwmSetting.AUTO_ADD_OBJECT_CLASSES);
+                if (autoAddObjectClasses != null && !autoAddObjectClasses.isEmpty()) {
+                    permissionRecords.add(new PermissionRecord(
+                            ChaiConstant.ATTR_LDAP_OBJECTCLASS,
+                            PwmSetting.AUTO_ADD_OBJECT_CLASSES,
+                            ldapProfile.getIdentifier(),
+                            LDAPPermissionInfo.Access.write,
+                            LDAPPermissionInfo.Actor.proxy
+                    ));
+                }
+            }
+        }
+
         return permissionRecords;
     }
 

server/src/main/java/password/pwm/util/PwmPasswordRuleValidator.java

@@ -190,7 +190,7 @@ public class PwmPasswordRuleValidator {
         final PwmPasswordPolicy.RuleHelper ruleHelper = policy.getRuleHelper();
         final MacroMachine macroMachine = userInfo == null || userInfo.getUserIdentity() == null
             ? MacroMachine.forNonUserSpecific(pwmApplication, SessionLabel.SYSTEM_LABEL)
-            : MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfo.getUserIdentity());
+                : MacroMachine.forUser(pwmApplication, PwmConstants.DEFAULT_LOCALE, SessionLabel.SYSTEM_LABEL, userInfo.getUserIdentity());
 
         //check against old password
         if (oldPasswordString != null && oldPasswordString.length() > 0 && ruleHelper.readBooleanValue(PwmPasswordRule.DisallowCurrent)) {

server/src/main/java/password/pwm/ws/client/rest/form/RestFormDataClient.java

@@ -22,34 +22,41 @@
 
 package password.pwm.ws.client.rest.form;
 
-import org.apache.http.HttpResponse;
-import org.apache.http.client.methods.HttpPost;
-import org.apache.http.entity.StringEntity;
-import org.apache.http.util.EntityUtils;
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
+import password.pwm.bean.SessionLabel;
+import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.value.data.RemoteWebServiceConfiguration;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
+import password.pwm.http.HttpHeader;
+import password.pwm.http.HttpMethod;
 import password.pwm.http.client.PwmHttpClient;
+import password.pwm.http.client.PwmHttpClientConfiguration;
+import password.pwm.http.client.PwmHttpClientRequest;
+import password.pwm.http.client.PwmHttpClientResponse;
 import password.pwm.util.java.JsonUtil;
 import password.pwm.util.logging.PwmLogger;
 
-import java.io.IOException;
+import java.security.cert.X509Certificate;
+import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Locale;
+import java.util.Map;
 
 public class RestFormDataClient {
 
     private static final PwmLogger LOGGER = PwmLogger.forClass(RestFormDataClient.class);
 
     private final PwmApplication pwmApplication;
+    private final SessionLabel sessionLabel;
     private RemoteWebServiceConfiguration remoteWebServiceConfiguration;
 
-    public RestFormDataClient(final PwmApplication pwmApplication)
+    public RestFormDataClient(final PwmApplication pwmApplication, final SessionLabel sessionLabel)
     {
+        this.sessionLabel = sessionLabel;
         this.pwmApplication = pwmApplication;
         final List<RemoteWebServiceConfiguration> values = pwmApplication.getConfig().readSettingAsRemoteWebService(PwmSetting.EXTERNAL_REMOTE_DATA_URL);
         if (values != null && !values.isEmpty()) {
@@ -67,32 +74,36 @@ public class RestFormDataClient {
     )
             throws PwmUnrecoverableException
     {
-        final HttpPost httpPost = new HttpPost(remoteWebServiceConfiguration.getUrl());
-        httpPost.setHeader("Accept", PwmConstants.AcceptValue.json.getHeaderValue());
+        final Map<String,String> httpHeaders = new LinkedHashMap<>();
+        httpHeaders.put(HttpHeader.Accept.getHttpName(), PwmConstants.AcceptValue.json.getHeaderValue());
+        httpHeaders.put(HttpHeader.Content_Type.getHttpName(), PwmConstants.ContentTypeValue.json.getHeaderValue());
         if (locale != null) {
-            httpPost.setHeader("Accept-Locale", locale.toString());
+            httpHeaders.put(HttpHeader.Accept_Language.getHttpName(), locale.toString());
         }
-        httpPost.setHeader("Content-Type", PwmConstants.ContentTypeValue.json.getHeaderValue());
 
         final String jsonRequestBody = JsonUtil.serialize(formDataRequestBean);
 
-        final HttpResponse httpResponse;
+        final PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(
+                HttpMethod.POST,
+                remoteWebServiceConfiguration.getUrl(),
+                jsonRequestBody,
+                httpHeaders
+
+        );
+
+        final PwmHttpClientResponse httpResponse;
         try {
-            final StringEntity stringEntity = new StringEntity(jsonRequestBody);
-            stringEntity.setContentType(PwmConstants.AcceptValue.json.getHeaderValue());
-            httpPost.setEntity(stringEntity);
-            LOGGER.debug("beginning external rest call to: " + httpPost.toString() + ", body: " + jsonRequestBody);
-            httpResponse = PwmHttpClient.getHttpClient(pwmApplication.getConfig()).execute(httpPost);
-            final String responseBody = EntityUtils.toString(httpResponse.getEntity());
-            LOGGER.trace("external rest call returned: " + httpResponse.getStatusLine().toString() + ", body: " + responseBody);
-            if (httpResponse.getStatusLine().getStatusCode() != 200) {
-                final String errorMsg = "received non-200 response code (" + httpResponse.getStatusLine().getStatusCode() + ") when executing web-service";
+            httpResponse = getHttpClient(pwmApplication.getConfig()).makeRequest(pwmHttpClientRequest);
+            final String responseBody = httpResponse.getBody();
+            LOGGER.trace("external rest call returned: " + httpResponse.getStatusPhrase() + ", body: " + responseBody);
+            if (httpResponse.getStatusCode() != 200) {
+                final String errorMsg = "received non-200 response code (" + httpResponse.getStatusCode() + ") when executing web-service";
                 LOGGER.error(errorMsg);
                 throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SERVICE_UNREACHABLE, errorMsg));
             }
             final FormDataResponseBean formDataResponseBean = JsonUtil.deserialize(responseBody, FormDataResponseBean.class);
             return formDataResponseBean;
-        } catch (IOException e) {
+        } catch (PwmUnrecoverableException e) {
             final String errorMsg = "http response error while executing external rest call, error: " + e.getMessage();
             LOGGER.error(errorMsg);
             throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SERVICE_UNREACHABLE, errorMsg),e);
@@ -100,4 +111,20 @@ public class RestFormDataClient {
 
     }
 
+    private PwmHttpClient getHttpClient(final Configuration configuration)
+            throws PwmUnrecoverableException
+    {
+        final List<RemoteWebServiceConfiguration> webServiceConfigurations = configuration.readSettingAsRemoteWebService(PwmSetting.EXTERNAL_REMOTE_DATA_URL);
+
+        final X509Certificate[] certificates;
+        certificates = webServiceConfigurations != null && webServiceConfigurations.isEmpty()
+                ? webServiceConfigurations.iterator().next().getCertificates()
+                : null;
+
+        final PwmHttpClientConfiguration pwmHttpClientConfiguration = new PwmHttpClientConfiguration.Builder()
+                .setCertificate(certificates)
+                .create();
+        return new PwmHttpClient(pwmApplication, null, pwmHttpClientConfiguration);
+    }
+
 }

server/src/main/java/password/pwm/ws/server/rest/RestCheckPasswordServer.java

@@ -27,6 +27,8 @@ import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
 import password.pwm.PwmApplication;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.bean.UserIdentity;
@@ -65,12 +67,14 @@ public class RestCheckPasswordServer extends AbstractRestServer {
     private static final PwmLogger LOGGER = PwmLogger.forClass(RestCheckPasswordServer.class);
 
     @Getter
+    @Setter
     @AllArgsConstructor
+    @NoArgsConstructor
     public static class JsonInput implements Serializable
     {
-        public final String password1;
-        public final String password2;
-        public final String username;
+        public String password1;
+        public String password2;
+        public String username;
     }
 
     public static class JsonData implements Serializable

server/src/main/webapp/WEB-INF/jsp/changepassword.jsp

@@ -107,7 +107,7 @@
             <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
 
             <div class="buttonbar" style="width:100%">
-                <button type="submit" name="change" class="btn" id="password_button" form="changePasswordForm">
+                <button type="submit" name="change" class="btn" id="password_button">
                     <pwm:if test="<%=PwmIfTest.showIcons%>"><span class="btn-icon pwm-icon pwm-icon-forward"></span></pwm:if>
                     <pwm:display key="Button_ChangePassword"/>
                 </button>

server/src/main/webapp/WEB-INF/jsp/updateprofile.jsp

@@ -44,15 +44,14 @@
             <jsp:include page="fragment/form.jsp"/>
             <input type="hidden" name="processAction" value="updateProfile"/>
             <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
+            <div class="buttonbar">
+                <button id="submitBtn" type="submit" class="btn" name="button">
+                    <pwm:if test="<%=PwmIfTest.showIcons%>"><span class="btn-icon pwm-icon pwm-icon-forward"></span></pwm:if>
+                    <pwm:display key="Button_Update"/>
+                </button>
+                <%@ include file="/WEB-INF/jsp/fragment/cancel-button.jsp" %>
+            </div>
         </form>
-
-        <div class="buttonbar">
-            <button id="submitBtn" type="submit" class="btn" name="button" form="updateProfileForm">
-                <pwm:if test="<%=PwmIfTest.showIcons%>"><span class="btn-icon pwm-icon pwm-icon-forward"></span></pwm:if>
-                <pwm:display key="Button_Update"/>
-            </button>
-            <%@ include file="/WEB-INF/jsp/fragment/cancel-button.jsp" %>
-        </div>
     </div>
     <div class="push"></div>
 </div>

server/src/main/webapp/public/resources/js/main.js

@@ -267,12 +267,14 @@ PWM_MAIN.applyFormAttributes = function() {
     // handle html5 form attribute in JS in case browser (IE) doesn't support it.
     PWM_MAIN.doQuery("button[type=submit][form]",function(element){
         console.log('added event handler for submit button with form attribute ' + element.id);
+        /*
         PWM_MAIN.addEventHandler(element,'click',function(e){
             PWM_MAIN.stopEvent(e);
             PWM_VAR['dirtyPageLeaveFlag'] = false;
             var formID = element.getAttribute('form');
             PWM_MAIN.handleFormSubmit(PWM_MAIN.getObject(formID));
         });
+        */
     });
 };