minor refactoring

src/main/java/password/pwm/PwmHttpFilterAuthenticationProvider.java

@@ -0,0 +1,35 @@
+/*
+ * Password Management Servlets (PWM)
+ * http://www.pwm-project.org
+ *
+ * Copyright (c) 2006-2009 Novell, Inc.
+ * Copyright (c) 2009-2016 The PWM Project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+package password.pwm;
+
+import password.pwm.error.PwmUnrecoverableException;
+import password.pwm.http.PwmRequest;
+
+import java.io.IOException;
+
+public interface PwmHttpFilterAuthenticationProvider {
+    void attemptAuthentication(final PwmRequest pwmRequest)
+            throws PwmUnrecoverableException, IOException;
+
+    boolean hasRedirectedResponse();
+}

src/main/java/password/pwm/config/FormUtility.java

@@ -29,7 +29,7 @@ import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.util.SearchHelper;
 import password.pwm.AppProperty;
 import password.pwm.PwmApplication;
-import password.pwm.Validator;
+import password.pwm.util.Validator;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.error.*;

src/main/java/password/pwm/http/PwmHttpRequestWrapper.java

@@ -25,7 +25,7 @@ package password.pwm.http;
 import org.apache.commons.io.IOUtils;
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
-import password.pwm.Validator;
+import password.pwm.util.Validator;
 import password.pwm.config.Configuration;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;

src/main/java/password/pwm/http/PwmHttpResponseWrapper.java

@@ -24,7 +24,7 @@ package password.pwm.http;
 
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
-import password.pwm.Validator;
+import password.pwm.util.Validator;
 import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;
 import password.pwm.util.StringUtil;

src/main/java/password/pwm/http/PwmRequest.java

@@ -28,7 +28,7 @@ import org.apache.commons.fileupload.servlet.ServletFileUpload;
 import org.apache.commons.io.IOUtils;
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
-import password.pwm.Validator;
+import password.pwm.util.Validator;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;

src/main/java/password/pwm/http/filter/AuthenticationFilter.java

@@ -23,10 +23,7 @@
 package password.pwm.http.filter;
 
 import com.novell.ldapchai.exception.ChaiUnavailableException;
-import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
-import password.pwm.PwmApplicationMode;
-import password.pwm.PwmConstants;
+import password.pwm.*;
 import password.pwm.bean.UserIdentity;
 import password.pwm.bean.UserInfoBean;
 import password.pwm.config.PwmSetting;
@@ -37,8 +34,8 @@ import password.pwm.http.PwmSession;
 import password.pwm.http.PwmURL;
 import password.pwm.http.bean.ChangePasswordBean;
 import password.pwm.http.servlet.LoginServlet;
-import password.pwm.http.servlet.oauth.OAuthConsumerServlet;
 import password.pwm.http.servlet.PwmServletDefinition;
+import password.pwm.http.servlet.oauth.OAuthConsumerServlet;
 import password.pwm.http.servlet.oauth.OAuthSettings;
 import password.pwm.i18n.Display;
 import password.pwm.ldap.PasswordChangeProgressChecker;
@@ -49,7 +46,6 @@ import password.pwm.ldap.auth.SessionAuthenticator;
 import password.pwm.svc.stats.Statistic;
 import password.pwm.svc.stats.StatisticsManager;
 import password.pwm.util.BasicAuthInfo;
-import password.pwm.util.CASAuthenticationHelper;
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.logging.PwmLogger;
 
@@ -57,7 +53,6 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
 import java.util.Date;
 
 /**
@@ -247,8 +242,8 @@ public class AuthenticationFilter extends AbstractPwmFilter {
             for (final AuthenticationMethod authenticationMethod : AuthenticationMethod.values()) {
                 if (!pwmRequest.isAuthenticated()) {
                     try {
-                        final Class<? extends FilterAuthenticationProvider> clazz = authenticationMethod.getImplementationClass();
-                        final FilterAuthenticationProvider filterAuthenticationProvider = clazz.newInstance();
+                        final Class<? extends PwmHttpFilterAuthenticationProvider> clazz = authenticationMethod.getImplementationClass();
+                        final PwmHttpFilterAuthenticationProvider filterAuthenticationProvider = clazz.newInstance();
                         filterAuthenticationProvider.attemptAuthentication(pwmRequest);
 
                         if (pwmRequest.isAuthenticated()) {
@@ -394,33 +389,32 @@ public class AuthenticationFilter extends AbstractPwmFilter {
         return false;
     }
 
-    interface FilterAuthenticationProvider {
-        void attemptAuthentication(final PwmRequest pwmRequest)
-                throws PwmUnrecoverableException, IOException;
-
-        boolean hasRedirectedResponse();
-    }
-
     enum AuthenticationMethod {
-        BASIC_AUTH(BasicFilterAuthenticationProvider.class),
-        SSO_AUTH_HEADER(SSOHeaderFilterAuthenticationProvider.class),
-        CAS(CASFilterAuthenticationProvider.class),
-        OAUTH(OAuthFilterAuthenticationProvider.class)
+        BASIC_AUTH(BasicFilterAuthenticationProvider.class.getName()),
+        SSO_AUTH_HEADER(SSOHeaderFilterAuthenticationProvider.class.getName()),
+        CAS("password.pwm.util.CASFilterAuthenticationProvider"),
+        OAUTH(OAuthFilterAuthenticationProvider.class.getName())
 
         ;
 
-        private final Class<? extends FilterAuthenticationProvider> implementationClass;
+        private final String className;
 
-        AuthenticationMethod(Class<? extends FilterAuthenticationProvider> implementationClass) {
-            this.implementationClass = implementationClass;
+        AuthenticationMethod(String className) {
+            this.className = className;
         }
 
-        public Class<? extends FilterAuthenticationProvider> getImplementationClass() {
-            return implementationClass;
+        public Class<? extends PwmHttpFilterAuthenticationProvider> getImplementationClass() throws PwmUnrecoverableException {
+            try {
+                return (Class<? extends PwmHttpFilterAuthenticationProvider>) Class.forName(className);
+            } catch (ClassNotFoundException | ClassCastException e) {
+                final String errorMsg = "error loading authentication method: " + this.getImplementationClass() + ", error: " + e.getMessage();
+                LOGGER.error(errorMsg,e);
+                throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN,errorMsg));
+            }
         }
     }
 
-    public static class BasicFilterAuthenticationProvider implements FilterAuthenticationProvider {
+    public static class BasicFilterAuthenticationProvider implements PwmHttpFilterAuthenticationProvider {
 
         @Override
         public void attemptAuthentication(
@@ -464,7 +458,7 @@ public class AuthenticationFilter extends AbstractPwmFilter {
         }
     }
 
-    static class SSOHeaderFilterAuthenticationProvider implements FilterAuthenticationProvider {
+    static class SSOHeaderFilterAuthenticationProvider implements PwmHttpFilterAuthenticationProvider {
 
         @Override
         public void attemptAuthentication(
@@ -509,39 +503,7 @@ public class AuthenticationFilter extends AbstractPwmFilter {
     }
 
 
-    static class CASFilterAuthenticationProvider implements FilterAuthenticationProvider {
-
-        @Override
-        public void attemptAuthentication(
-                final PwmRequest pwmRequest
-        )
-                throws PwmUnrecoverableException
-        {
-            try {
-                final String clearPassUrl = pwmRequest.getConfig().readSettingAsString(PwmSetting.CAS_CLEAR_PASS_URL);
-                if (clearPassUrl != null && clearPassUrl.length() > 0) {
-                    LOGGER.trace(pwmRequest, "checking for authentication via CAS");
-                    if (CASAuthenticationHelper.authUserUsingCASClearPass(pwmRequest, clearPassUrl)) {
-                        LOGGER.debug(pwmRequest, "login via CAS successful");
-                    }
-                }
-            } catch (ChaiUnavailableException e) {
-                throw PwmUnrecoverableException.fromChaiException(e);
-            } catch (PwmOperationalException e) {
-                throw new PwmUnrecoverableException(e.getErrorInformation());
-            } catch (UnsupportedEncodingException e) {
-                throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN,"error during CAS authentication: " + e.getMessage()));
-            }
-        }
-
-        @Override
-        public boolean hasRedirectedResponse() {
-            return false;
-        }
-    }
-
-
-    static class OAuthFilterAuthenticationProvider implements FilterAuthenticationProvider {
+    static class OAuthFilterAuthenticationProvider implements PwmHttpFilterAuthenticationProvider {
 
         private boolean redirected = false;
 

src/main/java/password/pwm/http/servlet/AbstractPwmServlet.java

@@ -24,7 +24,7 @@ package password.pwm.http.servlet;
 
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.PwmApplication;
-import password.pwm.Validator;
+import password.pwm.util.Validator;
 import password.pwm.error.*;
 import password.pwm.http.*;
 import password.pwm.svc.stats.Statistic;

src/main/java/password/pwm/http/servlet/LoginServlet.java

@@ -24,7 +24,7 @@ package password.pwm.http.servlet;
 
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.PwmConstants;
-import password.pwm.Validator;
+import password.pwm.util.Validator;
 import password.pwm.bean.UserIdentity;
 import password.pwm.error.*;
 import password.pwm.http.HttpMethod;

src/main/java/password/pwm/http/servlet/SetupOtpServlet.java

@@ -42,6 +42,7 @@ import password.pwm.svc.event.UserAuditRecord;
 import password.pwm.svc.stats.Statistic;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.StringUtil;
+import password.pwm.util.Validator;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.operations.OtpService;
 import password.pwm.util.otp.OTPUserRecord;

src/main/java/password/pwm/http/servlet/SetupResponsesServlet.java

@@ -34,7 +34,7 @@ import com.novell.ldapchai.provider.ChaiProvider;
 import password.pwm.Permission;
 import password.pwm.PwmApplication;
 import password.pwm.PwmConstants;
-import password.pwm.Validator;
+import password.pwm.util.Validator;
 import password.pwm.bean.ResponseInfoBean;
 import password.pwm.bean.UserInfoBean;
 import password.pwm.config.PwmSetting;

src/main/java/password/pwm/http/servlet/configeditor/ConfigEditorServlet.java

@@ -47,10 +47,7 @@ import password.pwm.i18n.Config;
 import password.pwm.i18n.Message;
 import password.pwm.i18n.PwmLocaleBundle;
 import password.pwm.ldap.LdapBrowser;
-import password.pwm.util.JsonUtil;
-import password.pwm.util.LocaleHelper;
-import password.pwm.util.StringUtil;
-import password.pwm.util.TimeDuration;
+import password.pwm.util.*;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.macro.MacroMachine;
 import password.pwm.util.queue.SmsQueueManager;

src/main/java/password/pwm/http/servlet/peoplesearch/PeopleSearchServlet.java

@@ -49,6 +49,7 @@ import password.pwm.svc.stats.StatisticsManager;
 import password.pwm.util.JsonUtil;
 import password.pwm.util.LocaleHelper;
 import password.pwm.util.TimeDuration;
+import password.pwm.util.Validator;
 import password.pwm.util.logging.PwmLogger;
 import password.pwm.util.macro.MacroMachine;
 import password.pwm.ws.server.RestResultBean;

src/main/java/password/pwm/svc/PwmServiceManager.java

@@ -23,7 +23,7 @@
 package password.pwm.svc;
 
 import password.pwm.PwmApplication;
-import password.pwm.VersionChecker;
+import password.pwm.util.VersionChecker;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmException;

src/main/java/password/pwm/util/CASAuthenticationHelper.java → src/main/java/password/pwm/util/CASFilterAuthenticationProvider.java

@@ -28,13 +28,14 @@ import org.jasig.cas.client.util.CommonUtils;
 import org.jasig.cas.client.util.XmlUtils;
 import org.jasig.cas.client.validation.Assertion;
 import password.pwm.PwmApplication;
+import password.pwm.PwmHttpFilterAuthenticationProvider;
+import password.pwm.config.PwmSetting;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.PwmRequest;
 import password.pwm.http.PwmSession;
-import password.pwm.http.filter.AuthenticationFilter;
 import password.pwm.ldap.auth.PwmAuthenticationSource;
 import password.pwm.ldap.auth.SessionAuthenticator;
 import password.pwm.util.logging.PwmLogger;
@@ -42,11 +43,39 @@ import password.pwm.util.logging.PwmLogger;
 import javax.servlet.http.HttpSession;
 import java.io.UnsupportedEncodingException;
 
-public class CASAuthenticationHelper {
+public class CASFilterAuthenticationProvider implements PwmHttpFilterAuthenticationProvider {
 
-    private static final PwmLogger LOGGER = PwmLogger.getLogger(AuthenticationFilter.class.getName());
+    private static final PwmLogger LOGGER = PwmLogger.forClass(CASFilterAuthenticationProvider.class);
 
-    public static boolean authUserUsingCASClearPass(
+    @Override
+    public void attemptAuthentication(
+            final PwmRequest pwmRequest
+    )
+            throws PwmUnrecoverableException
+    {
+        try {
+            final String clearPassUrl = pwmRequest.getConfig().readSettingAsString(PwmSetting.CAS_CLEAR_PASS_URL);
+            if (clearPassUrl != null && clearPassUrl.length() > 0) {
+                LOGGER.trace(pwmRequest, "checking for authentication via CAS");
+                if (authUserUsingCASClearPass(pwmRequest, clearPassUrl)) {
+                    LOGGER.debug(pwmRequest, "login via CAS successful");
+                }
+            }
+        } catch (ChaiUnavailableException e) {
+            throw PwmUnrecoverableException.fromChaiException(e);
+        } catch (PwmOperationalException e) {
+            throw new PwmUnrecoverableException(e.getErrorInformation());
+        } catch (UnsupportedEncodingException e) {
+            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN,"error during CAS authentication: " + e.getMessage()));
+        }
+    }
+
+    @Override
+    public boolean hasRedirectedResponse() {
+        return false;
+    }
+
+    private static boolean authUserUsingCASClearPass(
             final PwmRequest pwmRequest,
             final String clearPassUrl
     )
@@ -98,4 +127,4 @@ public class CASAuthenticationHelper {
         sessionAuthenticator.searchAndAuthenticateUser(username, password, null, null);
         return true;
     }
-}
+}

src/main/java/password/pwm/Validator.java → src/main/java/password/pwm/util/Validator.java

@@ -20,8 +20,11 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
-package password.pwm;
+package password.pwm.util;
 
+import password.pwm.AppProperty;
+import password.pwm.PwmApplication;
+import password.pwm.PwmConstants;
 import password.pwm.bean.FormNonce;
 import password.pwm.config.Configuration;
 import password.pwm.config.PwmSetting;

src/main/java/password/pwm/VersionChecker.java → src/main/java/password/pwm/util/VersionChecker.java

@@ -20,12 +20,15 @@
  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  */
 
-package password.pwm;
+package password.pwm.util;
 
 import org.apache.http.HttpResponse;
 import org.apache.http.HttpStatus;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.util.EntityUtils;
+import password.pwm.PwmApplication;
+import password.pwm.PwmApplicationMode;
+import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.DataStorageMethod;
 import password.pwm.error.ErrorInformation;
@@ -37,8 +40,6 @@ import password.pwm.health.HealthTopic;
 import password.pwm.http.client.PwmHttpClient;
 import password.pwm.i18n.Display;
 import password.pwm.svc.PwmService;
-import password.pwm.util.JsonUtil;
-import password.pwm.util.TimeDuration;
 import password.pwm.util.localdb.LocalDB;
 import password.pwm.util.localdb.LocalDBException;
 import password.pwm.util.logging.PwmLogger;