beenull/pwm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

refactoring and logging improvements

Browse source
This commit is contained in:
Jason Rivard 2023-04-15 14:23:15 -04:00
parent 00e51c91ea
commit 4626393bc6
67 changed files with 1115 additions and 1232 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
lib-util/src/main/java/password/pwm/util/java/JavaHelper.java
View file

@ -36,21 +36,26 @@ import java.io.Writer;
import java.lang.management.LockInfo;
import java.lang.management.MonitorInfo;
import java.lang.management.ThreadInfo;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HexFormat;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Properties;
import java.util.concurrent.atomic.LongAccumulator;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
@ -496,4 +501,33 @@ public final class JavaHelper
final long next = input + 1;
return next > 0 ? next : 0;
}
public static <T> List<T> instancesOfSealedInterface( final Class<T> sealedInterface )
{
if ( !Objects.requireNonNull( sealedInterface ).isSealed() )
{
throw new IllegalArgumentException( "sealedInterface argument is required to be marked as sealed" );
}
final Function<Class<T>, T> f = theClass ->
{
try
{
final Constructor<T> constructor = theClass.getDeclaredConstructor();
constructor.setAccessible( true );
return ( T ) constructor.newInstance();
}
catch ( final InstantiationException | IllegalAccessException | InvocationTargetException | NoSuchMethodException e )
{
throw new RuntimeException( e );
}
};
final List<T> list = new ArrayList<>();
for ( final Class<?> loopClass : sealedInterface.getPermittedSubclasses() )
{
list.add( f.apply( (Class<T> ) loopClass ) );
}
return List.copyOf( list );
}
}

5
server/src/main/java/password/pwm/PwmAboutProperty.java
View file

@ -160,11 +160,8 @@ public enum PwmAboutProperty
{
return date.toString();
}
else
{
return LocaleHelper.getLocalizedMessage( PwmConstants.DEFAULT_LOCALE, Display.Value_NotApplicable, null );
}
return LocaleHelper.getLocalizedMessage( PwmConstants.DEFAULT_LOCALE, Display.Value_NotApplicable, null );
}
public String getLabel( )

2
server/src/main/java/password/pwm/PwmApplication.java
View file

@ -301,7 +301,7 @@ public class PwmApplication
MBeanUtility.registerMBean( this );
UserAgentUtils.initializeCache();
UserAgentUtils.initializeCache( sessionLabel );
LOGGER.trace( sessionLabel, () -> "completed post init tasks", TimeDuration.fromCurrent( startTime ) );
}

1
server/src/main/java/password/pwm/PwmConstants.java
View file

@ -151,6 +151,7 @@ public abstract class PwmConstants
public static final String VALUE_REPLACEMENT_USERNAME = "%USERNAME%";
public static final String LOGBACK_APP_PATH_FILENAME = "logback.xml";
public static final String RESOURCE_FILE_EULA_TXT = "eula.txt";
public static final String RESOURCE_FILE_PRIVACY_TXT = "privacy.txt";
public static final String RESOURCE_FILE_WELCOME_TXT = "welcome.txt";

2
server/src/main/java/password/pwm/bean/SessionLabel.java
View file

@ -168,7 +168,7 @@ public class SessionLabel
}
catch ( final PwmUnrecoverableException e )
{
LOGGER.error( () -> "unexpected error reading username: " + e.getMessage(), e );
LOGGER.error( () -> "unexpected error reading username while building SessionLabel: " + e.getMessage(), e );
}
}
}

6
server/src/main/java/password/pwm/config/profile/LdapProfile.java
View file

@ -205,13 +205,15 @@ public class LdapProfile extends AbstractProfile implements Profile
{
final String finalCanonical = canonicalValue;
LOGGER.trace( () -> "read and cached canonical ldap DN value for input '" + dnValue + "' as '" + finalCanonical + "'",
LOGGER.trace( sessionLabel, () -> "read and cached canonical ldap DN value for input '"
+ dnValue + "' as '" + finalCanonical + "'",
TimeDuration.fromCurrent( startTime ) );
}
}
catch ( final ChaiUnavailableException | ChaiOperationException e )
{
LOGGER.error( () -> "error while reading canonicalDN for dn value '" + dnValue + "', error: " + e.getMessage() );
LOGGER.error( sessionLabel, () -> "error while reading canonicalDN for dn value '"
+ dnValue + "', error: " + e.getMessage() );
return dnValue;
}
}

4
server/src/main/java/password/pwm/config/profile/PwmPasswordPolicy.java
View file

@ -239,7 +239,7 @@ public class PwmPasswordPolicy implements Profile
return chaiPasswordPolicy;
}
public PasswordRuleReaderHelper getRuleHelper( )
public PasswordRuleReaderHelper ruleHelper( )
{
return new PasswordRuleReaderHelper( this );
}
@ -341,7 +341,7 @@ public class PwmPasswordPolicy implements Profile
final Locale locale = PwmConstants.DEFAULT_LOCALE;
final PolicyMetaData policyMetaData = pwmPasswordPolicy.getPolicyMetaData();
final PasswordRuleReaderHelper ruleHelper = pwmPasswordPolicy.getRuleHelper();
final PasswordRuleReaderHelper ruleHelper = pwmPasswordPolicy.ruleHelper();
final List<HealthRecord> returnList = new ArrayList<>();
final Map<PwmPasswordRule, PwmPasswordRule> rulePairs = new LinkedHashMap<>();
rulePairs.put( PwmPasswordRule.MinimumLength, PwmPasswordRule.MaximumLength );

5
server/src/main/java/password/pwm/config/stored/ConfigurationCleaner.java
View file

@ -101,7 +101,7 @@ public class ConfigurationCleaner
final Optional<ProfileID> profileID = key.getProfileID();
LOGGER.info( () -> "converting deprecated non-default setting "
LOGGER.info( SESSION_LABEL, () -> "converting deprecated non-default setting "
+ PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY.getKey() + "/" + profileID
+ " to replacement setting "
+ PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY_LEVEL + ", value="
@ -215,7 +215,8 @@ public class ConfigurationCleaner
for ( final ProfileID destProfile : targetProfiles )
{
LOGGER.info( () -> "moving setting " + key + " without profile attribute to profile \"" + destProfile + "\"." );
LOGGER.info( SESSION_LABEL, () -> "moving setting " + key
+ " without profile attribute to profile \"" + destProfile + "\"." );
{
try
{

5
server/src/main/java/password/pwm/config/stored/StoredConfigXmlSerializer.java
View file

@ -752,7 +752,7 @@ public class StoredConfigXmlSerializer implements StoredConfigSerializer
newValueElement.setText( textValue.get().trim() );
settingElement.attachElement( newValueElement );
final String key = settingElement.getAttribute( StoredConfigXmlConstants.XML_ATTRIBUTE_KEY ).orElse( "" );
LOGGER.info( () -> "migrating pre-xml 'value' tag format to use value element for key: " + key );
LOGGER.info( SESSION_LABEL, () -> "migrating pre-xml 'value' tag format to use value element for key: " + key );
}
}
}
@ -882,7 +882,8 @@ public class StoredConfigXmlSerializer implements StoredConfigSerializer
final Optional<String> value = property.getText();
if ( key.isPresent() && value.isPresent() )
{
LOGGER.info( () -> "migrating app-property config element '" + key.get() + "' to setting " + PwmSetting.APP_PROPERTY_OVERRIDES.getKey() );
LOGGER.info( SESSION_LABEL, () -> "migrating app-property config element '" + key.get()
+ "' to setting " + PwmSetting.APP_PROPERTY_OVERRIDES.getKey() );
final String newValue = key.get() + "=" + value.get();
final List<String> existingValues = new ArrayList<>();

2
server/src/main/java/password/pwm/health/LDAPHealthChecker.java
View file

@ -318,7 +318,7 @@ public class LDAPHealthChecker implements HealthSupplier
pwmDomain, sessionLabel, userIdentity, theUser );
boolean doPasswordChange = true;
final int minLifetimeSeconds = passwordPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
final int minLifetimeSeconds = passwordPolicy.ruleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
if ( minLifetimeSeconds > 0 )
{
final Instant pwdLastModified = PasswordUtility.determinePwdLastModified(

1
server/src/main/java/password/pwm/http/PwmRequestAttribute.java
View file

@ -108,6 +108,7 @@ public enum PwmRequestAttribute
ExternalResponseInstructions,
JspIndexTabCounter,
JspAutofocusStatus,
GoBackAction,;
}

84
server/src/main/java/password/pwm/http/PwmURL.java
View file

@ -26,6 +26,7 @@ import password.pwm.config.AppConfig;
import password.pwm.error.PwmInternalException;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.servlet.PwmServletDefinition;
import password.pwm.util.java.EnumUtil;
import password.pwm.util.java.LazySupplier;
import password.pwm.util.java.StringUtil;
import password.pwm.util.json.JsonFactory;
@ -56,6 +57,38 @@ public class PwmURL
private final Supplier<Optional<PwmServletDefinition>> pwmServletDefinition = LazySupplier.create(
() -> getServletDefinitionImpl( this ) );
public enum Scheme
{
http( 80 ),
https( 443 ),
file( -1 ),
ldap( 389 ),
ldaps( 636 ),;
private final int defaultPort;
Scheme( final int defaultPort )
{
this.defaultPort = defaultPort;
}
public int getDefaultPort()
{
return defaultPort;
}
public static Optional<Scheme> fromUri( final URI uri )
{
if ( uri == null )
{
return Optional.empty();
}
return EnumUtil.readEnumFromPredicate(
Scheme.class, ( loopUri ) -> loopUri.name().equals( uri.getScheme() ) );
}
}
private PwmURL(
final URI uri,
final String contextPath,
@ -382,35 +415,11 @@ public class PwmURL
final int port = uri.getPort();
if ( port < 1 )
{
return portForUriScheme( uri.getScheme() );
return Scheme.fromUri( uri ).map( Scheme::getDefaultPort ).orElse( -1 );
}
return port;
}
private static int portForUriScheme( final String scheme )
{
if ( scheme == null )
{
throw new NullPointerException( "scheme cannot be null" );
}
switch ( scheme )
{
case "http":
return 80;
case "https":
return 443;
case "ldap":
return 389;
case "ldaps":
return 636;
default:
throw new IllegalArgumentException( "unknown scheme: " + scheme );
}
}
public String getPostServletPath( final PwmServletDefinition pwmServletDefinition )
{
@ -518,4 +527,29 @@ public class PwmURL
return false;
}
public static boolean uriSchemeMatches( final URI uri, final Scheme... schemes )
{
if ( uri == null )
{
return false;
}
final String schemeStr = uri.getScheme();
if ( schemeStr == null )
{
return false;
}
for ( final Scheme loopScheme : schemes )
{
if ( loopScheme.name().equals( schemeStr ) )
{
return true;
}
}
return false;
}
}

4
server/src/main/java/password/pwm/http/filter/AuthenticationFilter.java
View file

@ -127,7 +127,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
}
catch ( final PwmUnrecoverableException e )
{
LOGGER.error( e.getErrorInformation() );
LOGGER.error( pwmRequest, e.getErrorInformation() );
pwmRequest.respondWithError( e.getErrorInformation(), true );
}
}
@ -208,7 +208,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
}
catch ( final Throwable e1 )
{
LOGGER.error( () -> "error while marking pre-login url:" + e1.getMessage() );
LOGGER.error( pwmRequest, () -> "error while marking pre-login url:" + e1.getMessage() );
}
}
}

68
server/src/main/java/password/pwm/http/filter/SessionFilter.java
View file

@ -568,14 +568,11 @@ public class SessionFilter extends AbstractPwmFilter
throw new PwmOperationalException( new ErrorInformation( PwmError.ERROR_REDIRECT_ILLEGAL, errorMsg ) );
}
// check to make sure we were not handed a non-http uri.
if ( !PwmURL.uriSchemeMatches( inputURI, PwmURL.Scheme.http, PwmURL.Scheme.https ) )
{
// check to make sure we werent handed a non-http uri.
final String scheme = inputURI.getScheme();
if ( scheme != null && !scheme.isEmpty() && !"http".equalsIgnoreCase( scheme ) && !"https".equals( scheme ) )
{
final String errorMsg = "unsupported url scheme";
throw new PwmOperationalException( new ErrorInformation( PwmError.ERROR_REDIRECT_ILLEGAL, errorMsg ) );
}
final String errorMsg = "unsupported url scheme";
throw new PwmOperationalException( new ErrorInformation( PwmError.ERROR_REDIRECT_ILLEGAL, errorMsg ) );
}
if ( inputURI.getHost() != null && !inputURI.getHost().isEmpty() )
@ -596,31 +593,10 @@ public class SessionFilter extends AbstractPwmFilter
}
}
final StringBuilder sb = new StringBuilder();
if ( inputURI.getScheme() != null )
{
sb.append( inputURI.getScheme() );
sb.append( "://" );
}
if ( inputURI.getHost() != null )
{
sb.append( inputURI.getHost() );
}
if ( inputURI.getPort() != -1 )
{
sb.append( ":" );
sb.append( inputURI.getPort() );
}
if ( inputURI.getPath() != null )
{
sb.append( inputURI.getPath() );
}
final String testURI = sb.toString();
final String testURI = copyUriWithoutParams( inputURI );
LOGGER.trace( sessionLabel, () -> "preparing to whitelist test parsed and decoded URL: " + testURI );
final List<String> whiteList = pwmDomain.getConfig().readSettingAsStringArray( PwmSetting.SECURITY_REDIRECT_WHITELIST );
if ( PwmURL.testIfUrlMatchesAllowedPattern( testURI, whiteList, sessionLabel ) )
{
return;
@ -630,4 +606,38 @@ public class SessionFilter extends AbstractPwmFilter
+ PwmSetting.SECURITY_REDIRECT_WHITELIST.toMenuLocationDebug( null, PwmConstants.DEFAULT_LOCALE );
throw new PwmOperationalException( new ErrorInformation( PwmError.ERROR_REDIRECT_ILLEGAL, errorMsg ) );
}
private static String copyUriWithoutParams( final URI inputURI )
{
final StringBuilder sb = new StringBuilder();
final String scheme = inputURI.getScheme();
final String host = inputURI.getHost();
final int port = inputURI.getPort();
final String path = inputURI.getPath();
if ( scheme != null )
{
sb.append( scheme );
sb.append( "://" );
}
if ( host != null )
{
sb.append( host );
}
if ( port != -1 )
{
sb.append( ":" );
sb.append( port );
}
if ( path != null )
{
sb.append( path );
}
return sb.toString();
}
}

2
server/src/main/java/password/pwm/http/servlet/AbstractPwmServlet.java
View file

@ -240,7 +240,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
}
catch ( final Throwable e1 )
{
LOGGER.error( () -> "error while marking pre-login url:" + e1.getMessage() );
LOGGER.error( pwmRequest, () -> "error while marking pre-login url:" + e1.getMessage() );
}
break;

2
server/src/main/java/password/pwm/http/servlet/ControlledPwmServlet.java
View file

@ -130,7 +130,7 @@ public abstract class ControlledPwmServlet extends AbstractPwmServlet implements
}
final String msg = "missing action handler for '" + action + "'";
LOGGER.error( () -> msg );
LOGGER.error( pwmRequest, () -> msg );
throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_INTERNAL, msg ) );
}

6
server/src/main/java/password/pwm/http/servlet/accountinfo/AccountInformationBean.java
View file

@ -32,7 +32,7 @@ import password.pwm.config.value.data.FormConfiguration;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.bean.DisplayElement;
import password.pwm.http.tag.PasswordRequirementsTag;
import password.pwm.util.password.PasswordRequirementViewableRuleGenerator;
import password.pwm.ldap.ViewableUserInfoDisplayReader;
import password.pwm.svc.event.UserAuditRecord;
import password.pwm.user.UserInfo;
@ -106,8 +106,8 @@ public class AccountInformationBean
{
final PwmPasswordPolicy pwmPasswordPolicy = pwmRequest.getPwmSession().getUserInfo().getPasswordPolicy();
final MacroRequest macroRequest = pwmRequest.getMacroMachine();
final List<String> rules = PasswordRequirementsTag.getPasswordRequirementsStrings( pwmPasswordPolicy, pwmRequest.getDomainConfig(), pwmRequest.getLocale(), macroRequest );
return Collections.unmodifiableList( rules );
return PasswordRequirementViewableRuleGenerator
.generate( pwmPasswordPolicy, pwmRequest.getDomainConfig(), pwmRequest.getLocale(), macroRequest );
}
public static List<ActivityRecord> makeAuditInfo(

2
server/src/main/java/password/pwm/http/servlet/admin/AppDashboardData.java
View file

@ -210,7 +210,7 @@ public class AppDashboardData
builder.sessionCount( pwmDomain.getSessionTrackService().sessionCount() );
builder.requestsInProgress( pwmDomain.getPwmApplication().getTotalActiveServletRequests() );
LOGGER.trace( () -> "AppDashboardData bean created", TimeDuration.fromCurrent( startTime ) );
LOGGER.trace( pwmDomain.getSessionLabel(), () -> "AppDashboardData bean created", TimeDuration.fromCurrent( startTime ) );
return builder.build();
}

2
server/src/main/java/password/pwm/http/servlet/admin/system/ConfigManagerWordlistServlet.java
View file

@ -190,7 +190,7 @@ public class ConfigManagerWordlistServlet extends AbstractPwmServlet
}
catch ( final Exception e )
{
LOGGER.error( () -> "error clearing wordlist " + wordlistType + ", error: " + e.getMessage() );
LOGGER.error( pwmRequest, () -> "error clearing wordlist " + wordlistType + ", error: " + e.getMessage() );
}
pwmRequest.outputJsonResult( RestResultBean.forSuccessMessage( pwmRequest, Message.Success_Unknown ) );

2
server/src/main/java/password/pwm/http/servlet/changepw/ChangePasswordServlet.java
View file

@ -228,7 +228,7 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
}
//make sure the two passwords match
final boolean caseSensitive = userInfo.getPasswordPolicy().getRuleHelper().readBooleanValue(
final boolean caseSensitive = userInfo.getPasswordPolicy().ruleHelper().readBooleanValue(
PwmPasswordRule.CaseSensitive );
if ( PasswordUtility.PasswordCheckInfo.MatchStatus.MATCH != PasswordUtility.figureMatchStatus( caseSensitive,
password1, password2 ) )

2
server/src/main/java/password/pwm/http/servlet/configeditor/function/UserMatchViewerFunction.java
View file

@ -183,7 +183,7 @@ public class UserMatchViewerFunction implements SettingUIFunction
}
catch ( final Exception e )
{
LOGGER.error( () -> "error while testing entry DN for profile '" + profileID + "', error:" + profileID );
LOGGER.error( sessionLabel, () -> "error while testing entry DN for profile '" + profileID + "', error:" + profileID );
}
try
{

6
server/src/main/java/password/pwm/http/servlet/forgottenpw/ForgottenPasswordStateMachine.java
View file

@ -52,7 +52,7 @@ import password.pwm.http.PwmRequestAttribute;
import password.pwm.http.PwmRequestContext;
import password.pwm.http.bean.ForgottenPasswordBean;
import password.pwm.http.bean.ForgottenPasswordStage;
import password.pwm.http.tag.PasswordRequirementsTag;
import password.pwm.util.password.PasswordRequirementViewableRuleGenerator;
import password.pwm.i18n.Display;
import password.pwm.i18n.Message;
import password.pwm.ldap.UserInfoFactory;
@ -242,7 +242,7 @@ public class ForgottenPasswordStateMachine
final PasswordData password2 = PasswordData.forStringValue( formValues.get( PARAM_PASSWORD_CONFIRM ) );
final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy( pwmRequestContext, forgottenPasswordStateMachine.getForgottenPasswordBean().getUserIdentity() );
final boolean caseSensitive = userInfo.getPasswordPolicy().getRuleHelper().readBooleanValue(
final boolean caseSensitive = userInfo.getPasswordPolicy().ruleHelper().readBooleanValue(
PwmPasswordRule.CaseSensitive );
if ( PasswordUtility.PasswordCheckInfo.MatchStatus.MATCH != PasswordUtility.figureMatchStatus( caseSensitive,
password1, password2 ) )
@ -325,7 +325,7 @@ public class ForgottenPasswordStateMachine
.required( true )
.build() );
final List<String> passwordRequirementsList = PasswordRequirementsTag.getPasswordRequirementsStrings(
final List<String> passwordRequirementsList = PasswordRequirementViewableRuleGenerator.generate(
pwmPasswordPolicy,
pwmRequestContext.getDomainConfig(),
pwmRequestContext.getLocale(),

4
server/src/main/java/password/pwm/http/servlet/helpdesk/HelpdeskDetailInfoBean.java
View file

@ -41,7 +41,7 @@ import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.bean.DisplayElement;
import password.pwm.http.servlet.accountinfo.AccountInformationBean;
import password.pwm.http.tag.PasswordRequirementsTag;
import password.pwm.util.password.PasswordRequirementViewableRuleGenerator;
import password.pwm.i18n.Display;
import password.pwm.ldap.UserInfoFactory;
import password.pwm.ldap.ViewableUserInfoDisplayReader;
@ -154,7 +154,7 @@ public class HelpdeskDetailInfoBean
builder.passwordPolicyRules( makePasswordPolicyRules( userInfo, pwmRequest.getLocale(), pwmRequest.getDomainConfig() ) );
{
final List<String> requirementLines = PasswordRequirementsTag.getPasswordRequirementsStrings(
final List<String> requirementLines = PasswordRequirementViewableRuleGenerator.generate(
userInfo.getPasswordPolicy(),
pwmRequest.getDomainConfig(),
pwmRequest.getLocale(),

4
server/src/main/java/password/pwm/http/servlet/newuser/NewUserServlet.java
View file

@ -248,7 +248,7 @@ public class NewUserServlet extends ControlledPwmServlet
{
final Instant startTime = Instant.now();
newUserProfile.getNewUserPasswordPolicy( pwmRequest.getPwmRequestContext() );
LOGGER.trace( () -> "read new user password policy in ", TimeDuration.fromCurrent( startTime ) );
LOGGER.trace( pwmRequest, () -> "read new user password policy in ", TimeDuration.fromCurrent( startTime ) );
}
if ( !newUserBean.isFormPassed() )
@ -478,7 +478,7 @@ public class NewUserServlet extends ControlledPwmServlet
passwordCheckInfo = new PasswordUtility.PasswordCheckInfo( null, true, 0, PasswordUtility.PasswordCheckInfo.MatchStatus.MATCH, 0 );
}
LOGGER.trace( () -> "competed form validation in ", TimeDuration.fromCurrent( startTime ) );
LOGGER.trace( pwmRequest, () -> "competed form validation in ", TimeDuration.fromCurrent( startTime ) );
return passwordCheckInfo;
}

2
server/src/main/java/password/pwm/http/servlet/peoplesearch/PeopleSearchDataReader.java
View file

@ -738,7 +738,7 @@ class PeopleSearchDataReader
}
catch ( final ChaiException e )
{
LOGGER.error( () -> "unexpected error during detail lookup of '" + userIdentity + "', error: " + e.getMessage() );
LOGGER.error( pwmRequest, () -> "unexpected error during detail lookup of '" + userIdentity + "', error: " + e.getMessage() );
throw PwmUnrecoverableException.fromChaiException( e );
}
}

6
server/src/main/java/password/pwm/http/servlet/setupresponses/SetupResponsesServlet.java
View file

@ -47,7 +47,6 @@ import password.pwm.http.bean.SetupResponsesBean;
import password.pwm.http.servlet.ControlledPwmServlet;
import password.pwm.http.servlet.PwmServletDefinition;
import password.pwm.i18n.Message;
import password.pwm.user.UserInfo;
import password.pwm.ldap.auth.AuthenticationType;
import password.pwm.svc.event.AuditEvent;
import password.pwm.svc.event.AuditRecordFactory;
@ -55,6 +54,7 @@ import password.pwm.svc.event.AuditServiceClient;
import password.pwm.svc.event.UserAuditRecord;
import password.pwm.svc.stats.Statistic;
import password.pwm.svc.stats.StatisticsClient;
import password.pwm.user.UserInfo;
import password.pwm.util.java.TimeDuration;
import password.pwm.util.json.JsonFactory;
import password.pwm.util.logging.PwmLogger;
@ -298,7 +298,11 @@ public class SetupResponsesServlet extends ControlledPwmServlet
final Map<Challenge, String> responseMap = readResponsesFromJsonRequest( pwmRequest, setupData );
final int minRandomRequiredSetup = setupData.getMinRandomSetup();
pwmRequest.getPwmDomain().getCrService().validateResponses( challengeSet, responseMap, minRandomRequiredSetup );
final Instant startMakeResponseSet = Instant.now();
SetupResponsesUtil.generateResponseInfoBean( pwmRequest, challengeSet, responseMap, Collections.emptyMap() );
LOGGER.error( pwmRequest, () -> "generated hashed response set in "
+ TimeDuration.fromCurrent( startMakeResponseSet ).asCompactString() );
success = true;
}
catch ( final PwmDataValidationException e )

38
server/src/main/java/password/pwm/http/tag/CurrentUrlTag.java
View file

@ -20,40 +20,24 @@
package password.pwm.http.tag;
import password.pwm.http.JspUtility;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.util.java.StringUtil;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.IOException;
public class CurrentUrlTag extends TagSupport
public class CurrentUrlTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( CurrentUrlTag.class );
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
{
final PwmRequest pwmRequest = JspUtility.getPwmRequest( pageContext );
final String currentUrl = pwmRequest.getUrlWithoutQueryString();
pageContext.getOut().write( StringUtil.escapeHtml( currentUrl ) );
}
catch ( final Exception e )
{
try
{
pageContext.getOut().write( "errorGeneratingCurrentURL" );
}
catch ( final IOException e1 )
{
/* ignore */
}
LOGGER.error( () -> "error during CurrentUrl output: " + e.getMessage(), e );
}
return EVAL_PAGE;
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
return pwmRequest.getUrlWithoutQueryString();
}
}

119
server/src/main/java/password/pwm/http/tag/DisplayTag.java
View file

@ -20,23 +20,13 @@
package password.pwm.http.tag;
import password.pwm.PwmConstants;
import password.pwm.config.DomainConfig;
import password.pwm.error.PwmException;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.i18n.Display;
import password.pwm.i18n.PwmDisplayBundle;
import password.pwm.i18n.PwmLocaleBundle;
import password.pwm.util.i18n.LocaleHelper;
import password.pwm.util.logging.PwmLogger;
import password.pwm.util.macro.MacroRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import java.util.Locale;
import java.util.MissingResourceException;
/**
* @author Jason D. Rivard
*/
@ -112,101 +102,34 @@ public class DisplayTag extends PwmAbstractTag
}
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
PwmRequest pwmRequest = null;
try
{
try
{
pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(), ( HttpServletResponse ) pageContext.getResponse() );
}
catch ( final PwmException e )
{
/* noop */
}
final Locale locale = pwmRequest == null ? PwmConstants.DEFAULT_LOCALE : pwmRequest.getLocale();
final Class bundle = readBundle();
String displayMessage = figureDisplayMessage( locale, pwmRequest == null ? null : pwmRequest.getDomainConfig(), bundle );
if ( pwmRequest != null )
{
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
displayMessage = macroRequest.expandMacros( displayMessage );
}
pageContext.getOut().write( displayMessage );
}
catch ( final PwmUnrecoverableException e )
{
LOGGER.error( pwmRequest, () -> "error while executing jsp display tag: " + e.getMessage() );
return EVAL_PAGE;
}
catch ( final Exception e )
{
LOGGER.error( pwmRequest, () -> "error while executing jsp display tag: " + e.getMessage(), e );
throw new JspTagException( e.getMessage(), e );
}
return EVAL_PAGE;
return LOGGER;
}
private Class<?> readBundle( )
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
if ( bundle == null || bundle.length() < 1 )
{
return Display.class;
}
try
{
return Class.forName( bundle );
}
catch ( final ClassNotFoundException e )
{
/* no op */
}
final PwmLocaleBundle pwmBundle = PwmLocaleBundle.forKey( bundle ).orElse( PwmLocaleBundle.DISPLAY );
try
{
return Class.forName( Display.class.getPackage().getName() + "." + bundle );
}
catch ( final ClassNotFoundException e )
{
/* no op */
}
final String[] valueArray = new String[]
{
value1,
value2,
value3,
};
return Display.class;
}
final String rawMessage = LocaleHelper.getLocalizedMessage(
pwmRequest.getLocale(),
key,
pwmRequest.getDomainConfig(),
pwmBundle.getTheClass(),
valueArray );
private String figureDisplayMessage( final Locale locale, final DomainConfig config, final Class<? extends PwmDisplayBundle> bundleClass )
{
try
{
return LocaleHelper.getLocalizedMessage(
locale == null ? PwmConstants.DEFAULT_LOCALE : locale,
key,
config,
bundleClass,
new String[]
{
value1,
value2,
value3,
}
);
}
catch ( final MissingResourceException e )
{
if ( !displayIfMissing )
{
LOGGER.info( () -> "error while executing jsp display tag: " + e.getMessage() );
}
}
return displayIfMissing ? key : "";
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
return macroRequest.expandMacros( rawMessage );
}
}

98
server/src/main/java/password/pwm/http/tag/ErrorMessageTag.java
View file

@ -21,88 +21,66 @@
package password.pwm.http.tag;
import password.pwm.AppProperty;
import password.pwm.PwmApplication;
import password.pwm.error.ErrorInformation;
import password.pwm.error.PwmException;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.ContextManager;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmRequestAttribute;
import password.pwm.util.java.StringUtil;
import password.pwm.util.logging.PwmLogger;
import password.pwm.util.macro.MacroRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
/**
* @author Jason D. Rivard
*/
public class ErrorMessageTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( ErrorMessageTag.class );
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
final ErrorInformation error = ( ErrorInformation ) pwmRequest.getAttribute( PwmRequestAttribute.PwmErrorInfo );
if ( error == null )
{
final PwmRequest pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(), ( HttpServletResponse ) pageContext.getResponse() );
PwmApplication pwmApplication = null;
try
{
pwmApplication = ContextManager.getPwmApplication( pageContext.getRequest() );
}
catch ( final PwmException e )
{
/* noop */
}
if ( pwmRequest == null || pwmApplication == null )
{
return EVAL_PAGE;
}
final ErrorInformation error = ( ErrorInformation ) pwmRequest.getAttribute( PwmRequestAttribute.PwmErrorInfo );
if ( error != null )
{
final boolean allowHtml = Boolean.parseBoolean( pwmRequest.getDomainConfig().readAppProperty( AppProperty.HTTP_ERRORS_ALLOW_HTML ) );
final boolean showErrorDetail = pwmRequest.getPwmDomain().determineIfDetailErrorMsgShown();
String outputMsg = error.toUserStr( pwmRequest.getLocale(), pwmRequest.getDomainConfig() );
if ( !allowHtml )
{
outputMsg = StringUtil.escapeHtml( outputMsg );
}
if ( showErrorDetail )
{
final String errorDetail = error.toDebugStr() == null ? "" : " { " + error.toDebugStr() + " }";
// detail should always be escaped - it may contain untrusted data
outputMsg += "<span class='errorDetail'>" + StringUtil.escapeHtml( errorDetail ) + "</span>";
}
outputMsg = outputMsg.replace( "\n", "<br/>" );
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
outputMsg = macroRequest.expandMacros( outputMsg );
pageContext.getOut().write( outputMsg );
}
return "";
}
catch ( final PwmUnrecoverableException e )
final boolean allowHtml = Boolean.parseBoolean(
pwmRequest.getDomainConfig().readAppProperty( AppProperty.HTTP_ERRORS_ALLOW_HTML ) );
final boolean showErrorDetail = pwmRequest.getPwmDomain().determineIfDetailErrorMsgShown();
String outputMsg = error.toUserStr( pwmRequest.getLocale(), pwmRequest.getDomainConfig() );
if ( !allowHtml )
{
/* app not running */
outputMsg = StringUtil.escapeHtml( outputMsg );
}
catch ( final Exception e )
if ( showErrorDetail )
{
LOGGER.error( () -> "error executing error message tag: " + e.getMessage(), e );
throw new JspTagException( e.getMessage() );
final String errorDetail = error.toDebugStr() == null
? ""
: " { " + error.toDebugStr() + " }";
// detail should always be escaped - it may contain untrusted data
outputMsg += "<span class='errorDetail'>"
+ StringUtil.escapeHtml( errorDetail )
+ "</span>";
}
return EVAL_PAGE;
outputMsg = outputMsg.replace( "\n", "<br/>" );
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
outputMsg = macroRequest.expandMacros( outputMsg );
return outputMsg;
}
}

45
server/src/main/java/password/pwm/http/tag/PasswordChangeMessageTag.java
View file

@ -21,51 +21,40 @@
package password.pwm.http.tag;
import password.pwm.config.profile.PwmPasswordPolicy;
import password.pwm.error.PwmException;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.util.logging.PwmLogger;
import password.pwm.util.macro.MacroRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.IOException;
import java.util.Optional;
/**
* @author Jason D. Rivard
*/
public class PasswordChangeMessageTag extends TagSupport
public class PasswordChangeMessageTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PasswordChangeMessageTag.class );
@Override
protected PwmLogger getLogger()
{
return LOGGER;
}
@Override
public int doEndTag( )
throws JspTagException
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
try
final PwmPasswordPolicy pwmPasswordPolicy = PasswordRequirementsTag.readPasswordPolicy( pwmRequest );
final Optional<String> passwordPolicyChangeMessage = pwmPasswordPolicy.getChangeMessage( pwmRequest.getLocale() );
if ( passwordPolicyChangeMessage.isPresent() )
{
final PwmRequest pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(), ( HttpServletResponse ) pageContext.getResponse() );
final PwmPasswordPolicy pwmPasswordPolicy = PasswordRequirementsTag.readPasswordPolicy( pwmRequest );
final Optional<String> passwordPolicyChangeMessage = pwmPasswordPolicy.getChangeMessage( pwmRequest.getLocale() );
if ( passwordPolicyChangeMessage.isPresent() )
{
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
final String expandedMessage = macroRequest.expandMacros( passwordPolicyChangeMessage.get() );
pageContext.getOut().write( expandedMessage );
}
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
return macroRequest.expandMacros( passwordPolicyChangeMessage.get() );
}
catch ( final IOException | PwmException e )
{
LOGGER.error( () -> "unexpected error during password change message generation: " + e.getMessage(), e );
throw new JspTagException( e.getMessage() );
}
return EVAL_PAGE;
return "";
}
}

569
server/src/main/java/password/pwm/http/tag/PasswordRequirementsTag.java
View file

@ -20,522 +20,34 @@
package password.pwm.http.tag;
import lombok.Value;
import password.pwm.PwmDomain;
import password.pwm.config.DomainConfig;
import password.pwm.config.option.ADPolicyComplexity;
import password.pwm.config.profile.NewUserProfile;
import password.pwm.config.profile.PwmPasswordPolicy;
import password.pwm.config.profile.PwmPasswordRule;
import password.pwm.error.PwmError;
import password.pwm.error.PwmException;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmSession;
import password.pwm.http.servlet.PwmServletDefinition;
import password.pwm.http.servlet.newuser.NewUserServlet;
import password.pwm.i18n.Display;
import password.pwm.i18n.Message;
import password.pwm.util.i18n.LocaleHelper;
import password.pwm.util.java.StringUtil;
import password.pwm.util.logging.PwmLogger;
import password.pwm.util.macro.MacroRequest;
import password.pwm.util.password.PasswordRuleReaderHelper;
import password.pwm.util.password.PasswordRequirementViewableRuleGenerator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.MissingResourceException;
import java.util.Optional;
/**
* @author Jason D. Rivard
*/
public class PasswordRequirementsTag extends TagSupport
public class PasswordRequirementsTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PasswordRequirementsTag.class );
private String separator;
private String prepend;
private String form;
public static List<String> getPasswordRequirementsStrings(
final PwmPasswordPolicy passwordPolicy,
final DomainConfig config,
final Locale locale,
final MacroRequest macroRequest
)
{
final List<String> ruleTexts = new ArrayList<>( );
final PolicyValues policyValues = new PolicyValues( passwordPolicy, passwordPolicy.getRuleHelper(), locale, config, macroRequest );
for ( final RuleTextGenerator ruleTextGenerator : RULE_TEXT_GENERATORS )
{
ruleTexts.addAll( ruleTextGenerator.generate( policyValues ) );
}
return Collections.unmodifiableList( ruleTexts );
}
private static final List<RuleTextGenerator> RULE_TEXT_GENERATORS = List.of(
new CaseSensitiveRuleTextGenerator(),
new MinLengthRuleTextGenerator(),
new MaxLengthRuleTextGenerator(),
new MinAlphaRuleTextGenerator(),
new MaxAlphaRuleTextGenerator(),
new NumericCharsRuleTextGenerator(),
new SpecialCharsRuleTextGenerator(),
new MaximumRepeatRuleTextGenerator(),
new MaximumSequentialRepeatRuleTextGenerator(),
new MinimumLowerRuleTextGenerator(),
new MaximumLowerRuleTextGenerator(),
new MinimumUpperRuleTextGenerator(),
new MaximumUpperRuleTextGenerator(),
new MinimumUniqueRuleTextGenerator(),
new DisallowedValuesRuleTextGenerator(),
new WordlistRuleTextGenerator(),
new DisallowedAttributesRuleTextGenerator(),
new MaximumOldCharsRuleTextGenerator(),
new MinimumLifetimeRuleTextGenerator(),
new ADRuleTextGenerator(),
new UniqueRequiredRuleTextGenerator() );
private interface RuleTextGenerator
{
List<String> generate( PolicyValues policyValues );
}
@Value
private static class PolicyValues
{
private PwmPasswordPolicy passwordPolicy;
private PasswordRuleReaderHelper ruleHelper;
private Locale locale;
private DomainConfig config;
private MacroRequest macroRequest;
}
private static class CaseSensitiveRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
if ( policyValues.getRuleHelper().readBooleanValue( PwmPasswordRule.CaseSensitive ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_CaseSensitive, null, policyValues ) );
}
else
{
return Collections.singletonList( getLocalString( Message.Requirement_NotCaseSensitive, null, policyValues ) );
}
}
}
private static class MinLengthRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLength );
final ADPolicyComplexity adPolicyLevel = policyValues.getRuleHelper().getADComplexityLevel();
if ( adPolicyLevel == ADPolicyComplexity.AD2003 || adPolicyLevel == ADPolicyComplexity.AD2008 )
{
if ( value < 6 )
{
value = 6;
}
}
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinLength, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MaxLengthRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MaximumLength );
if ( value > 0 && value < 64 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxLength, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MinAlphaRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MinimumAlpha );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinAlpha, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MaxAlphaRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MaximumAlpha );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxAlpha, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class NumericCharsRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final PasswordRuleReaderHelper ruleHelper = policyValues.getRuleHelper();
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowNumeric ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_AllowNumeric, null, policyValues ) );
}
else
{
final List<String> returnValues = new ArrayList<>( );
final int minValue = ruleHelper.readIntValue( PwmPasswordRule.MinimumNumeric );
if ( minValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MinNumeric, minValue, policyValues ) );
}
final int maxValue = ruleHelper.readIntValue( PwmPasswordRule.MaximumNumeric );
if ( maxValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MaxNumeric, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowFirstCharNumeric ) )
{
returnValues.add( getLocalString( Message.Requirement_FirstNumeric, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowLastCharNumeric ) )
{
returnValues.add( getLocalString( Message.Requirement_LastNumeric, maxValue, policyValues ) );
}
return returnValues;
}
}
}
private static class SpecialCharsRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final PasswordRuleReaderHelper ruleHelper = policyValues.getRuleHelper();
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowSpecial ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_AllowSpecial, null, policyValues ) );
}
else
{
final List<String> returnValues = new ArrayList<>( );
final int minValue = ruleHelper.readIntValue( PwmPasswordRule.MinimumSpecial );
if ( minValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MinSpecial, minValue, policyValues ) );
}
final int maxValue = ruleHelper.readIntValue( PwmPasswordRule.MaximumSpecial );
if ( maxValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MaxSpecial, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowFirstCharSpecial ) )
{
returnValues.add( getLocalString( Message.Requirement_FirstSpecial, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowLastCharSpecial ) )
{
returnValues.add( getLocalString( Message.Requirement_LastSpecial, maxValue, policyValues ) );
}
return Collections.unmodifiableList( returnValues );
}
}
}
private static class MaximumRepeatRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MaximumRepeat );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxRepeat, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MaximumSequentialRepeatRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MaximumSequentialRepeat );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxSeqRepeat, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MinimumLowerRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLowerCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinLower, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MaximumLowerRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MaximumLowerCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxLower, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MinimumUpperRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MinimumUpperCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinUpper, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MaximumUpperRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MaximumUpperCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxUpper, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MinimumUniqueRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MinimumUnique );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinUnique, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class DisallowedValuesRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final List<String> setValue = policyValues.getRuleHelper().getDisallowedValues();
if ( !setValue.isEmpty() )
{
final StringBuilder fieldValue = new StringBuilder();
for ( final String loopValue : setValue )
{
fieldValue.append( ' ' );
final String expandedValue = policyValues.getMacroRequest().expandMacros( loopValue );
fieldValue.append( StringUtil.escapeHtml( expandedValue ) );
}
return Collections.singletonList( getLocalString( Message.Requirement_DisAllowedValues, fieldValue.toString(), policyValues ) );
}
return Collections.emptyList();
}
}
private static class WordlistRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
if ( policyValues.getRuleHelper().readBooleanValue( PwmPasswordRule.EnableWordlist ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_WordList, "", policyValues ) );
}
return Collections.emptyList();
}
}
private static class DisallowedAttributesRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final List<String> setValue = policyValues.getRuleHelper().getDisallowedAttributes();
final ADPolicyComplexity adPolicyLevel = policyValues.getRuleHelper().getADComplexityLevel();
if ( !setValue.isEmpty() || adPolicyLevel == ADPolicyComplexity.AD2003 )
{
return Collections.singletonList( getLocalString( Message.Requirement_DisAllowedAttributes, "", policyValues ) );
}
return Collections.emptyList();
}
}
private static class MaximumOldCharsRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MaximumOldChars );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_OldChar, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static class MinimumLifetimeRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final int value = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
if ( value <= 0 )
{
return Collections.emptyList();
}
final int secondsPerDay = 60 * 60 * 24;
final String durationStr;
if ( value % secondsPerDay == 0 )
{
final int valueAsDays = value / ( 60 * 60 * 24 );
final Display key = valueAsDays <= 1 ? Display.Display_Day : Display.Display_Days;
durationStr = valueAsDays + " " + LocaleHelper.getLocalizedMessage( policyValues.getLocale(), key, policyValues.getConfig() );
}
else
{
final int valueAsHours = value / ( 60 * 60 );
final Display key = valueAsHours <= 1 ? Display.Display_Hour : Display.Display_Hours;
durationStr = valueAsHours + " " + LocaleHelper.getLocalizedMessage( policyValues.getLocale(), key, policyValues.getConfig() );
}
final String userMsg = Message.getLocalizedMessage( policyValues.getLocale(), Message.Requirement_MinimumFrequency, policyValues.getConfig(), durationStr );
return Collections.singletonList( userMsg );
}
}
private static class ADRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
final ADPolicyComplexity adPolicyLevel = policyValues.getRuleHelper().getADComplexityLevel();
if ( adPolicyLevel == ADPolicyComplexity.AD2003 )
{
return Collections.singletonList( getLocalString( Message.Requirement_ADComplexity, "", policyValues ) );
}
else if ( adPolicyLevel == ADPolicyComplexity.AD2008 )
{
final int maxViolations = policyValues.getRuleHelper().readIntValue( PwmPasswordRule.ADComplexityMaxViolations );
final int minGroups = 5 - maxViolations;
return Collections.singletonList( getLocalString( Message.Requirement_ADComplexity2008, String.valueOf( minGroups ), policyValues ) );
}
return Collections.emptyList();
}
}
private static class UniqueRequiredRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final PolicyValues policyValues )
{
if ( policyValues.getRuleHelper().readBooleanValue( PwmPasswordRule.UniqueRequired ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_UniqueRequired, "", policyValues ) );
}
return Collections.emptyList();
}
}
private static String getLocalString( final Message message, final int size, final PolicyValues policyValues )
{
final Message effectiveMessage = size > 1 && message.getPluralMessage() != null
? message.getPluralMessage()
: message;
try
{
return Message.getLocalizedMessage( policyValues.getLocale(), effectiveMessage, policyValues.getConfig(), String.valueOf( size ) );
}
catch ( final MissingResourceException e )
{
LOGGER.error( () -> "unable to display requirement tag for message '" + message.toString() + "': " + e.getMessage() );
}
return "UNKNOWN MESSAGE STRING";
}
private static String getLocalString( final Message message, final String field, final PolicyValues policyValues )
{
try
{
return Message.getLocalizedMessage( policyValues.getLocale(), message, policyValues.getConfig(), field );
}
catch ( final MissingResourceException e )
{
LOGGER.error( () -> "unable to display requirement tag for message '" + message.toString() + "': " + e.getMessage() );
}
return "UNKNOWN MESSAGE STRING";
}
public String getSeparator( )
{
return separator;
@ -567,51 +79,48 @@ public class PasswordRequirementsTag extends TagSupport
}
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
final DomainConfig config = pwmDomain.getConfig();
final Locale locale = pwmSession.getSessionStateBean().getLocale();
pwmRequest.getMacroMachine( );
final PwmPasswordPolicy passwordPolicy = readPasswordPolicy( pwmRequest );
final Optional<String> configuredRuleText = passwordPolicy.getRuleText( pwmRequest.getLocale() );
if ( configuredRuleText.isPresent() )
{
final PwmRequest pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(), ( HttpServletResponse ) pageContext.getResponse() );
final PwmSession pwmSession = pwmRequest.getPwmSession();
final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
final DomainConfig config = pwmDomain.getConfig();
final Locale locale = pwmSession.getSessionStateBean().getLocale();
pwmRequest.getMacroMachine( );
final PwmPasswordPolicy passwordPolicy = readPasswordPolicy( pwmRequest );
final Optional<String> configuredRuleText = passwordPolicy.getRuleText( pwmRequest.getLocale() );
if ( configuredRuleText.isPresent() )
{
pageContext.getOut().write( configuredRuleText.get() );
}
else
{
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
final String pre = prepend != null && prepend.length() > 0 ? prepend : "";
final String sep = separator != null && separator.length() > 0 ? separator : "<br/>";
final List<String> requirementsList = getPasswordRequirementsStrings( passwordPolicy, config, locale, macroRequest );
final StringBuilder requirementsText = new StringBuilder();
for ( final String requirementStatement : requirementsList )
{
requirementsText.append( pre );
requirementsText.append( requirementStatement );
requirementsText.append( sep );
}
pageContext.getOut().write( requirementsText.toString() );
}
return configuredRuleText.get();
}
catch ( final IOException | PwmException e )
else
{
LOGGER.error( () -> "unexpected error during password requirements generation: " + e.getMessage(), e );
throw new JspTagException( e.getMessage() );
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
final String pre = prepend != null && prepend.length() > 0 ? prepend : "";
final String sep = separator != null && separator.length() > 0 ? separator : "<br/>";
final List<String> requirementsList = PasswordRequirementViewableRuleGenerator
.generate( passwordPolicy, config, locale, macroRequest );
final StringBuilder requirementsText = new StringBuilder();
for ( final String requirementStatement : requirementsList )
{
requirementsText.append( pre );
requirementsText.append( requirementStatement );
requirementsText.append( sep );
}
return requirementsText.toString();
}
return EVAL_PAGE;
}
static PwmPasswordPolicy readPasswordPolicy( final PwmRequest pwmRequest )

44
server/src/main/java/password/pwm/http/tag/PwmAbstractTag.java
View file

@ -20,6 +20,14 @@
package password.pwm.http.tag;
import password.pwm.PwmApplicationMode;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.tagext.TagSupport;
/**
@ -27,5 +35,41 @@ import javax.servlet.jsp.tagext.TagSupport;
*/
public abstract class PwmAbstractTag extends TagSupport
{
@Override
public int doEndTag( )
throws JspTagException
{
if ( PwmApplicationMode.determineMode( ( HttpServletRequest ) pageContext.getRequest() ) == PwmApplicationMode.ERROR )
{
return EVAL_PAGE;
}
try
{
final HttpServletRequest req = ( HttpServletRequest ) pageContext.getRequest();
final PwmRequest pwmRequest = PwmRequest.forRequest( req, ( HttpServletResponse ) pageContext.getResponse() );
try
{
final String contents = generateTagBodyContents( pwmRequest );
pageContext.getOut().write( contents );
}
catch ( final Throwable e )
{
getLogger().error( pwmRequest, () -> "error processing JSP tag "
+ this.getClass().getName()
+ ", error: " + e.getMessage(), e );
}
}
catch ( final Throwable e )
{
throw new JspTagException( e.getMessage(), e );
}
return EVAL_PAGE;
}
protected abstract PwmLogger getLogger();
protected abstract String generateTagBodyContents( PwmRequest pwmRequest )
throws PwmUnrecoverableException;
}

37
server/src/main/java/password/pwm/http/tag/PwmAutofocusTag.java
View file

@ -20,30 +20,31 @@
package password.pwm.http.tag;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.tagext.TagSupport;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmRequestAttribute;
import password.pwm.util.logging.PwmLogger;
public class PwmAutofocusTag extends TagSupport
public class PwmAutofocusTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmAutofocusTag.class );
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
if ( pwmRequest.getAttribute( PwmRequestAttribute.JspAutofocusStatus ) == null )
{
final HttpServletRequest req = ( HttpServletRequest ) pageContext.getRequest();
if ( req.getAttribute( "autoFocusHasBeenSet" ) == null )
{
pageContext.getOut().write( "autofocus=\"autofocus\" " );
req.setAttribute( "autoFocusHasBeenSet", true );
}
pwmRequest.setAttribute( PwmRequestAttribute.JspAutofocusStatus, true );
return "autofocus=\"autofocus\" ";
}
catch ( final Exception e )
{
throw new JspTagException( e.getMessage() );
}
return EVAL_PAGE;
return "";
}
}

33
server/src/main/java/password/pwm/http/tag/PwmContextTag.java
View file

@ -20,33 +20,24 @@
package password.pwm.http.tag;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.tagext.TagSupport;
public class PwmContextTag extends TagSupport
public class PwmContextTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmContextTag.class );
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
{
final HttpServletRequest req = ( HttpServletRequest ) pageContext.getRequest();
final HttpServletResponse resp = ( HttpServletResponse ) pageContext.getResponse();
return LOGGER;
}
final PwmRequest pwmRequest = PwmRequest.forRequest( req, resp );
final String path = pwmRequest.getBasePath();
pageContext.getOut().write( path );
}
catch ( final Exception e )
{
throw new JspTagException( e.getMessage() );
}
return EVAL_PAGE;
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
return pwmRequest.getBasePath();
}
}

67
server/src/main/java/password/pwm/http/tag/PwmFormIDTag.java
View file

@ -20,41 +20,35 @@
package password.pwm.http.tag;
import password.pwm.PwmDomain;
import password.pwm.PwmApplicationMode;
import password.pwm.bean.FormNonce;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.JspUtility;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmSession;
import password.pwm.http.state.SessionStateService;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.IOException;
import java.time.Instant;
public class PwmFormIDTag extends TagSupport
public class PwmFormIDTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmFormIDTag.class );
@Override
protected PwmLogger getLogger()
{
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
return buildPwmFormID( pwmRequest );
}
private static String buildPwmFormID( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
{
if ( pwmRequest == null || pwmRequest.getPwmDomain() == null )
{
return "";
}
final PwmDomain pwmDomain = pwmRequest.getPwmDomain();
if ( pwmDomain == null )
{
return "";
}
final SessionStateService sessionStateService = pwmDomain.getSessionStateService();
final SessionStateService sessionStateService = pwmRequest.getPwmDomain().getSessionStateService();
final String value = sessionStateService.getSessionStateInfo( pwmRequest );
final PwmSession pwmSession = pwmRequest.getPwmSession();
final FormNonce formID = new FormNonce(
@ -65,35 +59,4 @@ public class PwmFormIDTag extends TagSupport
);
return pwmRequest.getPwmDomain().getSecureService().encryptObjectToString( formID );
}
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
{
if ( PwmApplicationMode.determineMode( ( HttpServletRequest ) pageContext.getRequest() ) == PwmApplicationMode.ERROR )
{
return EVAL_PAGE;
}
try
{
final PwmRequest pwmRequest = JspUtility.getPwmRequest( pageContext );
final String pwmFormID = buildPwmFormID( pwmRequest );
pageContext.getOut().write( pwmFormID );
}
catch ( final Exception e )
{
try
{
pageContext.getOut().write( "errorGeneratingPwmFormID" );
}
catch ( final IOException e1 )
{
/* ignore */
}
LOGGER.error( () -> "error during pwmFormIDTag output of pwmFormID: " + e.getMessage(), e );
}
return EVAL_PAGE;
}
}

37
server/src/main/java/password/pwm/http/tag/PwmMacroTag.java
View file

@ -25,18 +25,13 @@ import password.pwm.http.PwmRequest;
import password.pwm.util.logging.PwmLogger;
import password.pwm.util.macro.MacroRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.tagext.TagSupport;
public class PwmMacroTag extends TagSupport
public class PwmMacroTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmMacroTag.class );
private String value;
public String getValue( )
public String getValue()
{
return value;
}
@ -47,24 +42,16 @@ public class PwmMacroTag extends TagSupport
}
@Override
public int doEndTag( )
throws JspTagException
protected PwmLogger getLogger()
{
try
{
final PwmRequest pwmRequest = PwmRequest.forRequest( ( HttpServletRequest ) pageContext.getRequest(), ( HttpServletResponse ) pageContext.getResponse() );
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
final String outputValue = macroRequest.expandMacros( value );
pageContext.getOut().write( outputValue );
}
catch ( final PwmUnrecoverableException e )
{
LOGGER.error( () -> "error while processing PwmMacroTag: " + e.getMessage() );
}
catch ( final Exception e )
{
throw new JspTagException( e.getMessage(), e );
}
return EVAL_PAGE;
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
final MacroRequest macroRequest = pwmRequest.getMacroMachine();
return macroRequest.expandMacros( value );
}
}

45
server/src/main/java/password/pwm/http/tag/PwmScriptRefTag.java
View file

@ -20,14 +20,12 @@
package password.pwm.http.tag;
import password.pwm.http.JspUtility;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.tag.url.PwmUrlTag;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.jsp.tagext.TagSupport;
public class PwmScriptRefTag extends TagSupport
public class PwmScriptRefTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmScriptRefTag.class );
@ -45,27 +43,26 @@ public class PwmScriptRefTag extends TagSupport
}
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
{
final PwmRequest pwmRequest = JspUtility.getPwmRequest( pageContext );
final String cspNonce = pwmRequest.getCspNonce();
String url = getUrl();
url = PwmUrlTag.convertUrl( url );
url = PwmUrlTag.insertContext( pageContext, url );
url = PwmUrlTag.insertResourceNonce( pwmRequest.getPwmDomain(), url );
final String output = "<script type=\"text/javascript\" nonce=\"" + cspNonce + "\" src=\"" + url + "\"></script><noscript></noscript>";
pageContext.getOut().write( output );
}
catch ( final Exception e )
{
LOGGER.error( () -> "error during scriptRef output of pwmFormID: " + e.getMessage() );
}
return EVAL_PAGE;
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
final String cspNonce = pwmRequest.getCspNonce();
String url = getUrl();
url = PwmUrlTag.convertUrl( url );
url = PwmUrlTag.insertContext( pageContext, url );
url = PwmUrlTag.insertResourceNonce( pwmRequest.getPwmDomain(), url );
return "<script type=\"text/javascript\" nonce=\""
+ cspNonce
+ "\" src=\""
+ url
+ "\"></script><noscript></noscript>";
}
}

42
server/src/main/java/password/pwm/http/tag/PwmTabIndexTag.java
View file

@ -20,42 +20,28 @@
package password.pwm.http.tag;
import password.pwm.http.JspUtility;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmRequestAttribute;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.IOException;
public class PwmTabIndexTag extends TagSupport
public class PwmTabIndexTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmTabIndexTag.class );
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
{
final PwmRequest pwmRequest = JspUtility.getPwmRequest( pageContext );
final Integer currentCounter = (Integer) pwmRequest.getAttribute( PwmRequestAttribute.JspIndexTabCounter );
final int nextCounter = currentCounter == null ? 1 : currentCounter + 1;
pageContext.getOut().write( String.valueOf( nextCounter ) );
pwmRequest.setAttribute( PwmRequestAttribute.JspIndexTabCounter, nextCounter );
}
catch ( final Exception e )
{
try
{
pageContext.getOut().write( "" );
}
catch ( final IOException e1 )
{
/* ignore */
}
LOGGER.error( () -> "error during PwmTabIndexTag output: " + e.getMessage(), e );
}
return EVAL_PAGE;
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
final Integer currentCounter = (Integer) pwmRequest.getAttribute( PwmRequestAttribute.JspIndexTabCounter );
final int nextCounter = currentCounter == null ? 1 : currentCounter + 1;
pwmRequest.setAttribute( PwmRequestAttribute.JspIndexTabCounter, nextCounter );
return String.valueOf( nextCounter );
}
}

43
server/src/main/java/password/pwm/http/tag/PwmTextFileTag.java
View file

@ -20,17 +20,15 @@
package password.pwm.http.tag;
import password.pwm.http.JspUtility;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.servlet.resource.TextFileResource;
import password.pwm.http.tag.value.PwmValueTag;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.IOException;
import java.util.Optional;
public class PwmTextFileTag extends TagSupport
public class PwmTextFileTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmValueTag.class );
@ -47,37 +45,22 @@ public class PwmTextFileTag extends TagSupport
}
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
if ( textFileResource == null )
{
return EVAL_PAGE;
return "";
}
try
{
final PwmRequest pwmRequest = JspUtility.getPwmRequest( pageContext );
final Optional<String> output = TextFileResource.readTextFileResource( pwmRequest, getTextFileResource() );
final Optional<String> output = TextFileResource.readTextFileResource( pwmRequest, getTextFileResource() );
if ( output.isPresent() )
{
pageContext.getOut().write( output.get() );
}
}
catch ( final Exception e )
{
try
{
pageContext.getOut().write( "errorGeneratingPwmFormID" );
}
catch ( final IOException e1 )
{
/* ignore */
}
LOGGER.error( () -> "error during PwmTextFileTag output of PwmTextFileTag: " + e.getMessage(), e );
}
return EVAL_PAGE;
return output.orElse( "" );
}
}

56
server/src/main/java/password/pwm/http/tag/SuccessMessageTag.java
View file

@ -20,57 +20,45 @@
package password.pwm.http.tag;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmRequestAttribute;
import password.pwm.i18n.Message;
import password.pwm.util.java.StringUtil;
import password.pwm.util.logging.PwmLogger;
import password.pwm.util.macro.MacroRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
/**
* @author Jason D. Rivard
*/
public class SuccessMessageTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( SuccessMessageTag.class );
@Override
public int doEndTag( )
throws javax.servlet.jsp.JspTagException
protected PwmLogger getLogger()
{
try
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
final String successMsg = ( String ) pwmRequest.getAttribute( PwmRequestAttribute.SuccessMessage );
if ( StringUtil.isEmpty( successMsg ) )
{
final HttpServletRequest req = ( HttpServletRequest ) pageContext.getRequest();
final PwmRequest pwmRequest = PwmRequest.forRequest( req, ( HttpServletResponse ) pageContext.getResponse() );
final String successMsg = ( String ) pwmRequest.getAttribute( PwmRequestAttribute.SuccessMessage );
final String outputMsg;
if ( successMsg == null || successMsg.isEmpty() )
{
outputMsg = Message.getLocalizedMessage( pwmRequest.getLocale(), Message.Success_Unknown, pwmRequest.getDomainConfig() );
}
else
{
if ( pwmRequest.isAuthenticated() )
{
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
outputMsg = macroRequest.expandMacros( successMsg );
}
else
{
outputMsg = successMsg;
}
}
pageContext.getOut().write( outputMsg );
return Message.getLocalizedMessage( pwmRequest.getLocale(), Message.Success_Unknown, pwmRequest.getDomainConfig() );
}
catch ( final Exception e )
if ( pwmRequest.isAuthenticated() )
{
throw new JspTagException( e.getMessage() );
final MacroRequest macroRequest = pwmRequest.getMacroMachine( );
return macroRequest.expandMacros( successMsg );
}
return EVAL_PAGE;
return successMsg;
}
}

46
server/src/main/java/password/pwm/http/tag/UserInfoTag.java
View file

@ -20,19 +20,18 @@
package password.pwm.http.tag;
import password.pwm.http.JspUtility;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmSession;
import password.pwm.util.java.StringUtil;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.tagext.TagSupport;
import password.pwm.util.logging.PwmLogger;
/**
* @author Jason D. Rivard
*/
public class UserInfoTag extends TagSupport
public class UserInfoTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( UserInfoTag.class );
private String attribute;
public void setAttribute( final String attribute )
@ -41,24 +40,25 @@ public class UserInfoTag extends TagSupport
}
@Override
public int doEndTag( )
throws JspTagException
protected PwmLogger getLogger()
{
try
{
final PwmRequest pwmRequest = JspUtility.getPwmRequest( pageContext );
final PwmSession pwmSession = pwmRequest.getPwmSession();
if ( pwmSession.isAuthenticated() )
{
final String ldapValue = pwmSession.getUserInfo().readStringAttribute( attribute );
pageContext.getOut().write( StringUtil.escapeHtml( ldapValue == null ? "" : ldapValue ) );
}
}
catch ( final Exception e )
{
throw new JspTagException( e.getMessage() );
}
return EVAL_PAGE;
return LOGGER;
}
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
if ( pwmRequest.isAuthenticated() )
{
final String ldapValue = pwmRequest.getPwmSession().getUserInfo()
.readStringAttribute( attribute );
return StringUtil.escapeHtml( ldapValue == null ? "" : ldapValue );
}
return "";
}
}

6
server/src/main/java/password/pwm/http/tag/url/PwmUrlTag.java
View file

@ -21,23 +21,23 @@
package password.pwm.http.tag.url;
import password.pwm.AppProperty;
import password.pwm.PwmDomain;
import password.pwm.PwmConstants;
import password.pwm.PwmDomain;
import password.pwm.bean.LocalSessionStateBean;
import password.pwm.config.PwmSetting;
import password.pwm.error.PwmException;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmRequestFlag;
import password.pwm.http.servlet.resource.ResourceFileServlet;
import password.pwm.http.tag.PwmAbstractTag;
import password.pwm.util.java.StringUtil;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.PageContext;
import javax.servlet.jsp.tagext.TagSupport;
public class PwmUrlTag extends PwmAbstractTag
public class PwmUrlTag extends TagSupport
{
private String url;

55
server/src/main/java/password/pwm/http/tag/value/PwmValueTag.java
View file

@ -20,22 +20,17 @@
package password.pwm.http.tag.value;
import password.pwm.PwmApplicationMode;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.PwmRequest;
import password.pwm.http.tag.PwmAbstractTag;
import password.pwm.util.java.StringUtil;
import password.pwm.util.logging.PwmLogger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.jsp.JspTagException;
import javax.servlet.jsp.PageContext;
import javax.servlet.jsp.tagext.TagSupport;
/**
* @author Jason D. Rivard
*/
public class PwmValueTag extends TagSupport
public class PwmValueTag extends PwmAbstractTag
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PwmValueTag.class );
@ -52,42 +47,19 @@ public class PwmValueTag extends TagSupport
}
@Override
public int doEndTag( )
throws JspTagException
protected PwmLogger getLogger()
{
if ( PwmApplicationMode.determineMode( ( HttpServletRequest ) pageContext.getRequest() ) == PwmApplicationMode.ERROR )
{
return EVAL_PAGE;
}
return LOGGER;
}
try
{
final HttpServletRequest req = ( HttpServletRequest ) pageContext.getRequest();
final PwmRequest pwmRequest = PwmRequest.forRequest( req, ( HttpServletResponse ) pageContext.getResponse() );
try
{
final PwmValue value = getName();
final String output = calcValue( pwmRequest, pageContext, value );
final String escapedOutput = value.getFlags().contains( PwmValue.Flag.DoNotEscape )
? output
: StringUtil.escapeHtml( output );
pageContext.getOut().write( escapedOutput );
}
catch ( final IllegalArgumentException e )
{
LOGGER.error( () -> "can't output requested value name '" + getName() + "'" );
}
}
catch ( final PwmUnrecoverableException e )
{
LOGGER.error( () -> "error while processing PwmValueTag: " + e.getMessage() );
}
catch ( final Exception e )
{
throw new JspTagException( e.getMessage(), e );
}
return EVAL_PAGE;
@Override
protected String generateTagBodyContents( final PwmRequest pwmRequest )
{
final PwmValue value = getName();
final String output = calcValue( pwmRequest, pageContext, value );
return value.getFlags().contains( PwmValue.Flag.DoNotEscape )
? output
: StringUtil.escapeHtml( output );
}
public String calcValue(
@ -96,7 +68,6 @@ public class PwmValueTag extends TagSupport
final PwmValue value
)
{
if ( value != null )
{
try

2
server/src/main/java/password/pwm/ldap/LdapDomainService.java
View file

@ -253,7 +253,7 @@ public class LdapDomainService extends AbstractPwmService implements PwmService
{
final String errorMsg = "unexpected error creating new proxy ldap connection: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_INTERNAL, errorMsg );
LOGGER.error( errorInformation );
LOGGER.error( sessionLabel, errorInformation );
throw new PwmUnrecoverableException( errorInformation );
}
}

8
server/src/main/java/password/pwm/ldap/LdapUserInfoReader.java
View file

@ -228,7 +228,7 @@ public class LdapUserInfoReader implements UserInfo
LOGGER.trace( sessionLabel, () -> "beginning password status check process for " + userDN );
// check if password meets existing policy.
if ( passwordPolicy.getRuleHelper().readBooleanValue( PwmPasswordRule.EnforceAtLogin ) )
if ( passwordPolicy.ruleHelper().readBooleanValue( PwmPasswordRule.EnforceAtLogin ) )
{
if ( currentPassword != null )
{
@ -678,9 +678,9 @@ public class LdapUserInfoReader implements UserInfo
)
throws PwmUnrecoverableException
{
final Set<String> interestingUserAttributes = new HashSet<>( uiBean.getPasswordPolicy().getRuleHelper().getDisallowedAttributes() );
if ( uiBean.getPasswordPolicy().getRuleHelper().getADComplexityLevel() == ADPolicyComplexity.AD2003
|| uiBean.getPasswordPolicy().getRuleHelper().getADComplexityLevel() == ADPolicyComplexity.AD2008 )
final Set<String> interestingUserAttributes = new HashSet<>( uiBean.getPasswordPolicy().ruleHelper().getDisallowedAttributes() );
if ( uiBean.getPasswordPolicy().ruleHelper().getADComplexityLevel() == ADPolicyComplexity.AD2003
|| uiBean.getPasswordPolicy().ruleHelper().getADComplexityLevel() == ADPolicyComplexity.AD2008 )
{
interestingUserAttributes.add( "sAMAccountName" );
interestingUserAttributes.add( "displayName" );

2
server/src/main/java/password/pwm/ldap/auth/SimpleLdapAuthenticator.java
View file

@ -82,7 +82,7 @@ public class SimpleLdapAuthenticator
PwmError.ERROR_INTERNAL,
"auth with unexpected auth type: " + authResult.getAuthenticationType()
);
LOGGER.error( errorInformation );
LOGGER.error( sessionLabel, errorInformation );
throw new PwmUnrecoverableException( errorInformation );
}
}

2
server/src/main/java/password/pwm/svc/email/EmailService.java
View file

@ -553,7 +553,7 @@ public class EmailService extends AbstractPwmService implements PwmService
emailConnection.getEmailServer().getConnectionStats().increment( EmailServer.ServerStat.sendFailures );
}
LOGGER.error( errorInformation );
LOGGER.error( getSessionLabel(), errorInformation );
throw e;
}
finally

13
server/src/main/java/password/pwm/svc/httpclient/ApachePwmHttpClient.java
View file

@ -87,7 +87,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.time.Instant;
@ -404,13 +403,9 @@ public class ApachePwmHttpClient implements AutoCloseable, PwmHttpClientProvider
public InputStream streamForUrl( final String inputUrl )
throws IOException, PwmUnrecoverableException
{
final URL url = new URL( inputUrl );
if ( "file".equals( url.getProtocol() ) )
{
return url.openStream();
}
final URI uri = URI.create( inputUrl );
if ( "http".equals( url.getProtocol() ) || "https".equals( url.getProtocol() ) )
if ( PwmURL.uriSchemeMatches( uri, PwmURL.Scheme.http, PwmURL.Scheme.https ) )
{
final PwmHttpClientRequest pwmHttpClientRequest = PwmHttpClientRequest.builder()
@ -423,13 +418,13 @@ public class ApachePwmHttpClient implements AutoCloseable, PwmHttpClientProvider
{
final String errorMsg = "error retrieving stream for url '" + inputUrl + "', remote response: " + httpResponse.getStatusLine().toString();
final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_REMOTE_ERROR_VALUE, errorMsg );
LOGGER.error( errorInformation );
LOGGER.error( sessionLabel, errorInformation );
throw new PwmUnrecoverableException( errorInformation );
}
return httpResponse.getEntity().getContent();
}
throw new IllegalArgumentException( "unknown protocol type: " + url.getProtocol() );
throw new IllegalArgumentException( "unknown protocol type: " + uri.getScheme() );
}
private static class ProxyRoutePlanner implements HttpRoutePlanner

14
server/src/main/java/password/pwm/svc/httpclient/JavaPwmHttpClient.java
View file

@ -35,6 +35,7 @@ import password.pwm.http.HttpEntityDataType;
import password.pwm.http.HttpHeader;
import password.pwm.http.HttpMethod;
import password.pwm.data.ImmutableByteArray;
import password.pwm.http.PwmURL;
import password.pwm.svc.stats.Statistic;
import password.pwm.svc.stats.StatisticsClient;
import password.pwm.util.java.AtomicLoopIntIncrementer;
@ -51,7 +52,6 @@ import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.ProxySelector;
import java.net.URI;
import java.net.URL;
import java.net.http.HttpClient;
import java.net.http.HttpHeaders;
import java.net.http.HttpRequest;
@ -306,13 +306,9 @@ public class JavaPwmHttpClient implements PwmHttpClientProvider
public InputStream streamForUrl( final String inputUrl )
throws IOException, PwmUnrecoverableException
{
final URL url = new URL( inputUrl );
if ( "file".equals( url.getProtocol() ) )
{
return url.openStream();
}
final URI uri = URI.create( inputUrl );
if ( "http".equals( url.getProtocol() ) || "https".equals( url.getProtocol() ) )
if ( PwmURL.uriSchemeMatches( uri, PwmURL.Scheme.http, PwmURL.Scheme.https ) )
{
try
{
@ -322,7 +318,7 @@ public class JavaPwmHttpClient implements PwmHttpClientProvider
{
final String errorMsg = "error retrieving stream for url '" + inputUrl + "', remote response: " + response.statusCode();
final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_HTTP_CLIENT, errorMsg );
LOGGER.error( errorInformation );
LOGGER.error( sessionLabel, errorInformation );
throw new PwmUnrecoverableException( errorInformation );
}
return response.body();
@ -334,7 +330,7 @@ public class JavaPwmHttpClient implements PwmHttpClientProvider
}
}
throw new IllegalArgumentException( "unknown protocol type: " + url.getProtocol() );
throw new IllegalArgumentException( "unknown protocol type: " + uri.getScheme() );
}
@Override

16
server/src/main/java/password/pwm/svc/node/NodeMachine.java
View file

@ -20,8 +20,6 @@
package password.pwm.svc.node;
import password.pwm.PwmApplication;
import password.pwm.config.stored.StoredConfigurationUtil;
import password.pwm.error.ErrorInformation;
import password.pwm.error.PwmError;
import password.pwm.error.PwmException;
@ -40,7 +38,7 @@ class NodeMachine
{
private static final PwmLogger LOGGER = PwmLogger.forClass( NodeMachine.class );
private final PwmApplication pwmApplication;
private final NodeService nodeService;
private final NodeDataServiceProvider clusterDataServiceProvider;
private ErrorInformation lastError;
@ -51,12 +49,12 @@ class NodeMachine
private final NodeServiceStatistics nodeServiceStatistics = new NodeServiceStatistics();
NodeMachine(
final PwmApplication pwmApplication,
final NodeService nodeService,
final NodeDataServiceProvider clusterDataServiceProvider,
final NodeServiceSettings nodeServiceSettings
)
{
this.pwmApplication = pwmApplication;
this.nodeService = nodeService;
this.clusterDataServiceProvider = clusterDataServiceProvider;
this.settings = nodeServiceSettings;
}
@ -69,7 +67,7 @@ class NodeMachine
public List<NodeInfo> nodes( ) throws PwmUnrecoverableException
{
final Map<String, NodeInfo> returnObj = new TreeMap<>();
final String configHash = StoredConfigurationUtil.valueHash( pwmApplication.getConfig().getStoredConfiguration() );
final String configHash = nodeService.getPwmApp().getConfig().getValueHash();
for ( final StoredNodeData storedNodeData : knownNodes.values() )
{
final boolean configMatch = configHash.equals( storedNodeData.getConfigHash() );
@ -127,7 +125,7 @@ class NodeMachine
public boolean isMaster( )
{
final String myID = pwmApplication.getInstanceID();
final String myID = nodeService.getPwmApp().getInstanceID();
final String masterID = masterInstanceId();
return myID.equals( masterID );
}
@ -169,7 +167,7 @@ class NodeMachine
catch ( final PwmUnrecoverableException e )
{
lastError = e.getErrorInformation();
LOGGER.error( e.getErrorInformation() );
LOGGER.error( nodeService.getSessionLabel(), e.getErrorInformation() );
}
}
@ -178,7 +176,7 @@ class NodeMachine
{
try
{
final StoredNodeData storedNodeData = StoredNodeData.makeNew( pwmApplication );
final StoredNodeData storedNodeData = StoredNodeData.makeNew( nodeService.getPwmApp() );
clusterDataServiceProvider.writeNodeStatus( storedNodeData );
nodeServiceStatistics.getClusterWrites().incrementAndGet();
}

9
server/src/main/java/password/pwm/svc/node/NodeService.java
View file

@ -94,7 +94,7 @@ public class NodeService extends AbstractPwmService implements PwmService
}
nodeMachine = new NodeMachine( pwmApplication, clusterDataServiceProvider, nodeServiceSettings );
nodeMachine = new NodeMachine( this, clusterDataServiceProvider, nodeServiceSettings );
scheduleFixedRateJob( nodeMachine.getHeartbeatProcess(), nodeServiceSettings.getHeartbeatInterval(), nodeServiceSettings.getHeartbeatInterval() );
}
}
@ -107,7 +107,7 @@ public class NodeService extends AbstractPwmService implements PwmService
catch ( final Exception e )
{
setStartupError( new ErrorInformation( PwmError.ERROR_NODE_SERVICE_ERROR, "error starting up node service: " + e.getMessage() ) );
LOGGER.error( getStartupError() );
LOGGER.error( getSessionLabel(), getStartupError() );
return STATUS.CLOSED;
}
@ -207,4 +207,9 @@ public class NodeService extends AbstractPwmService implements PwmService
}
}
}
public PwmApplication getPwmApp()
{
return getPwmApplication();
}
}

4
server/src/main/java/password/pwm/svc/otp/DbOtpOperator.java
View file

@ -151,13 +151,13 @@ public class DbOtpOperator extends AbstractOtpOperator
) );
}
LOGGER.trace( () -> "attempting to clear OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
LOGGER.trace( pwmRequest, () -> "attempting to clear OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
try
{
final DatabaseAccessor databaseAccessor = pwmDomain.getPwmApplication().getDatabaseAccessor();
databaseAccessor.remove( DatabaseTable.OTP, userGUID );
LOGGER.info( () -> "cleared OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
LOGGER.info( pwmRequest, () -> "cleared OTP secret for " + theUser + " in remote database (key=" + userGUID + ")" );
}
catch ( final DatabaseException ex )
{

4
server/src/main/java/password/pwm/svc/otp/LdapOtpOperator.java
View file

@ -132,7 +132,7 @@ public class LdapOtpOperator extends AbstractOtpOperator
? pwmDomain.getProxiedChaiUser( null, userIdentity )
: pwmRequest.getClientConnectionHolder().getActor( userIdentity );
theUser.writeStringAttribute( ldapStorageAttribute, value );
LOGGER.info( () -> "saved OTP secret for user to chai-ldap format" );
LOGGER.info( pwmRequest, () -> "saved OTP secret for user to chai-ldap format" );
}
catch ( final ChaiException ex )
{
@ -175,7 +175,7 @@ public class LdapOtpOperator extends AbstractOtpOperator
try
{
chaiUser.deleteAttribute( ldapStorageAttribute, null );
LOGGER.info( () -> "cleared OTP secret for user to chai-ldap format" );
LOGGER.info( pwmRequest, () -> "cleared OTP secret for user to chai-ldap format" );
}
catch ( final ChaiOperationException e )
{

5
server/src/main/java/password/pwm/svc/sessiontrack/UserAgentUtils.java
View file

@ -25,6 +25,7 @@ import com.blueconic.browscap.ParseException;
import com.blueconic.browscap.UserAgentParser;
import com.blueconic.browscap.UserAgentService;
import lombok.Value;
import password.pwm.bean.SessionLabel;
import password.pwm.error.ErrorInformation;
import password.pwm.error.PwmError;
import password.pwm.error.PwmUnrecoverableException;
@ -83,11 +84,11 @@ public class UserAgentUtils
return null;
}
public static void initializeCache()
public static void initializeCache( final SessionLabel sessionLabel )
{
final Instant startTime = Instant.now();
CACHED_PARSER.get();
LOGGER.trace( () -> "loaded useragent parser", TimeDuration.fromCurrent( startTime ) );
LOGGER.trace( sessionLabel, () -> "loaded useragent parser", TimeDuration.fromCurrent( startTime ) );
}
public static void checkIfPreIE11( final PwmRequest pwmRequest ) throws PwmUnrecoverableException

4
server/src/main/java/password/pwm/svc/telemetry/TelemetryService.java
View file

@ -207,11 +207,11 @@ public class TelemetryService extends AbstractPwmService implements PwmService
}
catch ( final PwmException e )
{
LOGGER.error( e.getErrorInformation() );
LOGGER.error( getSessionLabel(), e.getErrorInformation() );
}
catch ( final Exception e )
{
LOGGER.error( () -> "unexpected error during telemetry publish job: " + e.getMessage() );
LOGGER.error( getSessionLabel(), () -> "unexpected error during telemetry publish job: " + e.getMessage() );
}
}
}

12
server/src/main/java/password/pwm/svc/token/DataStoreTokenMachine.java
View file

@ -100,12 +100,14 @@ public class DataStoreTokenMachine implements TokenMachine
}
catch ( final Exception e )
{
LOGGER.error( () -> "unexpected error while cleaning expired stored tokens: " + e.getMessage() );
}
{
final long finalSize = size();
LOGGER.trace( () -> "completed record purge cycle; database size = " + finalSize, TimeDuration.fromCurrent( startTime ) );
LOGGER.error( tokenService.getSessionLabel(),
() -> "unexpected error while cleaning expired stored tokens: " + e.getMessage() );
}
final long finalSize = size();
LOGGER.trace( tokenService.getSessionLabel(),
() -> "completed record purge cycle; database size = "
+ finalSize, TimeDuration.fromCurrent( startTime ) );
}
private boolean testIfTokenNeedsPurging( final TokenPayload theToken )

27
server/src/main/java/password/pwm/svc/wordlist/WordlistSource.java
View file

@ -29,6 +29,7 @@ import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.ContextManager;
import password.pwm.http.HttpHeader;
import password.pwm.http.HttpMethod;
import password.pwm.http.PwmURL;
import password.pwm.svc.httpclient.PwmHttpClient;
import password.pwm.svc.httpclient.PwmHttpClientConfiguration;
import password.pwm.svc.httpclient.PwmHttpClientRequest;
@ -42,6 +43,7 @@ import password.pwm.util.logging.PwmLogger;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URL;
import java.time.Instant;
import java.util.Collections;
@ -95,7 +97,9 @@ class WordlistSource
final String importUrl = wordlistConfiguration.getAutoImportUrl();
return new WordlistSource( WordlistSourceType.AutoImport, importUrl, () ->
{
if ( importUrl.startsWith( "http" ) )
final URI uri = URI.create( importUrl );
if ( PwmURL.uriSchemeMatches( uri, PwmURL.Scheme.http, PwmURL.Scheme.https ) )
{
final boolean promiscuous = Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.HTTP_CLIENT_PROMISCUOUS_WORDLIST_ENABLE ) );
final PwmHttpClientConfiguration pwmHttpClientConfiguration = PwmHttpClientConfiguration.builder()
@ -105,16 +109,21 @@ class WordlistSource
return client.streamForUrl( wordlistConfiguration.getAutoImportUrl() );
}
try
if ( PwmURL.uriSchemeMatches( uri, PwmURL.Scheme.file ) )
{
final URL url = new URL( importUrl );
return url.openStream();
}
catch ( final IOException e )
{
final String msg = "unable to open auto-import URL: " + e.getMessage();
throw PwmUnrecoverableException.newException( PwmError.ERROR_WORDLIST_IMPORT_ERROR, msg );
try
{
final URL url = URI.create( importUrl ).toURL();
return url.openStream();
}
catch ( final IOException e )
{
final String msg = "unable to open auto-import URL: " + e.getMessage();
throw PwmUnrecoverableException.newException( PwmError.ERROR_WORDLIST_IMPORT_ERROR, msg );
}
}
throw new IllegalArgumentException( "can't auto-import protocol scheme '" + uri.getScheme() + "'" );
}
);
}

4
server/src/main/java/password/pwm/user/UserInfoBean.java
View file

@ -34,7 +34,7 @@ import password.pwm.config.profile.ChallengeProfile;
import password.pwm.config.profile.ProfileDefinition;
import password.pwm.config.profile.PwmPasswordPolicy;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.tag.PasswordRequirementsTag;
import password.pwm.util.password.PasswordRequirementViewableRuleGenerator;
import password.pwm.svc.otp.OTPUserRecord;
import password.pwm.util.macro.MacroRequest;
@ -140,7 +140,7 @@ public class UserInfoBean implements UserInfo
publicUserInfoBean.passwordPolicy( Collections.unmodifiableMap( userInfoBean.getPasswordPolicy().getPolicyMap() ) );
publicUserInfoBean.passwordRules( PasswordRequirementsTag.getPasswordRequirementsStrings(
publicUserInfoBean.passwordRules( PasswordRequirementViewableRuleGenerator.generate(
userInfoBean.getPasswordPolicy(),
config,
locale,

22
server/src/main/java/password/pwm/util/logging/PwmLogManager.java
View file

@ -36,6 +36,7 @@ import ch.qos.logback.core.joran.util.ConfigurationWatchListUtil;
import ch.qos.logback.core.rolling.RollingFileAppender;
import ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy;
import ch.qos.logback.core.util.FileSize;
import ch.qos.logback.core.util.StatusPrinter;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import org.slf4j.LoggerFactory;
import password.pwm.AppProperty;
@ -49,6 +50,7 @@ import password.pwm.util.localdb.LocalDB;
import password.pwm.util.localdb.LocalDBException;
import java.io.IOException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.Iterator;
@ -63,6 +65,10 @@ public class PwmLogManager
private static final String LOGGER_NAME_FILE = "pwmFileLogger";
private static final String LOGGER_NAME_CONSOLE = "pwmConsoleLogger";
private static final String CONTEXT_NAME_PWM_CONFIGURED = PwmConstants.PWM_APP_NAME + "-PwmLogManagerConfigured";
static final String CONTEXT_NAME_FILE_CONFIGURED = PwmConstants.PWM_APP_NAME
+ "-applicationPath-" + PwmConstants.LOGBACK_APP_PATH_FILENAME;
private static final ThreadLocal<SessionLabel> THREAD_SESSION_DATA = new ThreadLocal<>();
private static PwmApplication pwmApplication;
@ -90,8 +96,8 @@ public class PwmLogManager
appender.stop();
}
logCtx.reset();
logCtx.stop();
logCtx.reset();
PwmLogManager.localDBLogger = null;
PwmLogManager.pwmApplication = null;
@ -109,7 +115,7 @@ public class PwmLogManager
{
if ( pwmApplicationPath != null )
{
final Path logbackXmlInAppPath = pwmApplicationPath.resolve( "logback.xml" );
final Path logbackXmlInAppPath = pwmApplicationPath.resolve( PwmConstants.LOGBACK_APP_PATH_FILENAME );
if ( Files.exists( logbackXmlInAppPath ) )
{
if ( PwmLogUtil.initLogbackFromXmlFile( logbackXmlInAppPath ) )
@ -140,7 +146,8 @@ public class PwmLogManager
initFileLogger( config, pwmLogSettings.getFileLevel(), pwmApplicationPath );
// for debugging
// StatusPrinter.print( getLoggerContext() );
getLoggerContext().setName( CONTEXT_NAME_PWM_CONFIGURED );
StatusPrinter.print( getLoggerContext() );
}
static PwmLogLevel getLowestLogLevelConfigured()
@ -184,9 +191,14 @@ public class PwmLogManager
{
final LoggerContext context = getLoggerContext();
final ConfigurationWatchList configurationWatchList = ConfigurationWatchListUtil.getConfigurationWatchList( context );
final URL watchListURL = ConfigurationWatchListUtil.getMainWatchURL( context );
return configurationWatchList != null
&& ConfigurationWatchListUtil.getConfigurationWatchList( context ).getCopyOfFileWatchList().isEmpty();
return watchListURL != null
||
(
configurationWatchList != null
&& ConfigurationWatchListUtil.getConfigurationWatchList( context ).getCopyOfFileWatchList().isEmpty()
);
}
static LoggerContext getLoggerContext()

14
server/src/main/java/password/pwm/util/logging/PwmLogUtil.java
View file

@ -44,8 +44,6 @@ import password.pwm.util.java.StringUtil;
import password.pwm.util.java.TimeDuration;
import password.pwm.util.json.JsonFactory;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.List;
@ -126,21 +124,15 @@ class PwmLogUtil
configurator.setContext( context );
context.reset();
try ( InputStream inputStream = Files.newInputStream( file ) )
{
configurator.doConfigure( inputStream );
}
configurator.doConfigure( file.toFile() );
context.setName( PwmLogManager.CONTEXT_NAME_FILE_CONFIGURED );
return true;
}
catch ( final IOException e )
{
/* can't be logged... */
}
catch ( final JoranException je )
{
context.reset();
// StatusPrinter will handle this
System.err.println( "error during logback configuration using file: " + je.getMessage() );
}
StatusPrinter.printInCaseOfErrorsOrWarnings( context );

10
server/src/main/java/password/pwm/util/logging/PwmLogger.java
View file

@ -177,11 +177,6 @@ public class PwmLogger
doLogEvent( PwmLogLevel.DEBUG, sessionLabel, convertErrorInformation( errorInformation ), null, null );
}
public void debug( final Supplier<? extends CharSequence> message, final Throwable exception )
{
doPwmRequestLogEvent( PwmLogLevel.DEBUG, null, message, exception, null );
}
public void info( final Supplier<? extends CharSequence> message )
{
doLogEvent( PwmLogLevel.INFO, null, message, null, null );
@ -237,11 +232,6 @@ public class PwmLogger
doPwmRequestLogEvent( PwmLogLevel.ERROR, pwmRequest, convertErrorInformation( errorInformation ), null, null );
}
public void error( final ErrorInformation errorInformation )
{
doPwmRequestLogEvent( PwmLogLevel.ERROR, null, convertErrorInformation( errorInformation ), null, null );
}
public void error( final SessionLabel sessionLabel, final Supplier<? extends CharSequence> message )
{
doLogEvent( PwmLogLevel.ERROR, sessionLabel, message, null, null );

504
server/src/main/java/password/pwm/util/password/PasswordRequirementViewableRuleGenerator.java Normal file
View file

@ -0,0 +1,504 @@
/*
* Password Management Servlets (PWM)
* http://www.pwm-project.org
*
* Copyright (c) 2006-2009 Novell, Inc.
* Copyright (c) 2009-2021 The PWM Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package password.pwm.util.password;
import password.pwm.bean.SessionLabel;
import password.pwm.config.DomainConfig;
import password.pwm.config.option.ADPolicyComplexity;
import password.pwm.config.profile.PwmPasswordPolicy;
import password.pwm.config.profile.PwmPasswordRule;
import password.pwm.i18n.Display;
import password.pwm.i18n.Message;
import password.pwm.util.i18n.LocaleHelper;
import password.pwm.util.java.JavaHelper;
import password.pwm.util.java.StringUtil;
import password.pwm.util.logging.PwmLogger;
import password.pwm.util.macro.MacroRequest;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.MissingResourceException;
/**
* That is one long class name. But it does what it says.
*/
public class PasswordRequirementViewableRuleGenerator
{
private static final PwmLogger LOGGER = PwmLogger.forClass( PasswordRequirementViewableRuleGenerator.class );
private static final String UNKNOWN_MESSAGE_STRING = "UNKNOWN MESSAGE STRING";
private static final List<RuleTextGenerator> GENERATORS
= JavaHelper.instancesOfSealedInterface( RuleTextGenerator.class );
public static List<String> generate(
final PwmPasswordPolicy passwordPolicy,
final DomainConfig config,
final Locale locale,
final MacroRequest macroRequest
)
{
final GeneratorContext policyValues = new GeneratorContext( passwordPolicy, passwordPolicy.ruleHelper(), locale, config, macroRequest );
return GENERATORS.stream()
.map( gen -> gen.generate( policyValues ) )
.flatMap( Collection::stream )
.toList();
}
private sealed interface RuleTextGenerator
{
List<String> generate( GeneratorContext policyValues );
}
private record GeneratorContext(
PwmPasswordPolicy passwordPolicy,
PasswordRuleReaderHelper ruleHelper,
Locale locale,
DomainConfig config,
MacroRequest macroRequest
)
{
}
private static final class CaseSensitiveRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
if ( policyValues.ruleHelper().readBooleanValue( PwmPasswordRule.CaseSensitive ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_CaseSensitive, null, policyValues ) );
}
else
{
return Collections.singletonList( getLocalString( Message.Requirement_NotCaseSensitive, null, policyValues ) );
}
}
}
private static final class MinLengthRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MinimumLength );
final ADPolicyComplexity adPolicyLevel = policyValues.ruleHelper().getADComplexityLevel();
if ( adPolicyLevel == ADPolicyComplexity.AD2003 || adPolicyLevel == ADPolicyComplexity.AD2008 )
{
if ( value < 6 )
{
value = 6;
}
}
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinLength, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MaxLengthRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MaximumLength );
if ( value > 0 && value < 64 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxLength, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MinAlphaRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MinimumAlpha );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinAlpha, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MaxAlphaRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MaximumAlpha );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxAlpha, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class NumericCharsRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final PasswordRuleReaderHelper ruleHelper = policyValues.ruleHelper();
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowNumeric ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_AllowNumeric, null, policyValues ) );
}
else
{
final List<String> returnValues = new ArrayList<>( );
final int minValue = ruleHelper.readIntValue( PwmPasswordRule.MinimumNumeric );
if ( minValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MinNumeric, minValue, policyValues ) );
}
final int maxValue = ruleHelper.readIntValue( PwmPasswordRule.MaximumNumeric );
if ( maxValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MaxNumeric, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowFirstCharNumeric ) )
{
returnValues.add( getLocalString( Message.Requirement_FirstNumeric, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowLastCharNumeric ) )
{
returnValues.add( getLocalString( Message.Requirement_LastNumeric, maxValue, policyValues ) );
}
return returnValues;
}
}
}
private static final class SpecialCharsRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final PasswordRuleReaderHelper ruleHelper = policyValues.ruleHelper();
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowSpecial ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_AllowSpecial, null, policyValues ) );
}
else
{
final List<String> returnValues = new ArrayList<>( );
final int minValue = ruleHelper.readIntValue( PwmPasswordRule.MinimumSpecial );
if ( minValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MinSpecial, minValue, policyValues ) );
}
final int maxValue = ruleHelper.readIntValue( PwmPasswordRule.MaximumSpecial );
if ( maxValue > 0 )
{
returnValues.add( getLocalString( Message.Requirement_MaxSpecial, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowFirstCharSpecial ) )
{
returnValues.add( getLocalString( Message.Requirement_FirstSpecial, maxValue, policyValues ) );
}
if ( !ruleHelper.readBooleanValue( PwmPasswordRule.AllowLastCharSpecial ) )
{
returnValues.add( getLocalString( Message.Requirement_LastSpecial, maxValue, policyValues ) );
}
return Collections.unmodifiableList( returnValues );
}
}
}
private static final class MaximumRepeatRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MaximumRepeat );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxRepeat, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MaximumSequentialRepeatRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MaximumSequentialRepeat );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxSeqRepeat, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MinimumLowerRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MinimumLowerCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinLower, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MaximumLowerRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MaximumLowerCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxLower, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MinimumUpperRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MinimumUpperCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinUpper, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MaximumUpperRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MaximumUpperCase );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MaxUpper, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MinimumUniqueRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MinimumUnique );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_MinUnique, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class DisallowedValuesRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final List<String> setValue = policyValues.ruleHelper().getDisallowedValues();
if ( !setValue.isEmpty() )
{
final StringBuilder fieldValue = new StringBuilder();
for ( final String loopValue : setValue )
{
fieldValue.append( ' ' );
final String expandedValue = policyValues.macroRequest().expandMacros( loopValue );
fieldValue.append( StringUtil.escapeHtml( expandedValue ) );
}
return Collections.singletonList( getLocalString( Message.Requirement_DisAllowedValues, fieldValue.toString(), policyValues ) );
}
return Collections.emptyList();
}
}
private static final class WordlistRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
if ( policyValues.ruleHelper().readBooleanValue( PwmPasswordRule.EnableWordlist ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_WordList, "", policyValues ) );
}
return Collections.emptyList();
}
}
private static final class DisallowedAttributesRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final List<String> setValue = policyValues.ruleHelper().getDisallowedAttributes();
final ADPolicyComplexity adPolicyLevel = policyValues.ruleHelper().getADComplexityLevel();
if ( !setValue.isEmpty() || adPolicyLevel == ADPolicyComplexity.AD2003 )
{
return Collections.singletonList( getLocalString( Message.Requirement_DisAllowedAttributes, "", policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MaximumOldCharsRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MaximumOldChars );
if ( value > 0 )
{
return Collections.singletonList( getLocalString( Message.Requirement_OldChar, value, policyValues ) );
}
return Collections.emptyList();
}
}
private static final class MinimumLifetimeRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final int value = policyValues.ruleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
if ( value <= 0 )
{
return Collections.emptyList();
}
final int secondsPerDay = 60 * 60 * 24;
final String durationStr;
if ( value % secondsPerDay == 0 )
{
final int valueAsDays = value / ( 60 * 60 * 24 );
final Display key = valueAsDays <= 1 ? Display.Display_Day : Display.Display_Days;
durationStr = valueAsDays + " " + LocaleHelper.getLocalizedMessage( policyValues.locale(), key, policyValues.config() );
}
else
{
final int valueAsHours = value / ( 60 * 60 );
final Display key = valueAsHours <= 1 ? Display.Display_Hour : Display.Display_Hours;
durationStr = valueAsHours + " " + LocaleHelper.getLocalizedMessage( policyValues.locale(), key, policyValues.config() );
}
final String userMsg = Message.getLocalizedMessage( policyValues.locale(), Message.Requirement_MinimumFrequency, policyValues.config(), durationStr );
return Collections.singletonList( userMsg );
}
}
private static final class ADRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
final ADPolicyComplexity adPolicyLevel = policyValues.ruleHelper().getADComplexityLevel();
if ( adPolicyLevel == ADPolicyComplexity.AD2003 )
{
return Collections.singletonList( getLocalString( Message.Requirement_ADComplexity, "", policyValues ) );
}
else if ( adPolicyLevel == ADPolicyComplexity.AD2008 )
{
final int maxViolations = policyValues.ruleHelper().readIntValue( PwmPasswordRule.ADComplexityMaxViolations );
final int minGroups = 5 - maxViolations;
return Collections.singletonList( getLocalString( Message.Requirement_ADComplexity2008, String.valueOf( minGroups ), policyValues ) );
}
return Collections.emptyList();
}
}
private static final class UniqueRequiredRuleTextGenerator implements RuleTextGenerator
{
@Override
public List<String> generate( final GeneratorContext policyValues )
{
if ( policyValues.ruleHelper().readBooleanValue( PwmPasswordRule.UniqueRequired ) )
{
return Collections.singletonList( getLocalString( Message.Requirement_UniqueRequired, "", policyValues ) );
}
return Collections.emptyList();
}
}
private static String getLocalString( final Message message, final int size, final GeneratorContext policyValues )
{
final Message effectiveMessage = size > 1 && message.getPluralMessage() != null
? message.getPluralMessage()
: message;
try
{
return Message.getLocalizedMessage( policyValues.locale(), effectiveMessage, policyValues.config(), String.valueOf( size ) );
}
catch ( final MissingResourceException e )
{
LOGGER.error( SessionLabel.SYSTEM_LABEL, () -> "unable to display requirement tag for message '"
+ message.toString() + "': " + e.getMessage() );
}
return UNKNOWN_MESSAGE_STRING;
}
private static String getLocalString( final Message message, final String field, final GeneratorContext policyValues )
{
try
{
return Message.getLocalizedMessage( policyValues.locale(), message, policyValues.config(), field );
}
catch ( final MissingResourceException e )
{
LOGGER.error( SessionLabel.SYSTEM_LABEL, () -> "unable to display requirement tag for message '"
+ message.toString() + "': " + e.getMessage() );
}
return UNKNOWN_MESSAGE_STRING;
}
}

6
server/src/main/java/password/pwm/util/password/PasswordRuleChecks.java
View file

@ -137,7 +137,7 @@ public class PasswordRuleChecks
.pwmDomain( pwmDomain )
.policy( policy )
.userInfo( userInfo )
.ruleHelper( policy.getRuleHelper() )
.ruleHelper( policy.ruleHelper() )
.macroRequest( macroRequest )
.charCounter( new PasswordCharCounter( password ) )
.build();
@ -570,9 +570,9 @@ public class PasswordRuleChecks
final PwmPasswordPolicy policy = ruleCheckData.getPolicy();
// check disallowed attributes.
if ( !policy.getRuleHelper().getDisallowedAttributes().isEmpty() )
if ( !policy.ruleHelper().getDisallowedAttributes().isEmpty() )
{
final List<String> paramConfigs = policy.getRuleHelper().getDisallowedAttributes( PasswordRuleReaderHelper.Flag.KeepThresholds );
final List<String> paramConfigs = policy.ruleHelper().getDisallowedAttributes( PasswordRuleReaderHelper.Flag.KeepThresholds );
if ( userInfo != null )
{
final Map<String, String> userValues = userInfo.getCachedPasswordRuleAttributes();

6
server/src/main/java/password/pwm/util/password/PasswordUtility.java
View file

@ -1065,7 +1065,7 @@ public class PasswordUtility
int errorCode = 0;
final boolean passwordIsCaseSensitive = userInfo.getPasswordPolicy() == null
|| userInfo.getPasswordPolicy().getRuleHelper().readBooleanValue( PwmPasswordRule.CaseSensitive );
|| userInfo.getPasswordPolicy().ruleHelper().readBooleanValue( PwmPasswordRule.CaseSensitive );
final CachePolicy cachePolicy;
{
@ -1334,7 +1334,7 @@ public class PasswordUtility
final Instant lastModified = userInfo.getPasswordLastModifiedTime();
final TimeDuration minimumLifetime;
{
final int minimumLifetimeSeconds = userInfo.getPasswordPolicy().getRuleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
final int minimumLifetimeSeconds = userInfo.getPasswordPolicy().ruleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
if ( minimumLifetimeSeconds < 1 )
{
return;
@ -1398,7 +1398,7 @@ public class PasswordUtility
final TimeDuration minimumLifetime;
{
final int minimumLifetimeSeconds = passwordPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
final int minimumLifetimeSeconds = passwordPolicy.ruleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
if ( minimumLifetimeSeconds < 1 )
{
return false;

8
server/src/main/java/password/pwm/util/password/RandomGeneratorConfig.java
View file

@ -108,7 +108,7 @@ public class RandomGeneratorConfig
}
if ( pwmPasswordPolicy != null )
{
policyMax = Math.min( policyMax, pwmPasswordPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MaximumLength ) );
policyMax = Math.min( policyMax, pwmPasswordPolicy.ruleHelper().readIntValue( PwmPasswordRule.MaximumLength ) );
}
return policyMax;
}
@ -122,10 +122,10 @@ public class RandomGeneratorConfig
}
if ( pwmPasswordPolicy != null )
{
final int policyMin = pwmPasswordPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLength );
final int policyMin = pwmPasswordPolicy.ruleHelper().readIntValue( PwmPasswordRule.MinimumLength );
if ( policyMin > 0 )
{
returnVal = Math.min( returnVal, pwmPasswordPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLength ) );
returnVal = Math.min( returnVal, pwmPasswordPolicy.ruleHelper().readIntValue( PwmPasswordRule.MinimumLength ) );
}
}
return returnVal;
@ -141,7 +141,7 @@ public class RandomGeneratorConfig
if ( pwmPasswordPolicy != null )
{
policyMin = Math.max( policyMin, pwmPasswordPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumStrength ) );
policyMin = Math.max( policyMin, pwmPasswordPolicy.ruleHelper().readIntValue( PwmPasswordRule.MinimumStrength ) );
}
return policyMin;
}

6
server/src/main/java/password/pwm/util/password/RandomPasswordGenerator.java
View file

@ -171,15 +171,15 @@ public class RandomPasswordGenerator
final Map<String, String> newPolicyMap = new HashMap<>( defaultPolicy.getPolicyMap() );
newPolicyMap.put( PwmPasswordRule.MaximumLength.getKey(), String.valueOf( effectiveConfig.getMaximumLength() ) );
if ( effectiveConfig.getMinimumLength() > defaultPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLength ) )
if ( effectiveConfig.getMinimumLength() > defaultPolicy.ruleHelper().readIntValue( PwmPasswordRule.MinimumLength ) )
{
newPolicyMap.put( PwmPasswordRule.MinimumLength.getKey(), String.valueOf( effectiveConfig.getMinimumLength() ) );
}
if ( effectiveConfig.getMaximumLength() < defaultPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MaximumLength ) )
if ( effectiveConfig.getMaximumLength() < defaultPolicy.ruleHelper().readIntValue( PwmPasswordRule.MaximumLength ) )
{
newPolicyMap.put( PwmPasswordRule.MaximumLength.getKey(), String.valueOf( effectiveConfig.getMaximumLength() ) );
}
if ( effectiveConfig.getMinimumStrength() > defaultPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumStrength ) )
if ( effectiveConfig.getMinimumStrength() > defaultPolicy.ruleHelper().readIntValue( PwmPasswordRule.MinimumStrength ) )
{
newPolicyMap.put( PwmPasswordRule.MinimumStrength.getKey(), String.valueOf( effectiveConfig.getMinimumStrength() ) );
}

2
server/src/test/java/password/pwm/config/stored/ConfigurationCleanerTest.java
View file

@ -114,7 +114,7 @@ public class ConfigurationCleanerTest
for ( final ProfileID profile : domainConfig.getPasswordProfileIDs() )
{
final PwmPasswordPolicy pwmPasswordPolicy = domainConfig.getPasswordPolicy( profile );
final ADPolicyComplexity adPolicyComplexity = pwmPasswordPolicy.getRuleHelper().getADComplexityLevel();
final ADPolicyComplexity adPolicyComplexity = pwmPasswordPolicy.ruleHelper().getADComplexityLevel();
Assertions.assertEquals( ADPolicyComplexity.AD2003, adPolicyComplexity );
}