|

»

»

Expired Password Integration

View: New views

4 Messages — Rating Filter: Alert me

	Expired Password Integration by Pat Hennessy :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I was looking for some information on handling expired passwords and found the following page.. http://www.ja-sig.org/wiki/display/CAS/Expired+Password+Integration It looks like it was posted a year ago. Is there anything built into CAS for doing this stuff? I see there are some attachments, but I'm not sure if they are compatible with the current version of CAS. I'm curious what other people are doing out there. We're basically looking for a way to tell if the account is expired (we do that now using ldap queries) and then redirect them to a self service page. Presenting a warning about the password expiring prior to redirecting them to the application they originally wanted to go to might be a nice feature as well. I'm not concerned about the other features. If their account is locked or if they keep doing the password wrong and it isn't expired, I'd like to just do the normal password incorrect thing. If they do that over and over and don't get anywhere, it will force them to contact one of our help desks. Pat -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pat Hennessy, RHCE (path@...) Senior Systems Specialist Division of Information and Educational Technology Delaware Technical and Community College =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas
	RE: Expired Password Integration by muleman :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message As far as I know there is nothing available. I would love to see this integrated into CAS...... We have implemented our own solution, we use OpenLaszlo for the frontend (CAS login screen) We first check the user against the ldap repository (password expired etc) Once the user passes that first check we delegate the request to the normal CAS flow. Chris > [Original Message] > From: Pat Hennessy <lists-cas@...> > To: Yale CAS mailing list <cas@...> > Date: 3/14/2008 4:29:30 PM > Subject: Expired Password Integration > > > I was looking for some information on handling expired passwords and > found the following page.. > > http://www.ja-sig.org/wiki/display/CAS/Expired+Password+Integration > > It looks like it was posted a year ago. Is there anything built into > CAS for doing this stuff? I see there are some attachments, but I'm not > sure if they are compatible with the current version of CAS. > > I'm curious what other people are doing out there. > > We're basically looking for a way to tell if the account is expired (we > do that now using ldap queries) and then redirect them to a self service > page. > > Presenting a warning about the password expiring prior to redirecting > them to the application they originally wanted to go to might be a nice > feature as well. > > I'm not concerned about the other features. If their account is locked > or if they keep doing the password wrong and it isn't expired, I'd like > to just do the normal password incorrect thing. If they do that over > and over and don't get anywhere, it will force them to contact one of > our help desks. > > Pat > > -- > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > Pat Hennessy, RHCE (path@...) > > Senior Systems Specialist > Division of Information and Educational Technology > Delaware Technical and Community College > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > _______________________________________________ > Yale CAS mailing list > cas@... > http://tp.its.yale.edu/mailman/listinfo/cas > > __________ NOD32 2946 (20080313) Information __________ > > This message was checked by NOD32 antivirus system. > http://www.eset.com > _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas
	Re: Expired Password Integration by Sam Karl :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I'm implementing my own ContextSourceException that extends LDAPContextSource, in the catch block, checking to see if the exception message has "GSL_PWDEXPIRED_EXCP" in it and throwing org.jasig.cas.authentication.handler.BadPasswordAuthenticationException. It may not be much cleaner way but I have an interface and implementation to handle that so my catch block won't grow big!! The same goes for blocked user and so on!! Sam On Fri, Mar 14, 2008 at 9:27 AM, Pat Hennessy <lists-cas@...> wrote: I was looking for some information on handling expired passwords and found the following page.. http://www.ja-sig.org/wiki/display/CAS/Expired+Password+Integration It looks like it was posted a year ago. Is there anything built into CAS for doing this stuff? I see there are some attachments, but I'm not sure if they are compatible with the current version of CAS. I'm curious what other people are doing out there. We're basically looking for a way to tell if the account is expired (we do that now using ldap queries) and then redirect them to a self service page. Presenting a warning about the password expiring prior to redirecting them to the application they originally wanted to go to might be a nice feature as well. I'm not concerned about the other features. If their account is locked or if they keep doing the password wrong and it isn't expired, I'd like to just do the normal password incorrect thing. If they do that over and over and don't get anywhere, it will force them to contact one of our help desks. Pat -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pat Hennessy, RHCE (path@...) Senior Systems Specialist Division of Information and Educational Technology Delaware Technical and Community College =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas
	Re: Expired Password Integration by Michael Ströder :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Chris Roffler wrote: > As far as I know there is nothing available. I would love to see this > integrated into CAS...... I'd also like to see such a feature. Maybe the AuthenticationHandler should raise specific exceptions which are then caught by the login screen handler? > We have implemented our own solution, we use OpenLaszlo for the frontend > (CAS login screen) > We first check the user against the ldap repository (password expired etc) > Once the user > passes that first check we delegate the request to the normal CAS flow. Would it be possible to have a look at your code? Ciao, Michael. _______________________________________________ Yale CAS mailing list cas@... http://tp.its.yale.edu/mailman/listinfo/cas

LightInTheBox - Buy quality products at wholesale price