URL for (LDAP) PasswordPolicy
63 views
Skip to first unread message
Felix Schumacher
Feb 24, 2017, 10:33:24 AM2/24/17
to Cas User
Hi All,
I am using CAS 5.0.3 with apache tomcat 8.5.11 configured with LDAP and
SPNEGO as authentication backends.
When the password for an user expires within the next 14 days, I would
like CAS to warn the user and show him a link, where he could change the
password.
I can get to the warning page with the message text of
"password.expiration.warning". That text format allows for two
variables, but if I read the class
PasswordExpiringWarningMessageDescriptor correctly, it only has one
parameter (the days until expiration). That parameter gets replaced, the
second one (the url pointing to the password change service) stays
untouched and shows as {1}.
When I look at PasswordPolicyProperties - which seems to be responsible
for storing the property cas.authn.ldap[0].passwordPolicy.url that is
described on
https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#password-management
- that parameter is ignored.
Is this analyis correct, and if so, is this an error?
Regards,
Felix
I am using CAS 5.0.3 with apache tomcat 8.5.11 configured with LDAP and
SPNEGO as authentication backends.
When the password for an user expires within the next 14 days, I would
like CAS to warn the user and show him a link, where he could change the
password.
I can get to the warning page with the message text of
"password.expiration.warning". That text format allows for two
variables, but if I read the class
PasswordExpiringWarningMessageDescriptor correctly, it only has one
parameter (the days until expiration). That parameter gets replaced, the
second one (the url pointing to the password change service) stays
untouched and shows as {1}.
When I look at PasswordPolicyProperties - which seems to be responsible
for storing the property cas.authn.ldap[0].passwordPolicy.url that is
described on
https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#password-management
- that parameter is ignored.
Is this analyis correct, and if so, is this an error?
Regards,
Felix
Misagh Moayyed
Feb 24, 2017, 10:45:48 AM2/24/17
to cas-...@apereo.org
When I look at PasswordPolicyProperties - which seems to be responsible
for storing the property cas.authn.ldap[0].passwordPolicy.url that is
described on
https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#password-management
- that parameter is ignored.
Your link describes password management, but you seem to be after password policy enforcements. The former is the case where you allow users to change/update their passwords directly in CAS. The latter is about enacting password policy rules that may be ”warn people if their password is about to expire in X number of days”.
Your analysis is right in the sense that there is no “url” setting for password policy. The doc is over-ambitious and needs correcting.
Felix Schumacher
Mar 27, 2017, 6:15:09 AM3/27/17
to cas-...@apereo.org
Am 24.02.2017 16:45, schrieb Misagh Moayyed:
>> When I look at PasswordPolicyProperties - which seems to be
>> responsible
>> for storing the property cas.authn.ldap[0].passwordPolicy.url that
>> is
>> described on
>>
> https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#password-management
>>
>> - that parameter is ignored.
>
>>
>
> Your link describes password management, but you seem to be after
> password policy enforcements. The former is the case where you allow
> users to change/update their passwords directly in CAS. The latter is
> about enacting password policy rules that may be ”warn people if
> their password is about to expire in X number of days”.
So I should not expect to be forwarded to a page managed by password
>> When I look at PasswordPolicyProperties - which seems to be
>> responsible
>> for storing the property cas.authn.ldap[0].passwordPolicy.url that
>> is
>> described on
>>
> https://apereo.github.io/cas/5.0.x/installation/Configuration-Properties.html#password-management
>>
>> - that parameter is ignored.
>
>>
>
> Your link describes password management, but you seem to be after
> password policy enforcements. The former is the case where you allow
> users to change/update their passwords directly in CAS. The latter is
> about enacting password policy rules that may be ”warn people if
> their password is about to expire in X number of days”.
management, when password policy enforcement and password management is
enabled?
>
> Your analysis is right in the sense that there is no “url” setting
> for password policy. The doc is over-ambitious and needs correcting.
password.expiration.warning=Your password expires in {0} day(s). Please
<a href="{1}">change your password</a> now.
The {1} is not available.
Felix
>
> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google
> Groups "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to cas-user+u...@apereo.org.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.58b0551c.4c2b8485.351b%40unicon.net
> [1].
>
>
> Links:
> ------
> [1]
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/etPan.58b0551c.4c2b8485.351b%40unicon.net?utm_medium=email&utm_source=footer
Reply all
Reply to author
Forward
0 new messages