Hi
We are using BindLdapAuthenticationHandler for authenticating using LDAP and
extracting additional attributes using 'attributeRepository' as follows:-
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="baseDN" value="ou=people,dc=tamu,dc=edu" />
<property name="query" value="(tamuEduPersonNetID={0})" />
<property name="contextSource" ref="contextSource" />
<property name="ldapAttributesToPortalAttributes">
<map>
<entry key="tamuEduPersonNetID"
value="tamuEduPersonNetID" />
<entry key="tamuEduPersonUIN"
value="tamuEduPersonUIN" />
<entry key="tamuFlag" value="tamuFlag" />
</map>
</property>
</bean>
The attribute 'tamuFlag' is a multi-valued attribute and with other values can
have values:-
'passwordExpired' - account password is expired.
'ssatExpired' - Student Information Security Awareness training expired
In cas-server-3.3.1 we need that when a user has successfully authenticated
username and password then check for the values of 'tamuFlag'.
If 'tamuFlag' has value 'passwordExpired' then do not login user and show error
message that 'Login failed becaus your password has expired'.
If 'tamuFlag' has value 'ssatExpired' then do not login user and show error
message that 'Login failed becaus your Student Information Security Awareness
training is due'.
Please advice me how to code this scenario. Any suggestions are really
appriciated.
Thanks
Ashima Goel
Texas A & M University
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
