Folks, I've started a feature branch off of 3.4.10 to investigate incorporating LPPE into the baseline here: https://source.jasig.org/cas3/branches/cas-server-3.4.10-lppe/
The lppe module (cas-server-support-ldap-ppolicy) is mostly additions, and it looks like they can be easily bypassed via a comment switch in login-flow.xml. However, the module does carry forks of CASImpl, BindAuthNHandler, and AuthenticationViaFormAction to plug in the ldap error handling code. These will have to reconciled somehow. For now, I'm just using the forked code to get it to work plus a maven overlay with the enabling configuration in: * login-webflow.xml * deployerConfigContext.xml * applicationContext.xml * cas-servlet.xml It's building and login/logout is working. Hopefully tomorrow I can get ppolicy behavior working. Bill On Wed, Aug 24, 2011 at 5:27 PM, William G. Thompson, Jr. <[email protected]> wrote: > LPPE status update... > > 3.4.8 patch applied and tagged: > https://source.jasig.org/sandbox/cas-password-policy/tags/cas-server-support-ldap-pwd-expiration-3.4.8/ > > CAS 3.4.10 changes pulled into LPPE and tagged: > https://source.jasig.org/sandbox/cas-password-policy/tags/cas-server-support-ldap-pwd-expiration-3.4.10/ > > https://wiki.jasig.org/display/CASUM/LDAP+Password+Policy+Enforcement > updated with the current status. > > I have *not* run this code and have no idea if it is functional yet. > I plan to do that next. > > Generally it looks this module is mostly additions with very few > modifications. At first glance it seems like it could be incorporated > into the core with modest evolution. Check out the merge notes > here: > https://wiki.jasig.org/display/CASUM/LDAP+Password+Policy+Enformcement+3.4.10+Upgrade+Notes > > Perhaps LPPE is a reasonable candidate for CAS 3.5. > > Also looks like it might be possible to split this out into a module > (jars), plus a maven overlay. Would appreciate feedback from folks on > how they are incorporating this code today. > > Best, > Bill > > > > On Tue, Aug 23, 2011 at 10:24 AM, William G. Thompson, Jr. > <[email protected]> wrote: >> Folks, >> >> I'm working on a new CAS deployment based on 3.4.10. We have a >> requirement to implement LDAP Password Policy Enforcement. >> https://wiki.jasig.org/display/CASUM/LDAP+Password+Policy+Enforcement >> >> The wiki page describes the state of the module. SVN is here: >> https://source.jasig.org/sandbox/cas-password-policy/ and the latest >> tag is for CAS 3.4.7. There's also a patch file on the wiki for 3.4.8 >> that's not in SVN. >> >> I started a branch to track CAS 3.4.x here: >> https://source.jasig.org/sandbox/cas-password-policy/branches/cas-server-support-ldap-pwd-expiration-3.4.x/ >> >> I intend to apply the 3.4.8 patch, cut a tag, and then bring the 3.4.x >> branch up to 3.4.10, and cut another tag. I'd like to get to a >> sustainable process and possibly figure out how to get this into the >> core at some point if that makes sense. >> >> Appreciate any feedback, help, etc. >> >> Best, >> Bill >> > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
