Bill,

Per our discussion on the #jasig-cas chat, we should probably sync up on how
this integrates with the proposed changes in the 4.x branch.  Should we do
scheduled chat time?  I think Marvin would be interested in this too.

Cheers,
Scott

On Fri, Aug 26, 2011 at 5:12 PM, William G. Thompson, Jr.
<[email protected]>wrote:

> LPPE Update
>
> I've completed the merge of LPPE into the feature branch on
> https://source.jasig.org/cas3/branches/cas-server-3.4.10-lppe/ such
> that I can build and install CAS 3.4.10-LPPE-SNAPSHOT in my local mvn
> repo.  This allows me to build a cas server with the feature via
> simple local maven overlay.  To get it to work you need to pull in the
> configuration files in the resources directory of
>
> https://source.jasig.org/sandbox/cas-password-policy/branches/cas-server-support-ldap-pwd-expiration-3.4.x/
>
> I have it working Active Directory and could induce the PasswordWarning
> screen.
>
> I still need to spend some more time with the code and exercising
> features.  I'd like to arrive at a maintainable approach for this
> feature for CAS3 in the near term.  Would love some collaboration,
> thoughts, comments on how best to improve on this and help identifying
> any blockers for inclusion in CAS 3.5.
>
> This work is being driven by requirements at Lamar University.
>
> Best,
> Bill
>
>
> On Thu, Aug 25, 2011 at 9:11 PM, William G. Thompson, Jr.
> <[email protected]> wrote:
> > Folks,
> >
> > I've started a feature branch off of 3.4.10 to investigate
> > incorporating LPPE into the baseline here:
> > https://source.jasig.org/cas3/branches/cas-server-3.4.10-lppe/
> >
> > The lppe module (cas-server-support-ldap-ppolicy) is mostly additions,
> > and it looks like they can be easily bypassed via a comment switch in
> > login-flow.xml.  However, the module does carry forks of CASImpl,
> > BindAuthNHandler, and AuthenticationViaFormAction to plug in the ldap
> > error handling code.  These will have to reconciled somehow.
> >
> > For now, I'm just using the forked code to get it to work plus a maven
> > overlay with the enabling configuration in:
> > * login-webflow.xml
> > * deployerConfigContext.xml
> > * applicationContext.xml
> > * cas-servlet.xml
> >
> > It's building and login/logout is working.  Hopefully tomorrow I can
> > get ppolicy behavior working.
> >
> > Bill
> >
> >
> > On Wed, Aug 24, 2011 at 5:27 PM, William G. Thompson, Jr.
> > <[email protected]> wrote:
> >> LPPE status update...
> >>
> >> 3.4.8 patch applied and tagged:
> >>
> https://source.jasig.org/sandbox/cas-password-policy/tags/cas-server-support-ldap-pwd-expiration-3.4.8/
> >>
> >> CAS 3.4.10 changes pulled into LPPE and tagged:
> >>
> https://source.jasig.org/sandbox/cas-password-policy/tags/cas-server-support-ldap-pwd-expiration-3.4.10/
> >>
> >> https://wiki.jasig.org/display/CASUM/LDAP+Password+Policy+Enforcement
> >> updated with the current status.
> >>
> >> I have *not* run this code and have no idea if it is functional yet.
> >> I plan to do that next.
> >>
> >> Generally it looks this module is mostly additions with very few
> >> modifications.  At first glance it seems like it could be incorporated
> >> into the core with modest evolution.    Check out the merge notes
> >> here:
> >>
> https://wiki.jasig.org/display/CASUM/LDAP+Password+Policy+Enformcement+3.4.10+Upgrade+Notes
> >>
> >> Perhaps LPPE is a reasonable candidate for CAS 3.5.
> >>
> >> Also looks like it might be possible to split this out into a module
> >> (jars), plus a maven overlay.  Would appreciate feedback from folks on
> >> how they are incorporating this code today.
> >>
> >> Best,
> >> Bill
> >>
> >>
> >>
> >> On Tue, Aug 23, 2011 at 10:24 AM, William G. Thompson, Jr.
> >> <[email protected]> wrote:
> >>> Folks,
> >>>
> >>> I'm working on a new CAS deployment based on 3.4.10.  We have a
> >>> requirement to implement LDAP Password Policy Enforcement.
> >>> https://wiki.jasig.org/display/CASUM/LDAP+Password+Policy+Enforcement
> >>>
> >>> The wiki page describes the state of the module.  SVN is here:
> >>> https://source.jasig.org/sandbox/cas-password-policy/ and the latest
> >>> tag is for CAS 3.4.7.  There's also a patch file on the wiki for 3.4.8
> >>> that's not in SVN.
> >>>
> >>> I started a branch to track CAS 3.4.x here:
> >>>
> https://source.jasig.org/sandbox/cas-password-policy/branches/cas-server-support-ldap-pwd-expiration-3.4.x/
> >>>
> >>> I intend to apply the 3.4.8 patch, cut a tag, and then bring the 3.4.x
> >>> branch up to 3.4.10, and cut another tag.  I'd like to get to a
> >>> sustainable process and possibly figure out how to get this into the
> >>> core at some point if that makes sense.
> >>>
> >>> Appreciate any feedback, help, etc.
> >>>
> >>> Best,
> >>> Bill
> >>>
> >>
> >
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>
>

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-dev

Reply via email to