Re: [cas-dev] Extending CAS for providing a change-password-screen

Sat, 14 Apr 2012 08:46:02 -0700 

Hi Misagh, hi Pamir
thanks for the responses. I think I'll be able to manage the hooks in the default login-flow. 

@ Pamir: Can you share your documentation?

Since I'm not that familiar with spring webflow your implementation 
could give me a faster start.



- Jonathan


Am 13.04.2012 22:23, schrieb Misagh Moayyed:

Jonathan,
You may want to check out the CAS LPPE feature currently in dev/test [1]. It
does cover a number of scenarios by altering the login flow that may be of
interest to you, particularly the case where the user’s password has
expired. See the wiki [2] for more info, please.

-Misagh

[1] https://github.com/Jasig/cas/tree/feature-lppe
[2] https://wiki.jasig.org/display/CASUM/LDAP+Password+Policy+Enforcement

-Misagh



-----Original Message-----
From: jo0...@gmx.de [mailto:jo0...@gmx.de]
Sent: Friday, April 13, 2012 9:35 AM
To: cas-dev@lists.jasig.org
Subject: [cas-dev] Extending CAS for providing a change-password-screen

Hello,

we want to force a user to change his password if it is expired. So the user
can't use any CAS-Clients before changing his password.

We have no central application for changing that password so we want to
include that functionality in CAS. So I think we have to create a
change-password-screen where the current user is redirected to and forced to
change his password. This has to happen before generating the TGT-Cookie, of
course.

Searching the web I've only found two sites with the same problem (other
sites just offered a link to a password-change-application):
1. http://jasig.275507.n4.nabble.com/force-password-change-td255185.html
2.
https://wiki.jasig.org/display/CASUM/Change+Password+Integration+With+Jasig+CAS+3.4.7

Both are a bit outdated or empty so I'm asking:
- Can anyone point out different sites where this is dicussed, too?
- Can anyone provide hints where to create new states in the login-flow and
what parameters I shoud set when in order not to create security holes.


Regards
Jonathan Strampp



--
You are currently subscribed to cas-dev@lists.jasig.org as: 
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-dev






















					Reply via email to