Hello,
I wanted to share how we managed to implement the change-password-screen with
the login-webflow of CAS-3.4.11. Pamir helped there quite a bit - thanks!
We created two new views, one new controller and one new model:
1. changePasswordView.jsp // provide the form to cange password.
2. changePasswordViewSuccess.jsp // display a success message and a button to
proceed.
3.ChangePasswordViaFormAction.java // controller of the change-password-form.
4. ChangePasswordCredentials.java // the model for holding username,
oldPassword, newPassword1 and newPassword2. It also provides a method
"credentialsForLogin" to create a UsernamePasswordCredentials-Object for the
CAS-login-process.
To publish the new event "changePassword" to hook into the login-webflow we had
to change the default implementation of "AuthenticationViaFormAction.java".
All the things above are put together like the implementation of
AuthenticationViaFormAction.java.
So the login-webflow was changed to:
1. Create a new flow-variable:
<var name="newPassCredentials"
class="de.xyz.xyz.cas.authentication.principal.UsernameChangePasswordCredentials"
/>
2. Change action-state "realSubmit" so that it reacts to the event
"changePassword" and redirects to the new view-state "changePasswordView".
3. The idea of the implementation (binder, model, realSubmit) of this new view
was taken from the view-state "viewLoginForm".
4. At the new view-state "changePasswordViewSuccess" we set the CAS-Credentials
and then redirect to the CAS-login-process:
<transition on="submit" to="realSubmit">
<set name="flowScope.credentials"
value="flowScope.newPassCredentials.credentialsForLogin" />
</transition>
I hope this may be comprehensible enough.
Regards
Jonathan Strampp
-------- Original-Nachricht --------
> Datum: Fri, 13 Apr 2012 19:41:27 +0300
> Von: "Pamir.erdem" <pamir.er...@gmail.com>
> An: cas-dev@lists.jasig.org
> Betreff: Re: [cas-dev] Extending CAS for providing a change-password-screen
> Hi
> I have developed it one year,ago. This weekand i can prepare,documentation
> for the gruop if somebody can put it on the wiki
>
> Sent from Samsung Mobile
>
> -------- Original message --------
> Subject: [cas-dev] Extending CAS for providing a change-password-screen
> From: jo0...@gmx.de
> To: cas-dev@lists.jasig.org
> CC:
>
> Hello,
>
> we want to force a user to change his password if it is expired. So the
> user can't use any CAS-Clients before changing his password.
>
> We have no central application for changing that password so we want to
> include that functionality in CAS. So I think we have to create a
> change-password-screen where the current user is redirected to and forced to
> change
> his password. This has to happen before generating the TGT-Cookie, of course.
>
> Searching the web I've only found two sites with the same problem (other
> sites just offered a link to a password-change-application):
> 1. http://jasig.275507.n4.nabble.com/force-password-change-td255185.html
> 2.
> https://wiki.jasig.org/display/CASUM/Change+Password+Integration+With+Jasig+CAS+3.4.7
>
> Both are a bit outdated or empty so I'm asking:
> - Can anyone point out different sites where this is dicussed, too?
> - Can anyone provide hints where to create new states in the login-flow
> and what parameters I shoud set when in order not to create security holes.
>
>
> Regards
> Jonathan Strampp
> --
> NEU: FreePhone 3-fach-Flat mit kostenlosem
> Smartphone!
> Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a
>
> --
> You are currently subscribed to cas-dev@lists.jasig.org as:
> pamir.er...@gmail.com
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>
> --
> You are currently subscribed to cas-dev@lists.jasig.org as: jo0...@gmx.de
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-dev
--
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
