Hi all, We're thinking of upgrading from CAS 3.5.x to 4.x at my organisation, but we have overlaid (overlain?) the Unicon password management module over our 3.5.x installation. I can't seem to find an updated version of this or any equivalent that will work with CAS 4.x. We need self-service functions like "change password" and "forgot password".
Does anyone know of a simple way to migrate to CAS 4.x while retaining these functional capabilities? We don't mind a different module from Unicon as long as it supports these two self-service functions. Regards, Ganesh On 6 September 2014 at 00:15, John Gasper <jgas...@unicon.net> wrote: > Andrew, > > I'll just add to what Ganesh said. You can find the CAS Password Manager > overlay here: https://github.com/Unicon/cas-password-manager/. It is very > basic and might need a bit of work getting it to work with 3.5.2.1. > > Since you are starting from a fairly clean state, I'd suggestion taking a > look at https://code.google.com/p/pwm/. It's a very comprehensive > solution and because it shouldn't hold you back when trying to upgrade CAS > Server versions. > > -- > *John Gasper* > IAM Consultant > Unicon, Inc. > PGP/GPG Key: 0xbafee3ef > > > On 9/4/14 10:32 PM, Ganesh and Sashi Prasad wrote: > > Hi Andrew, > > You can use the Unicon password management module using the maven > overlay mechanism. We did this and got both "forgot password?" and "change > password" functionality. I understand the only two directories it supports > are OpenLDAP and Microsoft ActiveDirectory. > > Also, we had trouble enabling password policy enforcement on OpenLDAP, > so we didn't :-). The implication is that when a user clicks on "forgotten > password" and has a random string sent to them as their temporary password, > the system doesn't force them to change it to something else on their next > logon. If they want, they can continue to keep this password. If they want > to change it, then they have to explicitly execute the "change password" > function. > > Hope this helps. > > Regards, > Ganesh > > > On 5 September 2014 04:26, Andrew McKinney <andrew.mckin...@uvu.edu> > wrote: > >> First, full disclosure, I am fairly new to Spring and CAS. That being >> said, I have been tasked at our institution with adding password management >> features to the CAS system (3.5.2). To accomplish this, I have added a new >> Controller to our CAS server overlay to perform a password change. >> Ironically, the problem I am having is securing the new controller behind >> the CAS authentication. >> >> >> >> To try and accomplish this I have modified the securityContext.xml file >> to mimic the settings used for the services management piece. Using this >> method I have been able to require the user to authenticate with CAS before >> using the password change form, but it seems to not respect the >> authentication for single sign on. >> >> >> >> Long story short, I am trying to add several new controllers to the CAS >> server overlay, and would like those controllers to require CAS >> authentication before they are used. Is there are good way to accomplish >> this within the CAS server overlay, or should I simply write a stand-alone >> password management application that authenticates against CAS? >> >> >> >> Thanks, >> >> >> >> Andrew McKinney >> >> -- >> You are currently subscribed to cas-dev@lists.jasig.org as: >> g.c.pra...@gmail.com >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> > -- > You are currently subscribed to cas-dev@lists.jasig.org as: jgas...@unicon.net > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: > g.c.pra...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
