Hi! I am trying to implement LPPE for LDAP authentication but I seem to have trouble getting it where I want it to be.
I added password policy configuration for one of my LDAP connections and the logs suggest that the account is correctly recognized as disabled but I still end up on login screen with a general error message instead of going to accoutDisabledView. The piece of config I added *cas.authn.ldap[4].passwordPolicy.type=ADcas.authn.ldap[4].passwordPolicy.enabled=truecas.authn.ldap[4].passwordPolicy.account-state-handling-enabled=truecas.authn.ldap[4].passwordPolicy.strategy=DEFAULT* And the log returned for the specific domain looks like this: * [...] authenticationResultCode=AUTHENTICATION_HANDLER_FAILURE, resultCode=INVALID_CREDENTIALS, matchedDN=, diagnosticMessage=8009030C: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 533, v45632021-09-24 13:15:09,660 DEBUG [org.apereo.cas.authentication.support.DefaultLdapAccountStateHandler] - <Handling LDAP account state error [ACCOUNT_DISABLED]>* *2021-09-24 13:15:09,661 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <[LdapAuthenticationHandler] exception details: [].>* Any help would be usefull. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/13e389cd-2bbe-410e-a150-85923fdd27b1n%40apereo.org.
