Do you have any local modifications to login-webflow.xml or cas-servlet.xml ? If you do, you'll need replicate the changes from the versions in cas-server-support-ldap-pwd-expiration to your versions.
When the server is deployed, you should see these messages: 2009-04-29 13:21:34,017 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Search Filter: 'uid=%u'> 2009-04-29 13:21:34,017 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Expire Date Attribute: 'passwordexpirationtime'> 2009-04-29 13:21:34,017 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Warning Days Attribute: 'passwordwarningdays'> 2009-04-29 13:21:34,017 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Default Warning Days: '14'> 2009-04-29 13:21:34,017 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Date format: 'yyyyMMddHHmmss'Z''> 2009-04-29 13:21:34,017 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <LDAP Search Base: 'ou=usf,o=usf.edu'> Everything in LdapPasswordWarningCheck logs at INFO, but you will get a litle more info about it if you turn up logging for org.jasig.cas.web.flow to DEBUG Also, I just uploaded a new version (cas-server-support-ldap-pwd-expiration-3.3.2b) to the wiki to fix a bug. PasswordWarningCheck is now only used during initial login and is not run when accessing other services during your CAS session. Eric Pierce, RHCE -- University of South Florida -- (813) 974-8868 -- [email protected] On Tue, May 5, 2009 at 10:08 AM, Marco Panella <[email protected]> wrote: > > We'd like to integrate the checks on password and account expiration in our > CAS server. > > This is probably what we need: > http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement > > We are trying to get these checks to work but our efforts are unsuccessful. > > Probably we do something wrong: > 1) svn checkout https://www.ja-sig.org/svn/cas3/trunk cas3 > 2) cd cas3 > 3) tar zxvf ../cas-server-support-ldap-pwd-expiration-3.3.2a.tar.gz > 4) cd cas-server-support-ldap-pwd-expiration > 5) mvn package install > 6) configure > cas-server-webapp/src/main/webapp/WEB-INFO/deployerConfigContext.xml (added > contextSource with URI of the ldap server, added bean > PasswordWarningCheckAction and added bean PasswordWarningCheck) > 7) configure > cas-server-webapp/src/main/webapp/WEB-INFO/classes/log4j.properties (added a > line log4j.logger.org.jasig.cas.adaptors.ldap=DEBUG to get messages from > LdapPasswordWarningCheck class) > 8) cd ../../ > 9) mkdir cas-unipr > 10) cd cas-unipr > 11) vi pom.xml (add dependency on cas-server-support-ldap-pwd-expiration) > 12) mvn -Dmaven.test.skip=true package install > > We succeded in authenticate users vs LDAP but no checks on password or account > expiration are performed. > It seems that no PasswordWarningCheckAction is performed in the flow of CAS > authentication. > > > > Thanks in advance > Marco Panella > > -- > Universita' degli Studi di Parma (http://www.unipr.it) > > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
