How are you testing the login? Are you just going directly to the CAS login page or using a CAS-protected service that directs you to the login page? The warning won't come up if you just go to the CAS login page and don't specify a service because PasswordWarningCheck isn't run until after the TGT and Service Ticket are generated.
Have you tried logging in with an account that is expired or locked? Do you get the error pages or a generic "password incorrect" message? -Eric Eric Pierce, RHCE -- University of South Florida -- (813) 974-8868 -- [email protected] On Wed, May 6, 2009 at 9:18 AM, Marco Panella <[email protected]>wrote: > On Tue, 05 May 2009 10:43:44 -0400, Eric Pierce wrote > > Do you have any local modifications to login-webflow.xml or > > cas-servlet.xml ? If you do, you'll need replicate the changes from > > the versions in cas-server-support-ldap-pwd-expiration to your > > versions. > > I've made no modification to login-webflow.xml or cas-servlet.xml. > > Which change I have to do to login-webflow.xml? > > > When the server is deployed, you should see these messages: > > 2009-04-29 13:21:34,017 INFO > > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Search > > Filter: 'uid=%u'> > > 2009-04-29 13:21:34,017 INFO > > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Expire Date > > Attribute: 'passwordexpirationtime'> > > 2009-04-29 13:21:34,017 INFO > > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Warning > > Days Attribute: 'passwordwarningdays'> > > 2009-04-29 13:21:34,017 INFO > > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Default > > Warning Days: '14'> > > 2009-04-29 13:21:34,017 INFO > > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Date > > format: 'yyyyMMddHHmmss'Z''> > > 2009-04-29 13:21:34,017 INFO > > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <LDAP > > Search Base: 'ou=usf,o=usf.edu'> > > Now we get some problems in building a right cas.war. I am not very > friendly > with java projects. > > It ends containing some old files, like deployerContextConfig and > log4j.properties of the 6th of january, which we modified. > > > After some tries, I remodified these files after the deployment in the > webapps > directory of tomcat. > > Now I return to yesterday situation: authentication with LDAP but no check > on > password expiration; although the lines you reported are present in > cas.log. > > > > Everything in LdapPasswordWarningCheck logs at INFO, but you will get > > a litle more info about it if you turn up logging for > > org.jasig.cas.web.flow to DEBUG > > Ok. > > > Also, I just uploaded a new version > > (cas-server-support-ldap-pwd-expiration-3.3.2b) to the wiki to fix a > > bug. PasswordWarningCheck is now only used during initial login and > > is not run when accessing other services during your CAS session. > > Ok, we downloaded it. > > Thank you for your help. > Marco Panella > > -- > Universita' degli Studi di Parma (http://www.unipr.it) > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
