Hi all, We've been running CAS (3.3.3) for over a year now at our institution (very well received by both students and employees, more and more applications getting casified every month). I even implemented a few additions such as a custom StaticPersonAttributeDao (posted a few things about that back in the summer of 09) and the LDAP password policy enforcement as documented on the CAS wiki. (and a few other nuts and bolts)
However, after 14 months of running the same version I thought it was about time to upgrade the system and to do it 100% right now by using the Maven 2 WAR overlay method as documented on the wiki and enthousiastically promoted on this mailing list every now and then. Iniatially that seemed to work like a charm. Basic system with our own theme + views (and the StaticPersonAttributDao) and the configuration for our authentication backend (combination of MS-AD and a HA MySQL DB) was up and running in no time at all. But for some reason the (updated) LDAP password policy enforcement code is giving me problems. The actual code is compiled and packaged flawlessly. All views and theme related items are in the overlay since they've been customised. I even expressly put the login-webflow in there to make sure the correct one would be in the war. For some reason though, when trying to log in with an account which has been disabled, I just get the default incorrect credentials message instead of the one telling me the account has been disabled. For some reason the additions as provided by the module aren't being triggered, even though I get the following in the logs: > 2010-11-01 20:08:21,376 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - LDAP Search > Base: 'ou=Universe,dc=duckburg,dc=org' > 2010-11-01 20:08:21,376 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - Search > Filter: 'mail=%u' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - warnAll: 'true' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - Date format: > 'yyyyMMddHHmmss'Z'' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - > warningCheckType: 'change' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - Date > Attribute: 'passwordChangedTime' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - Valid Days > Attribute: 'maxPwdAge' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - Warning Days > Attribute: 'passwordwarningdays' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - Default > Warning Days: '30' > 2010-11-01 20:08:21,377 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - Password Max > Age (in days): '180' That, combined with the successfull packaging, leads me to conclude that there's nothing wrong with the actual classes. On the other hand the module does overload some classes of the ldap-support module or at least it should. I could imagine nothing happening if these classes were not actually being overloaded at all ... even though both jars (cas-server-support-ldap-3.4.3.jar and cas-server-support-ldap-pwd-expiration-3.4.2.jar) are there. Since I'm far from an expert as far as Maven goes: how can it tell which version of the class (e.g. BindLdapAuthenticationHandler) to use? Or: how do I indicate that "my" custom code takes precedence? Does anyone have an idea of what I'm missing? Right now I'm pretty much clueless (and somewhat frustrated because the answer is no doubt right in front of me) Thanks in advance, *Hans De Bisschop* Hoofddeskundige ICTO | Lead Developer Chamilo 2.0 Software Coordinator Chamilo Association Erasmushogeschool Brussel Nijverheidskaai 170 | B-1070 Brussel T 02 559 02 54 | i 254 [email protected] <mailto:[email protected]> | www.erasmushogeschool.be <http://www.erasmushogeschool.be/> Kom eens langs: www.erasmushogeschool.be/infodagen <http://www.erasmushogeschool.be/infodagen> of lees onze elektronische nieuwsbrief: ehbrief.ehb.be <http://ehbrief.ehb.be/> P Before printing, think about the environment -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
