Bill, I am not sure if I was clear, but I took the ideas from support-ldap-pwd-expiration-3.4.10 and tool these ideas into 3.4.11. I am not sure how much lppe is different from support-ldap-pwd-expiration, but I am planning to check that out.
Please note, we are not using CAS in production yet. We are not a university.. Our use case is very simple, we have 15K users and some applications needs needs to be on one single-ign-on. We have a PostgreSQL backend database with some Store Procedures that currently handle the authentication, and gives us status message about password expiration and all that. We have just two Stored Procedures simple function as for authentication and account status. Essentially all we need to show the number of days before there password expire, and provide the user a link for changing there pwd. Same as for almost any other status ( account locked, office hours etc..) Just show that status, a reason and provide the user a link. Ries On Feb 3, 2012, at 12:43 PM, William G. Thompson, Jr. wrote: > Ries, > > I'm glad the feature-lppe is working for you. If you are able to > share any enhancements sooner rather than later we can consider those > for the 3.5 release, and perhaps save you from a merge later. > > Would also love to hear any general feedback you have about the > feature, the implementation, and your specific use case. > > Best, > Bill > > > On Fri, Feb 3, 2012 at 10:22 AM, R. van Twisk <[email protected]> wrote: >> Marvin, >> >> thanks for you answers. >> >> In the mean time I managed to get it working with the LDAP examples, >> but instead of my calling LDAP I call our PostgreSQL database. >> >> May be I am just simple minded, but wouldn't a good interface solve this >> problem? >> Then you inject a bean of some sort that can return the right information >> back instead of just true/false (may be a bean of some sort). >> >> Anyways, >> I think I will get it going now. The other samples in the LDAP also shows >> nicely how to handle off-hours and this >> seems to work just fine… Need to do more testing ofcourse… >> >> When 3.5 is out, I will just merge my code >> >> >> Ries >> >> On Feb 3, 2012, at 9:59 AM, Marvin Addison wrote: >> >>>>> https://github.com/Jasig/cas/tree/feature-lppe >>>> >>>> I will take a look there, is the lppe branch going to be the new 3.5 >>>> version, >>> >>> Strictly speaking, no. The plan at present is to merge the LDAP >>> password policy support in that branch into master so it's included in >>> the 3.5 release. >>> >>>> in other words… Would I have to change (a lot??) of code when I use lppe >>>> now and want to change to 3.5? >>> >>> You'd need to _add_ and likely change a lot of things to support a >>> database backend. It's simply not designed with anything but LDAP >>> (and Active Directory in particular) in mind. I think that's a loss, >>> but I've been out-voted. The thinking is that it's better to ship >>> something now with limited functionality and build out later. >>> >>> M >>> >>> -- >>> You are currently subscribed to [email protected] as: [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >> >> >> -- >> You are currently subscribed to [email protected] as: [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
