On Fri, Feb 3, 2012 at 2:24 PM, R. van Twisk <[email protected]> wrote: > Bill, > > I am not sure if I was clear, but I took the ideas from > support-ldap-pwd-expiration-3.4.10 > and tool these ideas into 3.4.11. I am not sure how much lppe is different > from support-ldap-pwd-expiration, > but I am planning to check that out.
Understood. https://github.com/Jasig/cas/tree/feature-lppe is an evolution of that code to get it aligned for a CAS 3.5 release. The support-ldap-pwd-expiration module has been directly incorporated into cas-server-support-ldap, cas-server-core, and cas-server-webapp. > > Please note, we are not using CAS in production yet. We are not a university.. > > Our use case is very simple, we have 15K users and some applications > needs needs to be on one single-ign-on. We have a PostgreSQL backend > database with some Store Procedures that currently handle the authentication, > and gives us status message about password expiration and all that. > We have just two Stored Procedures simple function as for authentication and > account status. > > Essentially all we need to show the number of days before there password > expire, > and provide the user a link for changing there pwd. Same as for almost any > other status ( > account locked, office hours etc..) Just show that status, a reason and > provide the user a link. I'd say you've made a good choice with CAS! :) Good luck with your deployment. Best, Bill > > Ries > > On Feb 3, 2012, at 12:43 PM, William G. Thompson, Jr. wrote: > >> Ries, >> >> I'm glad the feature-lppe is working for you. If you are able to >> share any enhancements sooner rather than later we can consider those >> for the 3.5 release, and perhaps save you from a merge later. >> >> Would also love to hear any general feedback you have about the >> feature, the implementation, and your specific use case. >> >> Best, >> Bill >> >> >> On Fri, Feb 3, 2012 at 10:22 AM, R. van Twisk <[email protected]> wrote: >>> Marvin, >>> >>> thanks for you answers. >>> >>> In the mean time I managed to get it working with the LDAP examples, >>> but instead of my calling LDAP I call our PostgreSQL database. >>> >>> May be I am just simple minded, but wouldn't a good interface solve this >>> problem? >>> Then you inject a bean of some sort that can return the right information >>> back instead of just true/false (may be a bean of some sort). >>> >>> Anyways, >>> I think I will get it going now. The other samples in the LDAP also shows >>> nicely how to handle off-hours and this >>> seems to work just fine… Need to do more testing ofcourse… >>> >>> When 3.5 is out, I will just merge my code >>> >>> >>> Ries >>> >>> On Feb 3, 2012, at 9:59 AM, Marvin Addison wrote: >>> >>>>>> https://github.com/Jasig/cas/tree/feature-lppe >>>>> >>>>> I will take a look there, is the lppe branch going to be the new 3.5 >>>>> version, >>>> >>>> Strictly speaking, no. The plan at present is to merge the LDAP >>>> password policy support in that branch into master so it's included in >>>> the 3.5 release. >>>> >>>>> in other words… Would I have to change (a lot??) of code when I use lppe >>>>> now and want to change to 3.5? >>>> >>>> You'd need to _add_ and likely change a lot of things to support a >>>> database backend. It's simply not designed with anything but LDAP >>>> (and Active Directory in particular) in mind. I think that's a loss, >>>> but I've been out-voted. The thinking is that it's better to ship >>>> something now with limited functionality and build out later. >>>> >>>> M >>>> >>>> -- >>>> You are currently subscribed to [email protected] as: >>>> [email protected] >>>> To unsubscribe, change settings or access archives, see >>>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>>> >>> >>> >>> -- >>> You are currently subscribed to [email protected] as: >>> [email protected] >>> To unsubscribe, change settings or access archives, see >>> http://www.ja-sig.org/wiki/display/JSG/cas-user >>> >> >> -- >> You are currently subscribed to [email protected] as: [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > > > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
