There's no built-in functionality for user initiated password resets in CAS 4. Only the LPPE was redesigned and improved to be friendlier in terms of integration and extension. The CAS-PM extension that you refer to should be based on the 3.5.x line and a number of folks have gone to production with it.
I have no experience to do with 3rd party tools, but I am aware that some have used Zoho which we have in the past evaluated its integration capabilities with CAS. Misagh From: Michael Herring [mailto:[email protected]] Sent: Monday, July 22, 2013 7:34 AM To: [email protected] Subject: [cas-user] User Initiated Password Resets We have been using CAS for the past couple of years and have had good success with the product. Earlier this spring Denison upgraded to v3.5.2 and activated the LPPE support (OpenLdap environment) to support a use-case where new accounts are required to change their password on the first login. This has worked really well and we are now looking into supporting user initiated password resets. To this end I have some questions for the CAS community: 1. Is there any built in functionality for user initiated password resets in the the base product? Does this change with v4.0? (I did see an extension from Unicon [1]) 2. For implementors that have added this support what approach did you take? Did you do this within CAS? What did you do to verify that the reset request came from the actual user (security questions, token sent to mobile device, etc.)? 3. Is anyone using a third-party solution (whether open source or commercial) to process user initiated password changes? Any guidance, insight, or lessons learned is appreciated! Thanks for your time, -Michael [1] - https://github.com/Unicon/cas-password-manager -- Michael Herring Information Technology Services Web Developer Denison University 740-587-6360 [email protected] -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
