Update, the accountstatus policy works. Example : accountState=[org.ldaptive.auth.ext.ActiveDirectoryAccountState@1069687705::accountWarnings=null, accountErrors=[ACCOUNT_DISABLED]], result=false, resultCode=INVALID_CREDENTIALS, message=javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903CF, comment: AcceptSecurityContext error, data 533, v2580], controls=null]> 2015-09-30 15:48:35,255 DEBUG [org.jasig.cas.authentication.support.DefaultAccountStateHandler] - <Handling ACCOUNT_DISABLED>
Then, the cas shows the warning page. The problem is just on expiration policy : accountWarnings is null. I'm using the 'Active Directory Authentication' method. I'm not sure but i suppose an AD user can't read the MaxPwdAge attribute (not enought privilege maybe). Does someone have the accountWarning policy working ? -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
