On Fri, Sep 11, 2015 at 10:15 AM, Jorj Bauer <j...@isc.upenn.edu> wrote:
> > I think I get the desired behavior if the expiry factor script exits > with return code 2 (COSIGN_CGI_PASSWORD_EXPIRED) when the account is > expired, instead of issuing the factor. > > That will work as long as you're invoking it as a factor, and not a > userfactor. The latter doesn't have any checks around the return code > (which is probably a bug). > There are currently two portions - an expiry check and and expiry enforcer. The check is via userfactor, the enforcer is a factor factor. Could it have all been done in a factor? Liam
------------------------------------------------------------------------------
_______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss
