Hi Chamath, I think we don't have such a sample at the moment. What if we add a new method to the existing API to check if the password for the given username is expired ? So after an authentication failure the web applications can call this method and check if the password has expired. Or we can have a more generalized method to use after authentication failures to check if the account is locked, needs confirmation, password expired, OTP is already used etc. So then the web application can prompt a meaningful message to the user after an authentication failure or redirect to a page to password updates.
Thanks, -Suresh On Wed, Jun 26, 2013 at 11:40 AM, Chamath Gunawardana <[email protected]>wrote: > Hi, > > I have a requirement to validate the password expire time at user login > and if expired, redirect the user to a change password page without > displaying the normal landing page. The change password page will reside in > an external web app. Any one have done a sample web app to share with > similar behavior? (A web app which receives a flag from IS would be good if > exists) > > > Thanks, > -- > Best Regards, > Chamath Gunawardana > Technical Lead; WSO2 Inc. > Mobile : +94776322240 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Suresh Attanayake Senior Software Engineer; WSO2 Inc. http://wso2.com/ Blog : http://sureshatt.blogspot.com/ Web : http://www.ssoarcade.com/ Facebook : https://www.facebook.com/IdentityWorld Twitter : https://twitter.com/sureshatt LinkedIn : http://lk.linkedin.com/in/sureshatt Mobile : +94755012060 Mobile : +01-616-617-1172
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
