[Freeipa-devel] [PATCH] 121 User is notified that password needs to be reset in, forms-based login
This solution depends on Rob's patch #1006-2 Forms-based login procedure detects if 401 unauthorized message contains 'Expired Password' message. If so it displays an error message that user needs to reset his password. https://fedorahosted.org/freeipa/ticket/2608 -- Petr Vobornik From 77e7fd988d6cf6a583f507723933f09a5feef518 Mon Sep 17 00:00:00 2001 From: Petr Vobornik pvobo...@redhat.com Date: Mon, 16 Apr 2012 12:22:34 +0200 Subject: [PATCH] User is notified that password needs to be reset in forms-based login Forms-based login procedure detects if 401 unauthorized message contains 'Expired Password' message. If so it displays an error message that user needs to reset his password. https://fedorahosted.org/freeipa/ticket/2608 --- install/ui/ipa.js | 31 --- install/ui/login.html |9 - install/ui/login.js | 32 3 files changed, 56 insertions(+), 16 deletions(-) diff --git a/install/ui/ipa.js b/install/ui/ipa.js index eeac030531302fffc0af79e70a835dca8120f674..dcc9d21a2d960a81ef70c89b050497bbfdfba6ad 100644 --- a/install/ui/ipa.js +++ b/install/ui/ipa.js @@ -359,10 +359,18 @@ IPA.logout = function() { IPA.login_password = function(username, password) { -var success = false; +var result = 'invalid'; function success_handler(data, text_status, xhr) { -success = true; +result = 'success'; +} + +function error_handler(xhr, text_status, error_thrown) { + +if (xhr.status === 401 +xhr.responseText.indexOf('Password Expired') -1) { +result = 'expired'; +} } var data = { @@ -378,14 +386,15 @@ IPA.login_password = function(username, password) { dataType: 'html', async: false, type: 'POST', -success: success_handler +success: success_handler, +error: error_handler }; IPA.display_activity_icon(); $.ajax(request); IPA.hide_activity_icon(); -return success; +return result; }; /** @@ -1340,6 +1349,10 @@ IPA.unauthorized_dialog = function(spec) { Please try again (make sure your caps lock is off)./p + pIf the problem persists, contact your administrator./p; +that.password_expired = pstrongPassword expired/strong/p + +pPlease run kinit to reset the password and then try to login again./p + +pIf the problem persists, contact your administrator./p; + that.create = function() { that.krb_message_contatiner = $('div\').appendTo(that.container); @@ -1482,13 +1495,17 @@ IPA.unauthorized_dialog = function(spec) { IPA.display_activity_icon(); -var success = IPA.login_password(record.username[0], record.password[0]); +var result = IPA.login_password(record.username[0], record.password[0]); IPA.hide_activity_icon(); -if (success) { +if (result === 'success') { that.on_login_success(); -} else { +} else if (result === 'expired') { +that.error_box.html(that.password_expired); +that.error_box.css('display', 'block'); +}else { +that.error_box.html(that.form_auth_failed); that.error_box.css('display', 'block'); } }; diff --git a/install/ui/login.html b/install/ui/login.html index d88ee0eeb0f81bb5fdd543dfc20b1f5dcf851241..9902466a70b3deb7e4c7ec5168abc803935d0c32 100644 --- a/install/ui/login.html +++ b/install/ui/login.html @@ -21,12 +21,19 @@ div id=formwindow h2Login/h2 -div id=error-box style=display:none + +div id=invalid class=error-box style=display:none pstrongPlease re-enter your username or password/strong/p pThe password or username you entered is incorrect. Please try again (make sure your caps lock is off)./p pIf the problem persists, contact your administrator./p /div +div id=expired class=error-box style=display:none +pstrongPassword expired/strong/p +pPlease run kinit to reset the password and then try to login again./p +pIf the problem persists, contact your administrator./p +/div + form id=login ul li diff --git a/install/ui/login.js b/install/ui/login.js index 68b16bce1cd743b7ee5fd2b50b17d10965fc09d6..b739128dba14b18f59d9d950a09fd87b2a4efed9 100644 --- a/install/ui/login.js +++ b/install/ui/login.js @@ -22,10 +22,18 @@ var LP = {}; //Login Page LP.login = function(username, password) { -var success = false; +var result = 'invalid'; function success_handler(data, text_status, xhr) { -success = true; +result = 'success'; +} + +function error_handler(xhr, text_status, error_thrown) { + +if (xhr.status === 401 +
Re: [Freeipa-devel] [PATCH] 121 User is notified that password needs to be reset in, forms-based login
Updated patch attached. It's modified according to Rob's patch #1006-3 which uses 'X-rejection-reason' to notify expired password. On 04/17/2012 11:17 AM, Petr Vobornik wrote: This solution depends on Rob's patch #1006-2 Forms-based login procedure detects if 401 unauthorized message contains 'Expired Password' message. If so it displays an error message that user needs to reset his password. https://fedorahosted.org/freeipa/ticket/2608 -- Petr Vobornik From 68a9e3d310c4abc6d00ca22e1e579fd085d9fa4a Mon Sep 17 00:00:00 2001 From: Petr Vobornik pvobo...@redhat.com Date: Mon, 16 Apr 2012 12:22:34 +0200 Subject: [PATCH] User is notified that password needs to be reset in forms-based login Forms-based login procedure detects if 401 unauthorized response contains 'X-rejection-reason' http header with 'password-expired' value. If so it displays an error message that user needs to reset his password. https://fedorahosted.org/freeipa/ticket/2608 --- install/ui/ipa.js | 36 +--- install/ui/login.html |9 - install/ui/login.js | 37 + 3 files changed, 66 insertions(+), 16 deletions(-) diff --git a/install/ui/ipa.js b/install/ui/ipa.js index eeac030531302fffc0af79e70a835dca8120f674..c6328667c1674aab8cf8970b01628152c2be7f32 100644 --- a/install/ui/ipa.js +++ b/install/ui/ipa.js @@ -359,10 +359,23 @@ IPA.logout = function() { IPA.login_password = function(username, password) { -var success = false; +var result = 'invalid'; function success_handler(data, text_status, xhr) { -success = true; +result = 'success'; +} + +function error_handler(xhr, text_status, error_thrown) { + +if (xhr.status === 401) { +var reason = xhr.getResponseHeader(X-rejection-reason); + +//change result from invalid only if we have a header which we +//understand +if (reason === 'password-expired') { +result = 'expired'; +} +} } var data = { @@ -378,14 +391,15 @@ IPA.login_password = function(username, password) { dataType: 'html', async: false, type: 'POST', -success: success_handler +success: success_handler, +error: error_handler }; IPA.display_activity_icon(); $.ajax(request); IPA.hide_activity_icon(); -return success; +return result; }; /** @@ -1340,6 +1354,10 @@ IPA.unauthorized_dialog = function(spec) { Please try again (make sure your caps lock is off)./p + pIf the problem persists, contact your administrator./p; +that.password_expired = pstrongPassword expired/strong/p + +pPlease run kinit to reset the password and then try to login again./p + +pIf the problem persists, contact your administrator./p; + that.create = function() { that.krb_message_contatiner = $('div\').appendTo(that.container); @@ -1482,13 +1500,17 @@ IPA.unauthorized_dialog = function(spec) { IPA.display_activity_icon(); -var success = IPA.login_password(record.username[0], record.password[0]); +var result = IPA.login_password(record.username[0], record.password[0]); IPA.hide_activity_icon(); -if (success) { +if (result === 'success') { that.on_login_success(); -} else { +} else if (result === 'expired') { +that.error_box.html(that.password_expired); +that.error_box.css('display', 'block'); +}else { +that.error_box.html(that.form_auth_failed); that.error_box.css('display', 'block'); } }; diff --git a/install/ui/login.html b/install/ui/login.html index d88ee0eeb0f81bb5fdd543dfc20b1f5dcf851241..9902466a70b3deb7e4c7ec5168abc803935d0c32 100644 --- a/install/ui/login.html +++ b/install/ui/login.html @@ -21,12 +21,19 @@ div id=formwindow h2Login/h2 -div id=error-box style=display:none + +div id=invalid class=error-box style=display:none pstrongPlease re-enter your username or password/strong/p pThe password or username you entered is incorrect. Please try again (make sure your caps lock is off)./p pIf the problem persists, contact your administrator./p /div +div id=expired class=error-box style=display:none +pstrongPassword expired/strong/p +pPlease run kinit to reset the password and then try to login again./p +pIf the problem persists, contact your administrator./p +/div + form id=login ul li diff --git a/install/ui/login.js b/install/ui/login.js index 68b16bce1cd743b7ee5fd2b50b17d10965fc09d6..8d31ae0ef4a63560c889a6dfef4d6de54661fb7d 100644 --- a/install/ui/login.js +++
Re: [Freeipa-devel] [PATCH] 121 User is notified that password needs to be reset in, forms-based login
Petr Vobornik wrote: Updated patch attached. It's modified according to Rob's patch #1006-3 which uses 'X-rejection-reason' to notify expired password. ACK In patch 1006 it was suggested to use X-IPA-Rejection-Reason instead. Updated this patch and pushed to master and ipa-2-2 rob On 04/17/2012 11:17 AM, Petr Vobornik wrote: This solution depends on Rob's patch #1006-2 Forms-based login procedure detects if 401 unauthorized message contains 'Expired Password' message. If so it displays an error message that user needs to reset his password. https://fedorahosted.org/freeipa/ticket/2608 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel