[Freeipa-devel] [PATCH] 121 User is notified that password needs to be reset in, forms-based login
This solution depends on Rob's patch #1006-2
Forms-based login procedure detects if 401 unauthorized message contains
'Expired Password' message. If so it displays an error message that user
needs to reset his password.
https://fedorahosted.org/freeipa/ticket/2608
--
Petr Vobornik
From 77e7fd988d6cf6a583f507723933f09a5feef518 Mon Sep 17 00:00:00 2001
From: Petr Vobornik pvobo...@redhat.com
Date: Mon, 16 Apr 2012 12:22:34 +0200
Subject: [PATCH] User is notified that password needs to be reset in
forms-based login
Forms-based login procedure detects if 401 unauthorized message contains 'Expired Password' message. If so it displays an error message that user needs to reset his password.
https://fedorahosted.org/freeipa/ticket/2608
---
install/ui/ipa.js | 31 ---
install/ui/login.html |9 -
install/ui/login.js | 32
3 files changed, 56 insertions(+), 16 deletions(-)
diff --git a/install/ui/ipa.js b/install/ui/ipa.js
index eeac030531302fffc0af79e70a835dca8120f674..dcc9d21a2d960a81ef70c89b050497bbfdfba6ad 100644
--- a/install/ui/ipa.js
+++ b/install/ui/ipa.js
@@ -359,10 +359,18 @@ IPA.logout = function() {
IPA.login_password = function(username, password) {
-var success = false;
+var result = 'invalid';
function success_handler(data, text_status, xhr) {
-success = true;
+result = 'success';
+}
+
+function error_handler(xhr, text_status, error_thrown) {
+
+if (xhr.status === 401
+xhr.responseText.indexOf('Password Expired') -1) {
+result = 'expired';
+}
}
var data = {
@@ -378,14 +386,15 @@ IPA.login_password = function(username, password) {
dataType: 'html',
async: false,
type: 'POST',
-success: success_handler
+success: success_handler,
+error: error_handler
};
IPA.display_activity_icon();
$.ajax(request);
IPA.hide_activity_icon();
-return success;
+return result;
};
/**
@@ -1340,6 +1349,10 @@ IPA.unauthorized_dialog = function(spec) {
Please try again (make sure your caps lock is off)./p +
pIf the problem persists, contact your administrator./p;
+that.password_expired = pstrongPassword expired/strong/p +
+pPlease run kinit to reset the password and then try to login again./p +
+pIf the problem persists, contact your administrator./p;
+
that.create = function() {
that.krb_message_contatiner = $('div\').appendTo(that.container);
@@ -1482,13 +1495,17 @@ IPA.unauthorized_dialog = function(spec) {
IPA.display_activity_icon();
-var success = IPA.login_password(record.username[0], record.password[0]);
+var result = IPA.login_password(record.username[0], record.password[0]);
IPA.hide_activity_icon();
-if (success) {
+if (result === 'success') {
that.on_login_success();
-} else {
+} else if (result === 'expired') {
+that.error_box.html(that.password_expired);
+that.error_box.css('display', 'block');
+}else {
+that.error_box.html(that.form_auth_failed);
that.error_box.css('display', 'block');
}
};
diff --git a/install/ui/login.html b/install/ui/login.html
index d88ee0eeb0f81bb5fdd543dfc20b1f5dcf851241..9902466a70b3deb7e4c7ec5168abc803935d0c32 100644
--- a/install/ui/login.html
+++ b/install/ui/login.html
@@ -21,12 +21,19 @@
div id=formwindow
h2Login/h2
-div id=error-box style=display:none
+
+div id=invalid class=error-box style=display:none
pstrongPlease re-enter your username or password/strong/p
pThe password or username you entered is incorrect. Please try again (make sure your caps lock is off)./p
pIf the problem persists, contact your administrator./p
/div
+div id=expired class=error-box style=display:none
+pstrongPassword expired/strong/p
+pPlease run kinit to reset the password and then try to login again./p
+pIf the problem persists, contact your administrator./p
+/div
+
form id=login
ul
li
diff --git a/install/ui/login.js b/install/ui/login.js
index 68b16bce1cd743b7ee5fd2b50b17d10965fc09d6..b739128dba14b18f59d9d950a09fd87b2a4efed9 100644
--- a/install/ui/login.js
+++ b/install/ui/login.js
@@ -22,10 +22,18 @@ var LP = {}; //Login Page
LP.login = function(username, password) {
-var success = false;
+var result = 'invalid';
function success_handler(data, text_status, xhr) {
-success = true;
+result = 'success';
+}
+
+function error_handler(xhr, text_status, error_thrown) {
+
+if (xhr.status === 401
+
Re: [Freeipa-devel] [PATCH] 121 User is notified that password needs to be reset in, forms-based login
Updated patch attached. It's modified according to Rob's patch #1006-3
which uses 'X-rejection-reason' to notify expired password.
On 04/17/2012 11:17 AM, Petr Vobornik wrote:
This solution depends on Rob's patch #1006-2
Forms-based login procedure detects if 401 unauthorized message contains
'Expired Password' message. If so it displays an error message that user
needs to reset his password.
https://fedorahosted.org/freeipa/ticket/2608
--
Petr Vobornik
From 68a9e3d310c4abc6d00ca22e1e579fd085d9fa4a Mon Sep 17 00:00:00 2001
From: Petr Vobornik pvobo...@redhat.com
Date: Mon, 16 Apr 2012 12:22:34 +0200
Subject: [PATCH] User is notified that password needs to be reset in
forms-based login
Forms-based login procedure detects if 401 unauthorized response contains 'X-rejection-reason' http header with 'password-expired' value. If so it displays an error message that user needs to reset his password.
https://fedorahosted.org/freeipa/ticket/2608
---
install/ui/ipa.js | 36 +---
install/ui/login.html |9 -
install/ui/login.js | 37 +
3 files changed, 66 insertions(+), 16 deletions(-)
diff --git a/install/ui/ipa.js b/install/ui/ipa.js
index eeac030531302fffc0af79e70a835dca8120f674..c6328667c1674aab8cf8970b01628152c2be7f32 100644
--- a/install/ui/ipa.js
+++ b/install/ui/ipa.js
@@ -359,10 +359,23 @@ IPA.logout = function() {
IPA.login_password = function(username, password) {
-var success = false;
+var result = 'invalid';
function success_handler(data, text_status, xhr) {
-success = true;
+result = 'success';
+}
+
+function error_handler(xhr, text_status, error_thrown) {
+
+if (xhr.status === 401) {
+var reason = xhr.getResponseHeader(X-rejection-reason);
+
+//change result from invalid only if we have a header which we
+//understand
+if (reason === 'password-expired') {
+result = 'expired';
+}
+}
}
var data = {
@@ -378,14 +391,15 @@ IPA.login_password = function(username, password) {
dataType: 'html',
async: false,
type: 'POST',
-success: success_handler
+success: success_handler,
+error: error_handler
};
IPA.display_activity_icon();
$.ajax(request);
IPA.hide_activity_icon();
-return success;
+return result;
};
/**
@@ -1340,6 +1354,10 @@ IPA.unauthorized_dialog = function(spec) {
Please try again (make sure your caps lock is off)./p +
pIf the problem persists, contact your administrator./p;
+that.password_expired = pstrongPassword expired/strong/p +
+pPlease run kinit to reset the password and then try to login again./p +
+pIf the problem persists, contact your administrator./p;
+
that.create = function() {
that.krb_message_contatiner = $('div\').appendTo(that.container);
@@ -1482,13 +1500,17 @@ IPA.unauthorized_dialog = function(spec) {
IPA.display_activity_icon();
-var success = IPA.login_password(record.username[0], record.password[0]);
+var result = IPA.login_password(record.username[0], record.password[0]);
IPA.hide_activity_icon();
-if (success) {
+if (result === 'success') {
that.on_login_success();
-} else {
+} else if (result === 'expired') {
+that.error_box.html(that.password_expired);
+that.error_box.css('display', 'block');
+}else {
+that.error_box.html(that.form_auth_failed);
that.error_box.css('display', 'block');
}
};
diff --git a/install/ui/login.html b/install/ui/login.html
index d88ee0eeb0f81bb5fdd543dfc20b1f5dcf851241..9902466a70b3deb7e4c7ec5168abc803935d0c32 100644
--- a/install/ui/login.html
+++ b/install/ui/login.html
@@ -21,12 +21,19 @@
div id=formwindow
h2Login/h2
-div id=error-box style=display:none
+
+div id=invalid class=error-box style=display:none
pstrongPlease re-enter your username or password/strong/p
pThe password or username you entered is incorrect. Please try again (make sure your caps lock is off)./p
pIf the problem persists, contact your administrator./p
/div
+div id=expired class=error-box style=display:none
+pstrongPassword expired/strong/p
+pPlease run kinit to reset the password and then try to login again./p
+pIf the problem persists, contact your administrator./p
+/div
+
form id=login
ul
li
diff --git a/install/ui/login.js b/install/ui/login.js
index 68b16bce1cd743b7ee5fd2b50b17d10965fc09d6..8d31ae0ef4a63560c889a6dfef4d6de54661fb7d 100644
--- a/install/ui/login.js
+++
Re: [Freeipa-devel] [PATCH] 121 User is notified that password needs to be reset in, forms-based login
Petr Vobornik wrote: Updated patch attached. It's modified according to Rob's patch #1006-3 which uses 'X-rejection-reason' to notify expired password. ACK In patch 1006 it was suggested to use X-IPA-Rejection-Reason instead. Updated this patch and pushed to master and ipa-2-2 rob On 04/17/2012 11:17 AM, Petr Vobornik wrote: This solution depends on Rob's patch #1006-2 Forms-based login procedure detects if 401 unauthorized message contains 'Expired Password' message. If so it displays an error message that user needs to reset his password. https://fedorahosted.org/freeipa/ticket/2608 ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel ___ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
