Re: [Freeipa-users] Library to change expired password

2009-10-30 Thread Sumit Bose
On Thu, Oct 29, 2009 at 10:54:01PM -0600, Jason Gerard DeRose wrote: > On Thu, 2009-10-29 at 17:56 -0400, Dan Scott wrote: > > Hi, > > > > I'm trying to integrate FreeIPA with a Java webapp using JAAS. I have > > the login module configured properly and it is working fine. > > > > However, I have

Re: [Freeipa-users] Library to change expired password

2009-10-30 Thread Rob Crittenden
Jason Gerard DeRose wrote: On Thu, 2009-10-29 at 17:56 -0400, Dan Scott wrote: Hi, I'm trying to integrate FreeIPA with a Java webapp using JAAS. I have the login module configured properly and it is working fine. However, I have a problem with the initial user setup. New accounts are created

Re: [Freeipa-users] Library to change expired password

2009-10-30 Thread Dmitri Pal
> > As Sumit said, the self-service page currently requires kerberos so > you'd have to get a TGT first which means you need a valid password. > > This may not be too difficult to do in a web form (SSL protected, of > course). You should be able to create a non-kerberos auth page that > prompts fo

Re: [Freeipa-users] Library to change expired password

2009-10-30 Thread Rob Crittenden
Dmitri Pal wrote: As Sumit said, the self-service page currently requires kerberos so you'd have to get a TGT first which means you need a valid password. This may not be too difficult to do in a web form (SSL protected, of course). You should be able to create a non-kerberos auth page that prom

Re: [Freeipa-users] Library to change expired password

2009-10-30 Thread Dan Scott
Hi, Thanks for your replies. On Fri, Oct 30, 2009 at 09:29, Rob Crittenden wrote: > Jason Gerard DeRose wrote: >> >> On Thu, 2009-10-29 at 17:56 -0400, Dan Scott wrote: >>> >>> Hi, >>> >>> I'm trying to integrate FreeIPA with a Java webapp using JAAS. I have >>> the login module configured prope

Re: [Freeipa-users] Library to change expired password

2009-10-30 Thread Rob Crittenden
Dan Scott wrote: This may not be too difficult to do in a web form (SSL protected, of course). You should be able to create a non-kerberos auth page that prompts for username, old and new password and a submit button. You could pass this onto a a simple backend that does an LDAP bind as the user

Fwd: [Freeipa-users] Library to change expired password

2009-10-30 Thread Dan Scott
Sorry, forgot to copy everyone else in. Dan -- Forwarded message -- From: Dan Scott Date: Fri, Oct 30, 2009 at 18:15 Subject: Re: [Freeipa-users] Library to change expired password To: Rob Crittenden Hi, On Fri, Oct 30, 2009 at 17:42, Rob Crittenden wrote: > Dan Scott wrote