Hi Andrew, You can use the Unicon password management module using the maven overlay mechanism. We did this and got both "forgot password?" and "change password" functionality. I understand the only two directories it supports are OpenLDAP and Microsoft ActiveDirectory.
Also, we had trouble enabling password policy enforcement on OpenLDAP, so we didn't :-). The implication is that when a user clicks on "forgotten password" and has a random string sent to them as their temporary password, the system doesn't force them to change it to something else on their next logon. If they want, they can continue to keep this password. If they want to change it, then they have to explicitly execute the "change password" function. Hope this helps. Regards, Ganesh On 5 September 2014 04:26, Andrew McKinney <[email protected]> wrote: > First, full disclosure, I am fairly new to Spring and CAS. That being > said, I have been tasked at our institution with adding password management > features to the CAS system (3.5.2). To accomplish this, I have added a new > Controller to our CAS server overlay to perform a password change. > Ironically, the problem I am having is securing the new controller behind > the CAS authentication. > > > > To try and accomplish this I have modified the securityContext.xml file to > mimic the settings used for the services management piece. Using this > method I have been able to require the user to authenticate with CAS before > using the password change form, but it seems to not respect the > authentication for single sign on. > > > > Long story short, I am trying to add several new controllers to the CAS > server overlay, and would like those controllers to require CAS > authentication before they are used. Is there are good way to accomplish > this within the CAS server overlay, or should I simply write a stand-alone > password management application that authenticates against CAS? > > > > Thanks, > > > > Andrew McKinney > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
