can you explain me, how implemented password management in cas 5.2 and can
share cas.properties file and which dependency are you used in pox.xml file?
On Tuesday, November 20, 2018 at 10:33:06 PM UTC+5:30, MD. Fazla Rabby
wrote:
>
> We are already using CAS5.2 and password management working fine. But for
> CAS version 6 we are getting the ldap referral error
> "java.security.cert.CertificateException: Hostname does not match the
> hostname in the server's certificate site:stackoverflow.com"
> How to get around with this
>
> This is my cas.properties
>
>
>
> cas.authn.pm.enabled=true
> cas.authn.pm.policyPattern=^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9
> ])(?=.*?[#?!@$%~()_{}-]).{8,}$
> cas.authn.pm.reset.text=Reset your password with this link: %s
> cas.authn.pm.reset.subject=Password Reset Request
> cas.authn.pm.reset.from=myemail.mydomain.com
>
>
> #password reset expiry is set to 1 day equivalent minutes
> cas.authn.pm.reset.expirationMinutes=1440
> cas.authn.pm.reset.emailAttribute=secondaryEmail
> cas.authn.pm.reset.securityQuestionsEnabled=true
>
> # Automatically log in after successful password change
> cas.authn.pm.autoLogin=false
>
> # Used to sign/encrypt the password-reset link
> cas.authn.pm.reset.crypto.encryption.key=asdasdasdasdasdasdasdasdasdasd
> cas.authn.pm.reset.crypto.signing.key
> =asdasdasasdasdasdasdadsadasdasdasdasd
> cas.authn.pm.reset.crypto.enabled=true
>
>
> #Email Submissions
>
> spring.mail.host=smtp.office365.com
> spring.mail.port=587
> spring.mail.username=mye...@email.com <javascript:>
> spring.mail.password=pass
> spring.mail.testConnection=true
> spring.mail.properties.mail.smtp.auth=true
> spring.mail.properties.mail.smtp.starttls.enable=true
>
> #
> ##LDAP Password management
> #
> cas.authn.pm.ldap.type=AD
> #
> cas.authn.pm.ldap.ldapUrl=ldaps://myldap:636
> cas.authn.pm.ldap.useSsl=true
> cas.authn.pm.ldap.useStartTls=false
> cas.authn.pm.ldap.connectTimeout=50000
> cas.authn.pm.ldap.baseDn=DC=xx,DC=xx,DC=xx,DC=xx
> cas.authn.pm.ldap.searchFilter=cn={user}
> cas.authn.pm.ldap.subtreeSearch=true
> cas.authn.pm.ldap.bindDn=CN=xx,OU=xx,DC=xx,DC=xx,DC=xx,DC=xx
> cas.authn.pm.ldap.bindCredential=pass
> # cas.authn.pm.ldap.connectionStrategy=
> cas.authn.pm.ldap.trustCertificates=file:/etc/cas/myldap.cer
> ## cas.authn.pm.ldap.keystore=
> ## cas.authn.pm.ldap.keystorePassword=
> ## cas.authn.pm.ldap.keystoreType=JKS|JCEKS|PKCS12
> cas.authn.pm.ldap.poolPassivator=BIND
> cas.authn.pm.ldap.minPoolSize=3
> cas.authn.pm.ldap.maxPoolSize=10
> cas.authn.pm.ldap.validateOnCheckout=true
> cas.authn.pm.ldap.validatePeriodically=true
> cas.authn.pm.ldap.validatePeriod=600
> cas.authn.pm.ldap.validateTimeout=5000
> cas.authn.pm.ldap.failFast=true
> cas.authn.pm.ldap.idleTime=500
> cas.authn.pm.ldap.prunePeriod=600
> cas.authn.pm.ldap.blockWaitTime=5000
>
> ##cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
> #
> ## Attributes that should be fetched to indicate security questions and
> answers,
> ## assuming security questions are enabled.
> cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion1
> =attributeAnswer1
> cas.authn.pm.ldap.securityQuestionsAttributes.attributeQuestion2
> =attributeAnswer2
> cas.authn.pm.ldap.securityQuestionsAttributes.attrQuestion3=
> attributeAnswer2
> #
> cas.authn.pm.ldap.validator.type=SEARCH
> cas.authn.pm.ldap.validator.baseDn=DC=xx,DC=xx,DC=xx,DC=xx
> ##cas.authn.pm.ldap.validator.searchFilter=(objectClass=*)
> cas.authn.pm.ldap.validator.scope=SUBTREE
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/1d2b5ab2-a319-47b7-a802-be92b1008802o%40apereo.org.
