-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,
I am using CAS 3.3.5, and I have tried to get LDAP password policy enforcement running, as per http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement. I have cranked logging as follows: log4j.logger.org.jasig.cas.services=INFO log4j.logger.org.jasig.cas.web.flow=DEBUG log4j.logger.org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck=DEBUG log4j.logger.org.jasig.cas.adaptors=DEBUG , other than that, the logging is identical to the Logging page on the wiki. Here are the only logs that are currently appearing: 2010-02-10 10:58:58,550 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Search Filter: 'cn=%u'> 2010-02-10 10:58:58,551 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Expire Date Attribute: 'pwdchangedtime'> 2010-02-10 10:58:58,551 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Warning Days Attribute: 'passwordwarningdays'> 2010-02-10 10:58:58,551 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Default Warning Days: '-1'> 2010-02-10 10:58:58,551 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Date format: 'yyyyMMddHHmmss'z''> 2010-02-10 10:58:58,551 INFO [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <LDAP Search Base: 'cn=Users,dc=collab,dc=uni,dc=edu'> 2010-02-10 10:58:58,553 DEBUG [org.jasig.cas.web.flow.PasswordWarningCheckAction] - <inited with passwordWarningChecker='org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck'> As well as a mention to the bean in the following line. 2010-02-10 10:58:58,771 INFO [org.springframework.beans.factory.support.DefaultListableBeanFactory] - <Pre-instantiating singletons in org.springframework.beans.factory.support.defaultlistablebeanfact...@3052ce: It appears to me that the PasswordWarningCheck is not even firing -- I would expect much more logging output that this. As an aside, I put -1 as the Warning days, as out LDAP server (Oracle OID) currently only reports the time the password was last changed, not when it expires. I have tried positive values with no difference in the results. Am I missing something, or is this code simply incompatible with the current CAS version? Thanks, Jeff - -- Jeff Chapin, Assistant Systems/Applications Administrator ITS-IS, University of Northern Iowa Phone: 319-273-3162 Email: jeff.cha...@uni.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkty5uQACgkQQiaEUfQoY7Tq3wCgwearzWIF2Mfo61pzzulHQxUs auUAnRW6MJSGWdSDn4681GiEHYmwy4Yr =WiAt -----END PGP SIGNATURE----- -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
