I don't know much about it but there's no reason it shouldn't work. It doesn't look like there any instructions to tell you to add it to the web flow though.
On Wed, Feb 10, 2010 at 12:03 PM, Jeff Chapin <jeff.cha...@uni.edu> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > > I am using CAS 3.3.5, and I have tried to get LDAP password policy > enforcement running, as per > http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement. > > I have cranked logging as follows: > log4j.logger.org.jasig.cas.services=INFO > log4j.logger.org.jasig.cas.web.flow=DEBUG > log4j.logger.org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck=DEBUG > log4j.logger.org.jasig.cas.adaptors=DEBUG > , other than that, the logging is identical to the Logging page on the > wiki. > > Here are the only logs that are currently appearing: > > 2010-02-10 10:58:58,550 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Search Filter: > 'cn=%u'> > 2010-02-10 10:58:58,551 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Expire Date > Attribute: 'pwdchangedtime'> > 2010-02-10 10:58:58,551 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Warning Days > Attribute: 'passwordwarningdays'> > 2010-02-10 10:58:58,551 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Default > Warning Days: '-1'> > 2010-02-10 10:58:58,551 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Date format: > 'yyyyMMddHHmmss'z''> > 2010-02-10 10:58:58,551 INFO > [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <LDAP Search > Base: 'cn=Users,dc=collab,dc=uni,dc=edu'> > 2010-02-10 10:58:58,553 DEBUG > [org.jasig.cas.web.flow.PasswordWarningCheckAction] - <inited with > > passwordWarningChecker='org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck'> > > As well as a mention to the bean in the following line. > > 2010-02-10 10:58:58,771 INFO > [org.springframework.beans.factory.support.DefaultListableBeanFactory] - > <Pre-instantiating singletons in > org.springframework.beans.factory.support.defaultlistablebeanfact...@3052ce > : > > It appears to me that the PasswordWarningCheck is not even firing -- I > would expect much more logging output that this. > > As an aside, I put -1 as the Warning days, as out LDAP server (Oracle > OID) currently only reports the time the password was last changed, not > when it expires. I have tried positive values with no difference in the > results. > > Am I missing something, or is this code simply incompatible with the > current CAS version? > > Thanks, > > Jeff > > - -- > Jeff Chapin, > Assistant Systems/Applications Administrator > ITS-IS, University of Northern Iowa > Phone: 319-273-3162 Email: jeff.cha...@uni.edu > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkty5uQACgkQQiaEUfQoY7Tq3wCgwearzWIF2Mfo61pzzulHQxUs > auUAnRW6MJSGWdSDn4681GiEHYmwy4Yr > =WiAt > -----END PGP SIGNATURE----- > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > scott.battag...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
