HiAhsan, I'm having the exact same problem. I have the other aspects of the LDAP Password policy module working such as showing a warning message if the account is disabled or locked. However, I can't see the module even checking the last password set time to see if the account is close to expire etc. Has anyone else actually gotten this module to show a close to expiry warning?
Paul Vitty Apache/MySQL Web Platform Engineer Application Platform Delivery Information Services Directorate University of Ulster Tel: 02890 366273 Email: <mailto:p.vi...@ulster.ac.uk> p.vi...@ulster.ac.uk<mailto:p.vi...@ulster.ac.uk> Web: <http://www.ulster.ac.uk/staff/p.vitty.html> http://www.ulster.ac.uk/staff/p.vitty.html On 15 Feb 2010, at 17:31, "Ahsan Imam" <efere...@gmail.com<mailto:efere...@gmail.com>> wrote: Jeff, Did you ever get the module to work? Are you still have issues? After the documentation was updated on Feb 10, I changed my configuration setting specified for passwordWarningcheck.xml. I am getting no warning message and there is nothing in the logs. Logging is set to: log4j.logger.org.jasig.cas.services=INFO log4j.logger.org.jasig.cas.web.flow=DEBUG log4j.logger.org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck=DEBUG log4j.logger.org.jasig.cas.adaptors=DEBUG I set warnAll to true and I should see a message "Show Warning (WarnALL is TRUE!) -- The password for " + userID + " will expire in " + Math.round(DateDiff / Timer.ONE_DAY) + " days" based on the code. I do not see and message in the browser or the logs. I wonder if I am missing something.... Sincerely, Ahsan On Fri, Feb 12, 2010 at 7:55 AM, Jeff Chapin <<mailto:jeff.cha...@uni.edu>jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu>> wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You guys rock! Only problem I have is I am still not seeing anything new in my logs. I am seeing the same behavior as with the last version. Thank you so much for the assistance. Jeff Scott Battaglia wrote: > I think Eric made an update to the page. Not sure if that will help or not. > > > On Thu, Feb 11, 2010 at 10:29 AM, Jeff Chapin > <<mailto:jeff.cha...@uni.edu>jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu> > <mailto:<mailto:jeff.cha...@uni.edu>jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu>>> > wrote: > > I believe that log line came from this bean: > <bean id="PasswordWarningCheckAction" > class="org.jasig.cas.web.flow.PasswordWarningCheckAction"> > <property name="passwordWarningCheck" > ref="passwordWarningCheck" /> > </bean> > > > This was documented in the link below. Am I off base? I am still > learning how this setup works and feeling my way around. > > Jeff > > Scott Battaglia wrote: >> I don't know much about it but there's no reason it shouldn't > work. It >> doesn't look like there any instructions to tell you to add it to the >> web flow though. > > >> On Wed, Feb 10, 2010 at 12:03 PM, Jeff Chapin >> <<mailto:jeff.cha...@uni.edu>jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu> > <mailto:<mailto:jeff.cha...@uni.edu>jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu>> >> <mailto:<mailto:jeff.cha...@uni.edu>jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu> >> >> <mailto:<mailto:jeff.cha...@uni.edu>jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu>>>> >> wrote: > >> Hello, > >> I am using CAS 3.3.5, and I have tried to get LDAP password policy >> enforcement running, as per > > <http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement> > http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement. > >> I have cranked logging as follows: >> log4j.logger.org.jasig.cas.services=INFO >> log4j.logger.org.jasig.cas.web.flow=DEBUG > > log4j.logger.org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck=DEBUG >> log4j.logger.org.jasig.cas.adaptors=DEBUG >> , other than that, the logging is identical to the Logging page on >> the wiki. > >> Here are the only logs that are currently appearing: > >> 2010-02-10 10:58:58,550 INFO >> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Search > Filter: >> 'cn=%u'> >> 2010-02-10 10:58:58,551 INFO >> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Expire Date >> Attribute: 'pwdchangedtime'> >> 2010-02-10 10:58:58,551 INFO >> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Warning Days >> Attribute: 'passwordwarningdays'> >> 2010-02-10 10:58:58,551 INFO >> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Default >> Warning Days: '-1'> >> 2010-02-10 10:58:58,551 INFO >> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Date format: >> 'yyyyMMddHHmmss'z''> >> 2010-02-10 10:58:58,551 INFO >> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <LDAP Search >> Base: 'cn=Users,dc=collab,dc=uni,dc=edu'> >> 2010-02-10 10:58:58,553 DEBUG >> [org.jasig.cas.web.flow.PasswordWarningCheckAction] - <inited with > > passwordWarningChecker='org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck'> > >> As well as a mention to the bean in the following line. > >> 2010-02-10 10:58:58,771 INFO > > [org.springframework.beans.factory.support.DefaultListableBeanFactory] - >> <Pre-instantiating singletons in > > org.springframework.beans.factory.support.defaultlistablebeanfact...@3052ce: > >> It appears to me that the PasswordWarningCheck is not even firing -- I >> would expect much more logging output that this. > >> As an aside, I put -1 as the Warning days, as out LDAP server (Oracle >> OID) currently only reports the time the password was last > changed, not >> when it expires. I have tried positive values with no difference > in the >> results. > >> Am I missing something, or is this code simply incompatible with the >> current CAS version? > >> Thanks, > >> Jeff > > - -- You are currently subscribed to <mailto:cas-user@lists.jasig.org> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> <mailto:<mailto:cas-user@lists.jasig.org>cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org>> as: <mailto:scott.battag...@gmail.com> scott.battag...@gmail.com<mailto:scott.battag...@gmail.com> <mailto:<mailto:scott.battag...@gmail.com>scott.battag...@gmail.com<mailto:scott.battag...@gmail.com>> To unsubscribe, change settings or access archives, see <http://www.ja-sig.org/wiki/display/JSG/cas-user>http://www.ja-sig.org/wiki/display/JSG/cas-user > -- > You are currently subscribed to <mailto:cas-user@lists.jasig.org> > cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: > <mailto:jeff.cha...@uni.edu> jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu> > To unsubscribe, change settings or access archives, see > <http://www.ja-sig.org/wiki/display/JSG/cas-user> > http://www.ja-sig.org/wiki/display/JSG/cas-user - -- Jeff Chapin, Assistant Systems/Applications Administrator ITS-IS, University of Northern Iowa Phone: 319-273-3162 Email: <mailto:jeff.cha...@uni.edu> jeff.cha...@uni.edu<mailto:jeff.cha...@uni.edu> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - <http://enigmail.mozdev.org/> http://enigmail.mozdev.org/ iEYEARECAAYFAkt1a90ACgkQQiaEUfQoY7TsrQCffpVeM8BQFyjUqafvHx1WkLDx 0cgAn3FJGU4HWG/gdtUpj03f+kdLBjn9 =fmiC -----END PGP SIGNATURE----- -- You are currently subscribed to <mailto:cas-user@lists.jasig.org> cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: <mailto:efere...@gmail.com> efere...@gmail.com<mailto:efere...@gmail.com> To unsubscribe, change settings or access archives, see <http://www.ja-sig.org/wiki/display/JSG/cas-user> http://www.ja-sig.org/wiki/display/JSG/cas-user -- s/Ahsan/?/g -- You are currently subscribed to cas-user@lists.jasig.org<mailto:cas-user@lists.jasig.org> as: <mailto:p.vi...@ulster.ac.uk> p.vi...@ulster.ac.uk<mailto:p.vi...@ulster.ac.uk> To unsubscribe, change settings or access archives, see <http://www.ja-sig.org/wiki/display/JSG/cas-user> http://www.ja-sig.org/wiki/display/JSG/cas-user ________________________________ This email and any attachments are confidential and intended solely for the use of the addressee and may contain information which is covered by legal, professional or other privilege. If you have received this email in error please notify the system manager at postmas...@ulster.ac.uk. The University's computer systems may be monitored and communications carried on them recorded to secure the effective operation of the system and for other lawful purposes. -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
