-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I had actually been barking up that tree -- using BindLdap, and not FastBind, but had to move in different directions. I will try to replicate your results in the morning and see what I can come up with.
Thanks for the pointers! Jeff Vitty, Paul wrote: > Jeff/Ahsan, > > I've been working on this issue this evening and have gotten to the point > where I am seeing the output you expect to see. > > I'm not sure, maybe you know this already, but the password about to expire > message is only shown when you request a service ticket, it's not shown when > only a ticket granting ticket is requested. > > Another thing I worked out is that you need to use the > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler for your LDAP > authentication handler in deployerConfigContext.xml, where as before we were > using the Fast Bind class. Not sure if that helps you out, but it's got me > this far. > > Paul > > On 15 Feb 2010, at 22:16, Jeff Chapin wrote: > > No, I have not got this to work yet. > > I moved focus to other issues on my plate. I will look into this again > further tomorrow, but this appears to be the *EXACT* same experience I > am having -- so we appear to be on the same page, at least. > > Jeff > > Ahsan Imam wrote: >>>> Jeff, >>>> >>>> Did you ever get the module to work? Are you still have issues? After >>>> the documentation was updated on Feb 10, I changed my configuration >>>> setting specified for passwordWarningcheck.xml. I am getting no warning >>>> message and there is nothing in the logs. Logging is set to: >>>> >>>> log4j.logger.org.jasig.cas.services=INFO >>>> log4j.logger.org.jasig.cas.web.flow=DEBUG >>>> log4j.logger.org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck=DEBUG >>>> log4j.logger.org.jasig.cas.adaptors=DEBUG >>>> >>>> >>>> I set warnAll to true and I should see a message "Show Warning (WarnALL >>>> is TRUE!) -- The password for " + userID + " will expire in " + >>>> Math.round(DateDiff / Timer.ONE_DAY) + " days" based on the code. I do >>>> not see and message in the browser or the logs. >>>> >>>> I wonder if I am missing something.... >>>> >>>> Sincerely, >>>> Ahsan >>>> >>>> >>>> On Fri, Feb 12, 2010 at 7:55 AM, Jeff Chapin <jeff.cha...@uni.edu >>>> <mailto:jeff.cha...@uni.edu>> wrote: >>>> >>>> You guys rock! >>>> >>>> Only problem I have is I am still not seeing anything new in my logs. I >>>> am seeing the same behavior as with the last version. >>>> >>>> Thank you so much for the assistance. >>>> >>>> Jeff >>>> >>>> Scott Battaglia wrote: >>>>> I think Eric made an update to the page. Not sure if that will >>>> help or not. >>>> >>>> >>>>> On Thu, Feb 11, 2010 at 10:29 AM, Jeff Chapin <jeff.cha...@uni.edu >>>> <mailto:jeff.cha...@uni.edu> >>>>> <mailto:jeff.cha...@uni.edu <mailto:jeff.cha...@uni.edu>>> wrote: >>>>> I believe that log line came from this bean: >>>>> <bean id="PasswordWarningCheckAction" >>>>> class="org.jasig.cas.web.flow.PasswordWarningCheckAction"> >>>>> <property name="passwordWarningCheck" >>>>> ref="passwordWarningCheck" /> >>>>> </bean> >>>> >>>>> This was documented in the link below. Am I off base? I am still >>>>> learning how this setup works and feeling my way around. >>>>> Jeff >>>>> Scott Battaglia wrote: >>>>>> I don't know much about it but there's no reason it shouldn't >>>>> work. It >>>>>> doesn't look like there any instructions to tell you to add it to the >>>>>> web flow though. >>>> >>>>>> On Wed, Feb 10, 2010 at 12:03 PM, Jeff Chapin >>>> <jeff.cha...@uni.edu <mailto:jeff.cha...@uni.edu> >>>>> <mailto:jeff.cha...@uni.edu <mailto:jeff.cha...@uni.edu>> >>>>>> <mailto:jeff.cha...@uni.edu <mailto:jeff.cha...@uni.edu> >>>> <mailto:jeff.cha...@uni.edu <mailto:jeff.cha...@uni.edu>>>> wrote: >>>> >>>>>> Hello, >>>>>> I am using CAS 3.3.5, and I have tried to get LDAP password policy >>>>>> enforcement running, as per >>>> >>>> http://www.ja-sig.org/wiki/display/CASUM/LDAP+Password+Policy+Enforcement. >>>> >>>>>> I have cranked logging as follows: >>>>>> log4j.logger.org.jasig.cas.services=INFO >>>>>> log4j.logger.org.jasig.cas.web.flow=DEBUG >>>> >>>> log4j.logger.org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck=DEBUG >>>>>> log4j.logger.org.jasig.cas.adaptors=DEBUG >>>>>> , other than that, the logging is identical to the Logging page on >>>>>> the wiki. >>>>>> Here are the only logs that are currently appearing: >>>>>> 2010-02-10 10:58:58,550 INFO >>>>>> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Search >>>>> Filter: >>>>>> 'cn=%u'> >>>>>> 2010-02-10 10:58:58,551 INFO >>>>>> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Expire Date >>>>>> Attribute: 'pwdchangedtime'> >>>>>> 2010-02-10 10:58:58,551 INFO >>>>>> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Warning >>>> Days >>>>>> Attribute: 'passwordwarningdays'> >>>>>> 2010-02-10 10:58:58,551 INFO >>>>>> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Default >>>>>> Warning Days: '-1'> >>>>>> 2010-02-10 10:58:58,551 INFO >>>>>> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <Date >>>> format: >>>>>> 'yyyyMMddHHmmss'z''> >>>>>> 2010-02-10 10:58:58,551 INFO >>>>>> [org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck] - <LDAP Search >>>>>> Base: 'cn=Users,dc=collab,dc=uni,dc=edu'> >>>>>> 2010-02-10 10:58:58,553 DEBUG >>>>>> [org.jasig.cas.web.flow.PasswordWarningCheckAction] - <inited with >>>> >>>> passwordWarningChecker='org.jasig.cas.adaptors.ldap.LdapPasswordWarningCheck'> >>>> >>>>>> As well as a mention to the bean in the following line. >>>>>> 2010-02-10 10:58:58,771 INFO >>>> >>>> [org.springframework.beans.factory.support.DefaultListableBeanFactory] - >>>>>> <Pre-instantiating singletons in >>>> >>>> org.springframework.beans.factory.support.defaultlistablebeanfact...@3052ce: >>>> >>>>>> It appears to me that the PasswordWarningCheck is not even firing >>>> -- I >>>>>> would expect much more logging output that this. >>>>>> As an aside, I put -1 as the Warning days, as out LDAP server (Oracle >>>>>> OID) currently only reports the time the password was last >>>>> changed, not >>>>>> when it expires. I have tried positive values with no difference >>>>> in the >>>>>> results. >>>>>> Am I missing something, or is this code simply incompatible with the >>>>>> current CAS version? >>>>>> Thanks, >>>>>> Jeff >>>> >>>> >> - -- You are currently subscribed to cas-user@lists.jasig.org as: p.vi...@ulster.ac.uk To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user >> > This email and any attachments are confidential and intended solely for the > use of the addressee and may contain information which is covered by legal, > professional or other privilege. If you have received this email in error > please notify the system manager at postmas...@ulster.ac.uk. The University's > computer systems may be monitored and communications carried on them recorded > to secure the effective operation of the system and for other lawful purposes. - -- Jeff Chapin, Assistant Systems/Applications Administrator ITS-IS, University of Northern Iowa Phone: 319-273-3162 Email: jeff.cha...@uni.edu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkt5yiIACgkQQiaEUfQoY7Sv/QCgsNvzNlIe9ZHlItyZtBz/pvvB A88AoKyYj7kM6VOAB1XTXDE3Pw+xFxV/ =KEoO -----END PGP SIGNATURE----- -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user