Jamie,
We are using SunJava Directory Server Enterprise Edition 6.3.1
We did not have issues with LDAP messages in the 3.3.5 version of
cas-server-support-ldap-pwd-expiration but are experiencing what I believe to
be similar issues to what you describe in the 3.4.2 version.
Raymond Walker
Software Systems Engineer Sr.
ITS Northern Arizona University
ray.wal...@nau.edu
Phone 928-523-0334
On Aug 2, 2010, at 4:50 PM, Jamie L Sammons wrote:
> Raymond,
>
> Are you using OpenLDAP? Just curious if you had gotten that far with it as
> I'm not able to do so yet.
>
> Thank you,
> Jamie Sammons
>
>
> From: Raymond D Walker <ray.wal...@nau.edu>
> To: cas-user@lists.jasig.org
> Date: 08/02/2010 06:43 PM
> Subject: Re: [cas-user] LDAP Password Policy module problems
>
>
>
>
> Eric,
>
> Yep... I see the BindLdapAuthenticationHandler throwing, and the
> AuthenticationViaFormAction catching it... and eventually
> hitting:
>
>
> if(e.getCode().equals(ExpiredPasswordException.EXPIRED_PASSWORD_CODE)){
> return
> "showExpiredPassView";
> }
>
> but the spring webflow never triggers correctly... so for the time being I
> had to modify it to explicitly do something when encountering an expired
> password...
>
> <action-state id="realSubmit">
> <evaluate
> expression="authenticationViaFormAction.submit(flowRequestContext,
> flowScope.credentials, messageContext)" />
> <transition on="showExpiredPassView" to="PasswordExpiredCheck"
> />
> <transition on="warn" to="warn" />
> <transition on="success" to="sendTicketGrantingTicket" />
> <transition on="error" to="viewLoginForm" />
> </action-state>
>
> In our case, I fire off another action in the "PasswordExpiredCheck" state to
> do some more checking on the user to supply a customized URL for our password
> change webapp... and eventually get to the "showExpiredPassView" end state.
> I'm guessing one could as easily transition to "showExpiredPassView" instead.
>
> Something is definitely up with how the spring webflow is setup... the new
> version of spring is still "new to me" so pardon any mis-wording, etc.
>
>
> Raymond Walker
> Software Systems Engineer Sr.
> ITS Northern Arizona University
> ray.wal...@nau.edu
> On Aug 2, 2010, at 7:18 AM, Eric Pierce wrote:
>
> > Are you sure you're using the BindLdapAuthenticationHandler included
> > with the ldap-pwd-expiration module? It compares the result to a
> > Regular Expression that should catch 'Password expired' and throws a
> > custom exception (ExpiredPasswordException)
> >
> > -Eric
> >
> > On 8/1/10, Jamie Sammons <jsamm...@cds-global.com> wrote:
> >> I have also tried this with CAS 3.4.2.1 and
> >> cas-server-support-ldap-pwd-expiration-3.4.2 and it appears to do the same
> >> thing.
> >>
> >> It still seems like the LDAP error messages aren't making their way up
> >> through the application for some reason.
> >> --
> >> You are currently subscribed to cas-user@lists.jasig.org as:
> >> epie...@usf.edu
> >> To unsubscribe, change settings or access archives, see
> >> http://www.ja-sig.org/wiki/display/JSG/cas-user
> >>
> >
> >
> > --
> > Eric Pierce
> > Identity Management Architect
> > Information Technology
> > University of South Florida
> > (813) 974-8868 -- epie...@usf.edu
> >
> > --
> > You are currently subscribed to cas-user@lists.jasig.org as:
> > ray.wal...@nau.edu
> > To unsubscribe, change settings or access archives, see
> > http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> jsamm...@cds-global.com
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
>
>
>
>
> ---------------------------------------------------------
>
> This e-mail message is intended only for the personal use of the recipient(s)
> named above. If you are not an intended recipient, you may not review, copy or
> distribute this message. If you have received this communication in error,
> please notify the CDS Global Help Desk (cdshelpd...@cds-global.com)
> immediately
> by e-mail and delete the original message.
>
> ---------------------------------------------------------
> --
> You are currently subscribed to cas-user@lists.jasig.org as:
> ray.wal...@nau.edu
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
