Our organization wants to be able to expire passwords, lock out accounts, etc. I have seen some discussion about expiring passwords but haven't found a clear cut way of handling them. Currently I am using the FastBindLDAPAuthenticator to do our ldap bind. This is working great, except that if the login fails for any reason, the login page is shown again. I need to be able to hook into the ldap exception coming back from the ldap bind, and depending on the ldap error code show them a different page or else the login page again.
I have found that the actual ldap exception (NamingException) gets handled in the org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource class. However, it eats the NamingException and just throws a DataAccessResourceFailureException. This exception percolates up to the FastBindLdapAuthenticationHandler, and then back up (eventually) to the AuthenticationViaFormAction class which populates the ErrorInstance, and sets the spring Event to error. So I think I know how the current process is working and would like to get everyone's idea on the best way to hook in what I want. Another question I had is how do you get the Errors (that are set in AuthenticationViaFormAction) in a different class? Is there a way to get at them? First, I would really like to not modify any of the cas-server-core code. I guess I could basically write my own classes that do the same things as the FastBindLdapAuthenticationHandler & AuthenticatedLdapContextSource but that keeps the NamingException around rather than eating it, but this doesn't really sound right to me. Second, I would really like to somehow just hook into the spring webflow and insert my code to check the NamingException and redirect to the correct page based on it. I hope this makes sense; I am just looking to see what the best way to accomplish this might be. -- View this message in context: http://www.nabble.com/Hook-into-LDAP-Errors-tp19465040p19465040.html Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
