I have LPPE working fine but when the password is expired or is set to must change password I need some help with the actions.
This is something new I have been experimenting with, the current password management system sits behind CAS using clearPass so in order for a user to change their password they have to login through CAS which redirects them to the application where they can change their password and setup security questions among other things. The "forgot password" part is not protected so anytime they can reset their password as long as they setup their responses previously. I was looking at the login-webflow.xml and trying to figure out how to grant a service ticket so that they would be able to actually get in and change their password, the below is maybe what I was looking at but I am not sure if that is the right direction. <transition on="mustChangePassword" to="idmsendTicketGrantingTicket" /> <transition on="passwordExpired" to="idmsendTicketGrantingTicket" /> <action-state id="idmsendTicketGrantingTicket"> <evaluate expression="sendTicketGrantingTicketAction" /> <transition to="idmserviceCheck" /> </action-state> <decision-state id="idmserviceCheck"> <if test="flowScope.service != null" then="generateServiceTicket" else="idmviewManagePassword" /> </decision-state> <end-state id="idmviewManagePassword" view="idmManagePassView" /> I am assuming this would grant a service ticket and then redirect to the page I created "idmManagePassView" which is basically a copy of "casMustChangePassView" with a link to change their password behind the CAS protected password application. Any help would be appreciated, JASON -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user