I have LPPE working fine but when the password is expired or is set to must
change password I need some help with the actions.
This is something new I have been experimenting with, the current password
management system sits behind CAS using clearPass so in order for a user to
change their password they have to login through CAS which redirects them
to the application where they can change their password and setup security
questions among other things. The "forgot password" part is not protected
so anytime they can reset their password as long as they setup their
responses previously.
I was looking at the login-webflow.xml and trying to figure out how to
grant a service ticket so that they would be able to actually get in and
change their password, the below is maybe what I was looking at but I am
not sure if that is the right direction.
<transition on="mustChangePassword" to="idmsendTicketGrantingTicket" />
<transition on="passwordExpired" to="idmsendTicketGrantingTicket" />
<action-state id="idmsendTicketGrantingTicket">
<evaluate expression="sendTicketGrantingTicketAction" />
<transition to="idmserviceCheck" />
</action-state>
<decision-state id="idmserviceCheck">
<if test="flowScope.service != null" then="generateServiceTicket"
else="idmviewManagePassword" />
</decision-state>
<end-state id="idmviewManagePassword" view="idmManagePassView" />
I am assuming this would grant a service ticket and then redirect to the
page I created "idmManagePassView" which is basically a copy of
"casMustChangePassView" with a link to change their password behind the CAS
protected password application.
Any help would be appreciated,
JASON
--
You are currently subscribed to cas-user@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
