[cas-user] Re: CAS Forget password & Change Password Options

[Eduardo Rdez]

Hello, 

We could allow the password change option from the login page using the 
following link:

    https://url.domain.com/cas/login?doChangePassword

Now users can voluntary follow the link, and do a password change at Ldap.








El jueves, 31 de enero de 2019, 13:08:16 (UTC+1), Eduardo Rdez escribió:
>
> Hello,
>
> We have the same problem. Also using CAS v5.3 connected to Ldap for user 
> access. These are the steps we have taken to use the Forget Password, but 
> no idea how to enable user change password. See if someone can help us to 
> finish configuration. We would like to have one link for a voluntary change 
> password action an another link for reset/forget password.
>
> Added dependency:
>   <dependency>
>      <groupId>org.apereo.cas</groupId>
>      <artifactId>cas-server-support-pm-ldap</artifactId>
>      <version>${cas.version}</version>
>   </dependency>
>
> Configured in cas.properties:
>
> # EMAIL SERVER
> spring.mail.host=smtp.office365.com
> spring.mail.port=587
> spring.mail.username=xxxxxxxxxxxxxx
> spring.mail.password=xxxxxxxxxxxxxx
> spring.mail.testConnection=true
> spring.mail.properties.mail.smtp.auth=true
> spring.mail.properties.mail.smtp.starttls.enable=true
>
> # PASSWORD MANAGEMENT
> cas.authn.pm.enabled=true
> cas.authn.pm.reset.expirationMinutes=3
> cas.authn.pm.reset.securityQuestionsEnabled=false
> cas.authn.pm.autoLogin=false
>
> # CHANGE PASSWORD EMAILS
> cas.authn.pm.reset.mail.from=u...@email.com
> cas.authn.pm.reset.mail.text=email text, reset your password %s
> cas.authn.pm.reset.mail.subject=Change your password
> cas.authn.pm.reset.mail.cc=
> cas.authn.pm.reset.mail.bcc=
> cas.authn.pm.reset.mail.attributeName=primaryMail
>
> # CHANGE PASSWORD LDAP CONNECTION
> cas.authn.pm.ldap.type=GENERIC
> cas.authn.pm.ldap.ldapUrl=ldap://localhost:1389
> cas.authn.pm.ldap.bindDn=uid=casuser,ou=apiusers,ou=root,c=country
> cas.authn.pm.ldap.bindCredential=xxxxxxxxxxx
> cas.authn.pm.ldap.poolPassivator=BIND
> cas.authn.pm.ldap.connectionStrategy=DEFAULT
>
> cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider
> cas.authn.pm.ldap.connectTimeout=PT5S
> cas.authn.pm.ldap.minPoolSize=3
> cas.authn.pm.ldap.maxPoolSize=10
> cas.authn.pm.ldap.idleTime=PT10M
> cas.authn.pm.ldap.useSsl=false
> cas.authn.pm.ldap.useStartTls=false
> cas.authn.pm.ldap.responseTimeout=PT5S
> cas.authn.pm.ldap.baseDn=ou=users,ou=root,c=country
> cas.authn.pm.ldap.subtreeSearch=true
> cas.authn.pm.ldap.searchFilter=username={user}
>
> # LDAP PASSWORD POLICY
> cas.authn.ldap[0].passwordPolicy.enabled=true
> cas.authn.ldap[0].passwordPolicy.type=GENERIC
>
> cas.authn.ldap[0].passwordPolicy.policyAttributes.accountLocked=javax.security.auth.login.AccountLockedException
> cas.authn.ldap[0].passwordPolicy.loginFailures=5
> cas.authn.ldap[0].passwordPolicy.warningAttributeValue=
> cas.authn.ldap[0].passwordPolicy.warningAttributeName=
> cas.authn.ldap[0].passwordPolicy.displayWarningOnMatch=true
> cas.authn.ldap[0].passwordPolicy.warnAll=true
> cas.authn.ldap[0].passwordPolicy.warningDays=30
> cas.authn.ldap[0].passwordPolicy.accountStateHandlingEnabled=true
> cas.authn.ldap[0].passwordPolicy.strategy=DEFAULT
>
> # TOKEN MANAGEMENT
> authn.passwordless.accounts.expireInSeconds=180
>
>
> This configuration allows a "Reset your Password" link at login page, that 
> shows a login form where you can identify a user name and submit the form. 
> This action is making CAS to search for the user email in Ldap, and sends a 
> reset password email, with a encoded link that is not working, just 
> redirects to the usual login page.
>
> The next step that we are doing, is enabling the dependency for 
> passwordless, but as we load this new cas.war, the normal login page is 
> changed with a form where you can just write a user and submit form, that 
> is not working.
>
>  <dependency>
>      <groupId>org.apereo.cas</groupId>
>      <artifactId>cas-server-support-passwordless</artifactId>
>      <version>${cas.version}</version>
>  </dependency> 
>  
>
> Can someone tell us how to enable change password and reset password 
> configuracion/flows? 
>
>
> Thanks,
>
>
>
>
>
> El martes, 9 de octubre de 2018, 14:32:25 (UTC+2), Ramesh Ramaiah escribió:
>>
>>
>> Hi,
>>
>> I'm using CAS5.3 version and LDAP for user creating and access. My 
>> problem is If a end user want to change their CAS password voluntarily 
>> means, how we do this. Is there any option for that ?
>>
>> Also end user want to use the Forget password.  Please post your reply, 
>> If you have any ideas for this 2 problems ?
>>
>> Thanks for Advance.
>>
>> Thank you.
>> Ramesh.R
>>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/acd97b70-566c-4f1a-ad7a-fcde5bdd63db%40apereo.org.