Thank you for your answer. I've tried your configuraiton (with our's specification) But i don't understand which page use or link to reset password.
I've only one link to change password on the login page.. i've tried your link adapted : https://url.domain.com/cas/login?doChangePassword but it's always rediected us to the login page.... Cordialement, Arnauld PEYROU Responsable Technique et Support Direction des Systèmes d'Information. Inrap - 121 rue d'Alésia - 75014 Paris Tél : 01 40 08 80 48. www.inrap.fr Abonnez-vous à la lettre d'information de l'Inrap : http://www.inrap.fr/newsletter.php Le lun. 11 mars 2019 à 10:24, Eduardo Rdez <[email protected]> a écrit : > Hello, > > Not sure because we were working at the same time in change password link > and opt tokens sent by email. The change password link is working but > still working on otp tokens. Try to answer, please do some tests in yout > environment. > > Think we added these sections for change password link. The connection to > Ldap, allow the password management and the password policy. Also remember > to add the password policy pattern: > > # Minimum 8 and Maximum 10 characters at least 1 Lowercase Alphabet first, > 1 Uppercase Alphabet, 1 Number and 1 Special Character from the list > $@$!%.#*?& > > cas.authn.pm.policyPattern=^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[$@$!%.#*?&])[A-Za-z\\d$@$!%.#*?&]{8,10}$ > > # PASSWORD MANAGEMENT > cas.authn.pm.enabled=true > cas.authn.pm.reset.expirationMinutes=3 > cas.authn.pm.reset.securityQuestionsEnabled=false > cas.authn.pm.autoLogin=false > > # CHANGE PASSWORD LDAP CONNECTION > cas.authn.pm.ldap.type=GENERIC > cas.authn.pm.ldap.ldapUrl=ldap://localhost:1389 > cas.authn.pm.ldap.bindDn=uid=casuser,ou=apiusers,ou=root,c=country > cas.authn.pm.ldap.bindCredential=xxxxxxxxxxx > cas.authn.pm.ldap.poolPassivator=BIND > cas.authn.pm.ldap.connectionStrategy=DEFAULT > > cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider > cas.authn.pm.ldap.connectTimeout=PT5S > cas.authn.pm.ldap.minPoolSize=3 > cas.authn.pm.ldap.maxPoolSize=10 > cas.authn.pm.ldap.idleTime=PT10M > cas.authn.pm.ldap.useSsl=false > cas.authn.pm.ldap.useStartTls=false > cas.authn.pm.ldap.responseTimeout=PT5S > cas.authn.pm.ldap.baseDn=ou=users,ou=root,c=country > cas.authn.pm.ldap.subtreeSearch=true > cas.authn.pm.ldap.searchFilter=username={user} > > > # LDAP PASSWORD POLICY > cas.authn.ldap[0].passwordPolicy.enabled=true > cas.authn.ldap[0].passwordPolicy.type=GENERIC > > cas.authn.ldap[0].passwordPolicy.policyAttributes.accountLocked=javax.security.auth.login.AccountLockedException > cas.authn.ldap[0].passwordPolicy.loginFailures=5 > cas.authn.ldap[0].passwordPolicy.warningAttributeValue= > cas.authn.ldap[0].passwordPolicy.warningAttributeName= > cas.authn.ldap[0].passwordPolicy.displayWarningOnMatch=true > cas.authn.ldap[0].passwordPolicy.warnAll=true > cas.authn.ldap[0].passwordPolicy.warningDays=30 > cas.authn.ldap[0].passwordPolicy.accountStateHandlingEnabled=true > cas.authn.ldap[0].passwordPolicy.strategy=DEFAULT > > El lunes, 11 de marzo de 2019, 8:53:24 (UTC+1), Arnauld Peyrou escribió: >> >> Hello, >> >> Do you have to use all the configuration you've discribed in your email >> from the 01/31? >> or juste use this link alone? >> >> Regards, >> >> Arnauld PEYROU >> Responsable Technique et Support >> Direction des Systèmes d'Information. >> Inrap - 121 rue d'Alésia - 75014 Paris >> Tél : 01 40 08 80 48. >> www.inrap.fr >> Abonnez-vous à la lettre d'information de l'Inrap : >> http://www.inrap.fr/newsletter.php >> >> >> Le ven. 8 mars 2019 à 10:57, Eduardo Rdez <[email protected]> a écrit : >> >>> Hello, >>> >>> We could allow the password change option from the login page using the >>> following link: >>> >>> https://url.domain.com/cas/login?doChangePassword >>> >>> Now users can voluntary follow the link, and do a password change at >>> Ldap. >>> >>> >>> >>> >>> >>> >>> >>> >>> El jueves, 31 de enero de 2019, 13:08:16 (UTC+1), Eduardo Rdez escribió: >>>> >>>> Hello, >>>> >>>> We have the same problem. Also using CAS v5.3 connected to Ldap for >>>> user access. These are the steps we have taken to use the Forget Password, >>>> but no idea how to enable user change password. See if someone can help us >>>> to finish configuration. We would like to have one link for a voluntary >>>> change password action an another link for reset/forget password. >>>> >>>> Added dependency: >>>> <dependency> >>>> <groupId>org.apereo.cas</groupId> >>>> <artifactId>cas-server-support-pm-ldap</artifactId> >>>> <version>${cas.version}</version> >>>> </dependency> >>>> >>>> Configured in cas.properties: >>>> >>>> # EMAIL SERVER >>>> spring.mail.host=smtp.office365.com >>>> spring.mail.port=587 >>>> spring.mail.username=xxxxxxxxxxxxxx >>>> spring.mail.password=xxxxxxxxxxxxxx >>>> spring.mail.testConnection=true >>>> spring.mail.properties.mail.smtp.auth=true >>>> spring.mail.properties.mail.smtp.starttls.enable=true >>>> >>>> # PASSWORD MANAGEMENT >>>> cas.authn.pm.enabled=true >>>> cas.authn.pm.reset.expirationMinutes=3 >>>> cas.authn.pm.reset.securityQuestionsEnabled=false >>>> cas.authn.pm.autoLogin=false >>>> >>>> # CHANGE PASSWORD EMAILS >>>> [email protected] >>>> cas.authn.pm.reset.mail.text=email text, reset your password %s >>>> cas.authn.pm.reset.mail.subject=Change your password >>>> cas.authn.pm.reset.mail.cc= >>>> cas.authn.pm.reset.mail.bcc= >>>> cas.authn.pm.reset.mail.attributeName=primaryMail >>>> >>>> # CHANGE PASSWORD LDAP CONNECTION >>>> cas.authn.pm.ldap.type=GENERIC >>>> cas.authn.pm.ldap.ldapUrl=ldap://localhost:1389 >>>> cas.authn.pm.ldap.bindDn=uid=casuser,ou=apiusers,ou=root,c=country >>>> cas.authn.pm.ldap.bindCredential=xxxxxxxxxxx >>>> cas.authn.pm.ldap.poolPassivator=BIND >>>> cas.authn.pm.ldap.connectionStrategy=DEFAULT >>>> >>>> cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider >>>> cas.authn.pm.ldap.connectTimeout=PT5S >>>> cas.authn.pm.ldap.minPoolSize=3 >>>> cas.authn.pm.ldap.maxPoolSize=10 >>>> cas.authn.pm.ldap.idleTime=PT10M >>>> cas.authn.pm.ldap.useSsl=false >>>> cas.authn.pm.ldap.useStartTls=false >>>> cas.authn.pm.ldap.responseTimeout=PT5S >>>> cas.authn.pm.ldap.baseDn=ou=users,ou=root,c=country >>>> cas.authn.pm.ldap.subtreeSearch=true >>>> cas.authn.pm.ldap.searchFilter=username={user} >>>> >>>> # LDAP PASSWORD POLICY >>>> cas.authn.ldap[0].passwordPolicy.enabled=true >>>> cas.authn.ldap[0].passwordPolicy.type=GENERIC >>>> >>>> cas.authn.ldap[0].passwordPolicy.policyAttributes.accountLocked=javax.security.auth.login.AccountLockedException >>>> cas.authn.ldap[0].passwordPolicy.loginFailures=5 >>>> cas.authn.ldap[0].passwordPolicy.warningAttributeValue= >>>> cas.authn.ldap[0].passwordPolicy.warningAttributeName= >>>> cas.authn.ldap[0].passwordPolicy.displayWarningOnMatch=true >>>> cas.authn.ldap[0].passwordPolicy.warnAll=true >>>> cas.authn.ldap[0].passwordPolicy.warningDays=30 >>>> cas.authn.ldap[0].passwordPolicy.accountStateHandlingEnabled=true >>>> cas.authn.ldap[0].passwordPolicy.strategy=DEFAULT >>>> >>>> # TOKEN MANAGEMENT >>>> authn.passwordless.accounts.expireInSeconds=180 >>>> >>>> >>>> This configuration allows a "Reset your Password" link at login page, >>>> that shows a login form where you can identify a user name and submit the >>>> form. This action is making CAS to search for the user email in Ldap, and >>>> sends a reset password email, with a encoded link that is not working, just >>>> redirects to the usual login page. >>>> >>>> The next step that we are doing, is enabling the dependency for >>>> passwordless, but as we load this new cas.war, the normal login page is >>>> changed with a form where you can just write a user and submit form, that >>>> is not working. >>>> >>>> <dependency> >>>> <groupId>org.apereo.cas</groupId> >>>> <artifactId>cas-server-support-passwordless</artifactId> >>>> <version>${cas.version}</version> >>>> </dependency> >>>> >>>> >>>> Can someone tell us how to enable change password and reset password >>>> configuracion/flows? >>>> >>>> >>>> Thanks, >>>> >>>> >>>> >>>> >>>> >>>> El martes, 9 de octubre de 2018, 14:32:25 (UTC+2), Ramesh Ramaiah >>>> escribió: >>>>> >>>>> >>>>> Hi, >>>>> >>>>> I'm using CAS5.3 version and LDAP for user creating and access. My >>>>> problem is If a end user want to change their CAS password voluntarily >>>>> means, how we do this. Is there any option for that ? >>>>> >>>>> Also end user want to use the Forget password. Please post your >>>>> reply, If you have any ideas for this 2 problems ? >>>>> >>>>> Thanks for Advance. >>>>> >>>>> Thank you. >>>>> Ramesh.R >>>>> >>>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/acd97b70-566c-4f1a-ad7a-fcde5bdd63db%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/acd97b70-566c-4f1a-ad7a-fcde5bdd63db%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/6492d59f-d667-4f09-8409-2d3a2237c943%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/6492d59f-d667-4f09-8409-2d3a2237c943%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE5VfR1dEg3isp2UXEsfV_8BN5ZvJdUh83a43oAiuZ0WhPeABQ%40mail.gmail.com.
