Yes, think you are on the way, doesn't show you a checkbox whith the text "Chage Password"
Like the one in the image: Any error message at the application server where you developed cas.war? tomcat? catalina.out? El viernes, 15 de marzo de 2019, 12:15:44 (UTC+1), Arnauld Peyrou escribió: > > Thank you for your answer. > > I've tried your configuraiton (with our's specification) > But i don't understand which page use or link to reset password. > > I've only one link to change password on the login page.. > i've tried your link adapted : > https://url.domain.com/cas/login?doChangePassword > > but it's always rediected us to the login page.... > Cordialement, > > Arnauld PEYROU > Responsable Technique et Support > Direction des Systèmes d'Information. > Inrap - 121 rue d'Alésia - 75014 Paris > Tél : 01 40 08 80 48. > www.inrap.fr > Abonnez-vous à la lettre d'information de l'Inrap : > http://www.inrap.fr/newsletter.php > > > Le lun. 11 mars 2019 à 10:24, Eduardo Rdez <[email protected] > <javascript:>> a écrit : > >> Hello, >> >> Not sure because we were working at the same time in change password link >> and opt tokens sent by email. The change password link is working but >> still working on otp tokens. Try to answer, please do some tests in yout >> environment. >> >> Think we added these sections for change password link. The connection to >> Ldap, allow the password management and the password policy. Also remember >> to add the password policy pattern: >> >> # Minimum 8 and Maximum 10 characters at least 1 Lowercase Alphabet >> first, 1 Uppercase Alphabet, 1 Number and 1 Special Character from the list >> $@$!%.#*?& >> >> cas.authn.pm.policyPattern=^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[$@$!%.#*?&])[A-Za-z\\d$@$!%.#*?&]{8,10}$ >> >> # PASSWORD MANAGEMENT >> cas.authn.pm.enabled=true >> cas.authn.pm.reset.expirationMinutes=3 >> cas.authn.pm.reset.securityQuestionsEnabled=false >> cas.authn.pm.autoLogin=false >> >> # CHANGE PASSWORD LDAP CONNECTION >> cas.authn.pm.ldap.type=GENERIC >> cas.authn.pm.ldap.ldapUrl=ldap://localhost:1389 >> cas.authn.pm.ldap.bindDn=uid=casuser,ou=apiusers,ou=root,c=country >> cas.authn.pm.ldap.bindCredential=xxxxxxxxxxx >> cas.authn.pm.ldap.poolPassivator=BIND >> cas.authn.pm.ldap.connectionStrategy=DEFAULT >> >> cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider >> cas.authn.pm.ldap.connectTimeout=PT5S >> cas.authn.pm.ldap.minPoolSize=3 >> cas.authn.pm.ldap.maxPoolSize=10 >> cas.authn.pm.ldap.idleTime=PT10M >> cas.authn.pm.ldap.useSsl=false >> cas.authn.pm.ldap.useStartTls=false >> cas.authn.pm.ldap.responseTimeout=PT5S >> cas.authn.pm.ldap.baseDn=ou=users,ou=root,c=country >> cas.authn.pm.ldap.subtreeSearch=true >> cas.authn.pm.ldap.searchFilter=username={user} >> >> >> # LDAP PASSWORD POLICY >> cas.authn.ldap[0].passwordPolicy.enabled=true >> cas.authn.ldap[0].passwordPolicy.type=GENERIC >> >> cas.authn.ldap[0].passwordPolicy.policyAttributes.accountLocked=javax.security.auth.login.AccountLockedException >> cas.authn.ldap[0].passwordPolicy.loginFailures=5 >> cas.authn.ldap[0].passwordPolicy.warningAttributeValue= >> cas.authn.ldap[0].passwordPolicy.warningAttributeName= >> cas.authn.ldap[0].passwordPolicy.displayWarningOnMatch=true >> cas.authn.ldap[0].passwordPolicy.warnAll=true >> cas.authn.ldap[0].passwordPolicy.warningDays=30 >> cas.authn.ldap[0].passwordPolicy.accountStateHandlingEnabled=true >> cas.authn.ldap[0].passwordPolicy.strategy=DEFAULT >> >> El lunes, 11 de marzo de 2019, 8:53:24 (UTC+1), Arnauld Peyrou escribió: >>> >>> Hello, >>> >>> Do you have to use all the configuration you've discribed in your email >>> from the 01/31? >>> or juste use this link alone? >>> >>> Regards, >>> >>> Arnauld PEYROU >>> Responsable Technique et Support >>> Direction des Systèmes d'Information. >>> Inrap - 121 rue d'Alésia - 75014 Paris >>> Tél : 01 40 08 80 48. >>> www.inrap.fr >>> Abonnez-vous à la lettre d'information de l'Inrap : >>> http://www.inrap.fr/newsletter.php >>> >>> >>> Le ven. 8 mars 2019 à 10:57, Eduardo Rdez <[email protected]> a écrit : >>> >>>> Hello, >>>> >>>> We could allow the password change option from the login page using the >>>> following link: >>>> >>>> https://url.domain.com/cas/login?doChangePassword >>>> >>>> Now users can voluntary follow the link, and do a password change at >>>> Ldap. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> El jueves, 31 de enero de 2019, 13:08:16 (UTC+1), Eduardo Rdez escribió: >>>>> >>>>> Hello, >>>>> >>>>> We have the same problem. Also using CAS v5.3 connected to Ldap for >>>>> user access. These are the steps we have taken to use the Forget >>>>> Password, >>>>> but no idea how to enable user change password. See if someone can help >>>>> us >>>>> to finish configuration. We would like to have one link for a voluntary >>>>> change password action an another link for reset/forget password. >>>>> >>>>> Added dependency: >>>>> <dependency> >>>>> <groupId>org.apereo.cas</groupId> >>>>> <artifactId>cas-server-support-pm-ldap</artifactId> >>>>> <version>${cas.version}</version> >>>>> </dependency> >>>>> >>>>> Configured in cas.properties: >>>>> >>>>> # EMAIL SERVER >>>>> spring.mail.host=smtp.office365.com >>>>> spring.mail.port=587 >>>>> spring.mail.username=xxxxxxxxxxxxxx >>>>> spring.mail.password=xxxxxxxxxxxxxx >>>>> spring.mail.testConnection=true >>>>> spring.mail.properties.mail.smtp.auth=true >>>>> spring.mail.properties.mail.smtp.starttls.enable=true >>>>> >>>>> # PASSWORD MANAGEMENT >>>>> cas.authn.pm.enabled=true >>>>> cas.authn.pm.reset.expirationMinutes=3 >>>>> cas.authn.pm.reset.securityQuestionsEnabled=false >>>>> cas.authn.pm.autoLogin=false >>>>> >>>>> # CHANGE PASSWORD EMAILS >>>>> [email protected] >>>>> cas.authn.pm.reset.mail.text=email text, reset your password %s >>>>> cas.authn.pm.reset.mail.subject=Change your password >>>>> cas.authn.pm.reset.mail.cc= >>>>> cas.authn.pm.reset.mail.bcc= >>>>> cas.authn.pm.reset.mail.attributeName=primaryMail >>>>> >>>>> # CHANGE PASSWORD LDAP CONNECTION >>>>> cas.authn.pm.ldap.type=GENERIC >>>>> cas.authn.pm.ldap.ldapUrl=ldap://localhost:1389 >>>>> cas.authn.pm.ldap.bindDn=uid=casuser,ou=apiusers,ou=root,c=country >>>>> cas.authn.pm.ldap.bindCredential=xxxxxxxxxxx >>>>> cas.authn.pm.ldap.poolPassivator=BIND >>>>> cas.authn.pm.ldap.connectionStrategy=DEFAULT >>>>> >>>>> cas.authn.pm.ldap.providerClass=org.ldaptive.provider.unboundid.UnboundIDProvider >>>>> cas.authn.pm.ldap.connectTimeout=PT5S >>>>> cas.authn.pm.ldap.minPoolSize=3 >>>>> cas.authn.pm.ldap.maxPoolSize=10 >>>>> cas.authn.pm.ldap.idleTime=PT10M >>>>> cas.authn.pm.ldap.useSsl=false >>>>> cas.authn.pm.ldap.useStartTls=false >>>>> cas.authn.pm.ldap.responseTimeout=PT5S >>>>> cas.authn.pm.ldap.baseDn=ou=users,ou=root,c=country >>>>> cas.authn.pm.ldap.subtreeSearch=true >>>>> cas.authn.pm.ldap.searchFilter=username={user} >>>>> >>>>> # LDAP PASSWORD POLICY >>>>> cas.authn.ldap[0].passwordPolicy.enabled=true >>>>> cas.authn.ldap[0].passwordPolicy.type=GENERIC >>>>> >>>>> cas.authn.ldap[0].passwordPolicy.policyAttributes.accountLocked=javax.security.auth.login.AccountLockedException >>>>> cas.authn.ldap[0].passwordPolicy.loginFailures=5 >>>>> cas.authn.ldap[0].passwordPolicy.warningAttributeValue= >>>>> cas.authn.ldap[0].passwordPolicy.warningAttributeName= >>>>> cas.authn.ldap[0].passwordPolicy.displayWarningOnMatch=true >>>>> cas.authn.ldap[0].passwordPolicy.warnAll=true >>>>> cas.authn.ldap[0].passwordPolicy.warningDays=30 >>>>> cas.authn.ldap[0].passwordPolicy.accountStateHandlingEnabled=true >>>>> cas.authn.ldap[0].passwordPolicy.strategy=DEFAULT >>>>> >>>>> # TOKEN MANAGEMENT >>>>> authn.passwordless.accounts.expireInSeconds=180 >>>>> >>>>> >>>>> This configuration allows a "Reset your Password" link at login page, >>>>> that shows a login form where you can identify a user name and submit the >>>>> form. This action is making CAS to search for the user email in Ldap, and >>>>> sends a reset password email, with a encoded link that is not working, >>>>> just >>>>> redirects to the usual login page. >>>>> >>>>> The next step that we are doing, is enabling the dependency for >>>>> passwordless, but as we load this new cas.war, the normal login page is >>>>> changed with a form where you can just write a user and submit form, that >>>>> is not working. >>>>> >>>>> <dependency> >>>>> <groupId>org.apereo.cas</groupId> >>>>> <artifactId>cas-server-support-passwordless</artifactId> >>>>> <version>${cas.version}</version> >>>>> </dependency> >>>>> >>>>> >>>>> Can someone tell us how to enable change password and reset password >>>>> configuracion/flows? >>>>> >>>>> >>>>> Thanks, >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> El martes, 9 de octubre de 2018, 14:32:25 (UTC+2), Ramesh Ramaiah >>>>> escribió: >>>>>> >>>>>> >>>>>> Hi, >>>>>> >>>>>> I'm using CAS5.3 version and LDAP for user creating and access. My >>>>>> problem is If a end user want to change their CAS password voluntarily >>>>>> means, how we do this. Is there any option for that ? >>>>>> >>>>>> Also end user want to use the Forget password. Please post your >>>>>> reply, If you have any ideas for this 2 problems ? >>>>>> >>>>>> Thanks for Advance. >>>>>> >>>>>> Thank you. >>>>>> Ramesh.R >>>>>> >>>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/acd97b70-566c-4f1a-ad7a-fcde5bdd63db%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/acd97b70-566c-4f1a-ad7a-fcde5bdd63db%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/6492d59f-d667-4f09-8409-2d3a2237c943%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/6492d59f-d667-4f09-8409-2d3a2237c943%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/da0063e3-50cb-4d00-be23-9ba20ed1470f%40apereo.org.
