-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement LDAP ppolicy login messages #2
Comments
This should now be much easier thanks to the rewrite of this module.. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Situation
LDAP as authentication source in SimpleSAMLphp
LDAP password policy overlay
When using ppolicy password aging, no messages are shown when logging in with SimpleSAMLphp.
If the password is almost expired (pwdExpireWarning) a warning is sent by LDAP.
New developments
That warning can be caught as of php 7.3 via the LDAP control LDAP_CONTROL_PASSWORDPOLICYREQUEST.
See php manual pages LDAP controls and Example #1 Bind with ppolicy information
Solution
If ppolicy handling is enabled via new ldap module config, show the message to the user before continuing to the SP. The message shown should be configurable, for example to set a link where users will be able to change their password.
The text was updated successfully, but these errors were encountered: