Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement LDAP ppolicy login messages #2

Open
adanielvv opened this issue Mar 15, 2019 · 1 comment
Open

Implement LDAP ppolicy login messages #2

adanielvv opened this issue Mar 15, 2019 · 1 comment

Comments

@adanielvv
Copy link

Situation
LDAP as authentication source in SimpleSAMLphp
LDAP password policy overlay
When using ppolicy password aging, no messages are shown when logging in with SimpleSAMLphp.
If the password is almost expired (pwdExpireWarning) a warning is sent by LDAP.

New developments
That warning can be caught as of php 7.3 via the LDAP control LDAP_CONTROL_PASSWORDPOLICYREQUEST.
See php manual pages LDAP controls and Example #1 Bind with ppolicy information

Solution
If ppolicy handling is enabled via new ldap module config, show the message to the user before continuing to the SP. The message shown should be configurable, for example to set a link where users will be able to change their password.
tvdijen added a commit that referenced this issue Jan 11, 2022
@tvdijen
attempt #2
c1360d5
tvdijen added a commit that referenced this issue Jan 24, 2022
@tvdijen
Attempt #2
1476d95
tvdijen added a commit that referenced this issue Jan 24, 2022
@tvdijen
Attempt #2
cb8515b
@tvdijen
Copy link
Member

tvdijen commented Mar 8, 2022

This should now be much easier thanks to the rewrite of this module..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tvdijen @adanielvv