Adding forced password reset?
David Langenberg
davel at uchicago.edu
Thu Apr 17 12:24:20 EDT 2014
Custom LoginHandler time Keith. You could also do this with the MCB, but
you'll again need to write a custom module for that too.
Dave
On Thu, Apr 17, 2014 at 10:18 AM, Wessel, Keith <kwessel at illinois.edu>wrote:
> Hi, all,
>
>
>
> Looking for some advice and possible direction.
>
>
>
> I've been approached with the concept of sending users to our password
> reset page after a successful Shib authentication if their password is too
> old.
>
>
>
> The first thing that came to mind was the code in place at Wisconsin for
> redirecting students to a Google Apps sign-up page if they try to log into
> Google Apps without signing up first. I know this kind of flow will be
> easier in V3, but that it's doable in V2.
>
>
>
> Is that going to be my best option? Or is there a better way to go? Keep
> in mind that our password reset page is, in fact, Shibboleth-protected. So,
> whatever I do would need to not stop the user if the service requesting
> authentication was the password reset page.
>
>
>
> Any advice would be appreciated.
>
>
>
> Keith
>
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
--
David Langenberg
Identity & Access Management
The University of Chicago
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20140417/1f8bd4b0/attachment.html
More information about the users
mailing list