LDAP password authn flow interception
Marvin Addison
marvin.addison at gmail.com
Thu Jul 30 15:09:43 EDT 2015
>
> I look forward to seeing what you have.
>
Following is a zip archive of the source tree:
https://docs.google.com/a/vt.edu/uc?id=0Bz3YRk8WRdWrY05LY3Q4bEN4dU0&export=download
There are a number of flows in this project. The one you should study is
flows/intercept/vt-account-mgmt. We don't use security questions per se,
but rather out-of-band methods to reset or change a password which we call
"recovery options." Users must define these initially and maintain them
yearly. Note that we drive the flow using the ResolveAttributes action,
which is decoupled from the authentication subsystem, but ultimately
contains LDAP directory data per our attribute-resolver.xml config.
I'm happy to field further general questions about the source on the list.
Contact me privately if it's down in the weeds.
M
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20150730/dece97c4/attachment.html>
More information about the users
mailing list