IDP v3 - OpenLDAP password policy - forcing password reset
cantor.2 at osu.edu
Wed May 20 17:26:16 EDT 2015
On 5/20/15, 9:09 PM, "Emilio Penna" <emilio.penna at seciu.edu.uy> wrote:
>The difference: if bind success, the state.getError() isn't
>"propagated", so you "lose" it for catching any error code, and maybe
>adapt flow accordingly mapping the error code to some event.
I would have assumed from the code that it was the Code or Message that
was typically being maped, and not the Error property, but I wouldn't know.
>One example is the control for forcing password reset, in that case, the
>bind success, and the control is informed by ldaptive in state.getError
>(state.getError=CHANGE_AFTER_RESET in this case). The generated message
>in this case, I guess that is something like
>"ACCOUNT_WARNING:SUCCESS:null", it don't have the errorCode
>"CHANGE_AFTER_RESET", so you don't have the chance to detect it as
>result of the action and adapt the flow.
Daniel would have to speak to that, but since all of this is, I presume,
totally non-standard, it doesn't seem like any of it is very consistent or
reliable to code around.
More information about the users