FreeIPA - Password Expiration
Daniel Fisher
dfisher at vt.edu
Tue May 31 10:15:48 EDT 2016
On Mon, May 30, 2016 at 3:34 AM, Prashant Bapat <prashant at apigee.com> wrote:
> Hi Scott,
>
> Can you please point me to a doc on how to use this ?
>
If you're feeling adventurous, you can drop the latest ldaptive snapshot[1]
into your IDP and add the following configuration:
--ldap.properties--
idp.authn.LDAP.returnAttributes=krbPasswordExpiration,krbLoginFailedCount,krbLastPwdChange
--ldap-authn-config.xml--
<!-- add the FreeIPA response handler -->
<bean id="authenticationResponseHandler"
class="org.ldaptive.auth.ext.FreeIPAAuthenticationResponseHandler" />
<!-- add a property to the Authenticator to use the response handler -->
p:authenticationResponseHandlers-ref="authenticationResponseHandler"
Note that there are several Authenticator objects in that configuration,
make sure you modify the one you are using.
--Daniel Fisher
[1]
https://github.com/vt-middleware/maven-repo/tree/master/org/ldaptive/ldaptive/1.0.8-SNAPSHOT
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20160531/597ce4fb/attachment-0001.html>
More information about the users
mailing list