samedi 28 février 2015

WSO2 Identity Server Change Password On Logon from App

I'm hoping someone can assist. I currently using WSO2 Identity Server as my LDAP provider for my web application. I'm using Spring Security to authenticate a user against the server. This works well, but I'd like to enforce a policy that the user must change password when logging in to my app for the first time. How do I configure IS for this password policy? I see several properties in identity-mgt.properties that may be useful, but very little in the way of documentation on what they actually do. Further, ideally, this password change on logon would be reflected in LdapUserDetailsImpl.credentialsNonExpired, but I'd be willing to use whatever means necessary to gather this information about the user so they could be redirected to a change password page.


Thanks, Tim


Aucun commentaire:

Enregistrer un commentaire