Password Expiration
Bill Bailey
Bill.Bailey at northlandchurch.net
Thu Aug 16 14:54:19 EDT 2007
Hi,
I think I have seen some folks discuss this issue before on this list,
but I don't recall ever seeing any definitive solution.
How does one handle expired passwords when using CAS?
The primary case I find myself needing to deal with is the case where a
user forgets their password and requests a self-service reset. In this
case, the system generates a temporary random password, changes the
user's password, sets a flag of some sort to force a password change on
the next login, and then sends the new password to the user's email
address of record.
When the user logs in, the first thing they are forced to do is change
their password BEFORE they are redirected to the application. Does CAS
have a way of handling this?
Thanks in advance.
Bill Bailey
Senior Developer / DBA
Northland, A Church Distributed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070816/1b1737a5/attachment.html
More information about the cas
mailing list