Change Your Password
Changing your password
Vlad Gleiberman of Victoria University has generously contributed CAS:an extension to CAS 2.0 that supports password change functionality. You can use this code as an example or starting point from which to implement a password change UI and process appropriate to your needs.
Other validation
Trent Adams of Athabasca University has generously contributed a CAS:validation handler API. It is available as a patch against YALE_2_0_11 (CAS server) as well as the full modified files, in the attached .tar.gz.
What is it?
Trent writes:
This validation handler implementation we wrote can be used for such things as password changes, required messages, and enforcement of any requirements on the user before logon.
It validates from within the CAS plugin implementation. From there, CAS asks the plugin where to redirect to, and what parameters to pass to the service that this validation plugin was designed for. It always passes the service parameter, that was passed to CAS, to the service that is doing the password reset, or the message of the day, etc. This is so that service (e.g. passwd reset) can then forward the user back to CAS, and pass the original service parameter into CAS again, which then finally redirects to the original service, and the user is authenticated.
Currently it's not flawless. The user can press the back button on the enforced password reset, and then gets redirected to the service the student tried to access. But, we are always pressed for time, and don't always have the time to fix every minor problem that comes up.
Advice for building:
Trent writes:
Basically the way I do my implementations is as follows. Make a web application for password resetting for instance. Include the source for the handler in this application. Make your build script package up the CAS ValidationHandler plugin into it's own JAR. Then deploy the JAR into the WEB-INF/lib of the CAS context, and edit the web.xml to include your validation handler implementation.