Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

revisit the way messages for password rotation policy are injected #30

Open
pmauduit opened this issue Sep 19, 2024 · 2 comments
Open

revisit the way messages for password rotation policy are injected #30

pmauduit opened this issue Sep 19, 2024 · 2 comments
Labels
gardening

Comments

@pmauduit
Copy link
Member

pmauduit commented Sep 19, 2024
edited
Loading

Reading the following class:
https://github.com/georchestra/georchestra-cas-server/blob/master/src/main/java/org/georchestra/cas/MessagesConfiguration.java I have the feeling that we are trying "to do something against what the framework provides us", and it does not read very "spring-ish":

  • opening & parsing properties files by hand,
  • using a CommandLineRunner for a feature which sounds more as a customization of the templates,
  • dumping errors to stdout instead of using a logger,
  • hardcoding a file path into the exploded webapp (what if we have a simple .war file which is not unzipped - e.g. jetty - into the expected path ?) ...

Also I think that the password rotation policy would deserve some tests or at least a "use-case docker composition" into the dedicated repository.
@pmauduit
Copy link
Member Author

FTR, PR which introduced the change is here: #14

pmauduit added a commit to georchestra/sample-docker-composition that referenced this issue Sep 20, 2024
@pmauduit
cas - adding a sample compo to test password policies
69f20f7 
See georchestra/georchestra-cas-server#30
@pmauduit
Copy link
Member Author

See above commit for a sample docker composition to try the feature out

pmauduit added a commit that referenced this issue Sep 21, 2024
@pmauduit
revisit password expiration policy templates customizations (#30)
4b18b6c 
Reading the Java class mentioned in issue #30, it seems that
only 2 properties were modified in the original messages.properties from
the classpath (what about the other languages ?).

This commit should provide the same behaviour as the original PR. I had
to reintroduce the pwdupdateform.html fragment from upstream, and
customize the (hardcoded ?) URLs to get into the console webservices
meant for password management. FTR, the original template is here:
https://github.com/apereo/cas/blob/6.6.x/support/cas-server-support-thymeleaf/src/main/resources/templates/fragments/pwdupdateform.html

BTW, it looks like CAS provides such password management from the user
on its own code, via an optional module:
https://apereo.github.io/cas/7.0.x/password_management/Password-Management-Reset.html
but since we already have the feature provided by the console, it makes
probably more sense to make use of them instead.

Note: I am not sure why the `password.expiration.warning` does not
seem to be used in any templates in the CAS6.6 codebase.

Note2: we might want to be able to customize the console's endpoint url
from the datadir, but since they were hardcoded in the java class, at
least we are isofunctional here.

tests: runtime, using
https://github.com/georchestra/sample-docker-composition/tree/main/cas/password-expiration
- tested with english & french locales.
@pmauduit pmauduit mentioned this issue Sep 21, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
gardening
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pmauduit