[Freeipa-devel] [PATCH] 1006 detect expired passwords in forms login
Petr Vobornik
pvoborni at redhat.com
Mon Apr 16 09:02:16 UTC 2012
On 04/13/2012 09:28 PM, Rob Crittenden wrote:
> When doing a forms-based login there is no notification that a password
> needs to be reset. We don't currently provide a facility for that but we
> should at least tell users what is going on.
>
> This patch adds an LDAP bind to test the password to see if it is
> expired and returns the string "Password Expired" along with the 401 if
> it is. I'm told this is all the UI will need to be able to identify this
> condition.
>
> rob
>
UI can work with it. I have a patch ready. I'll send it when this will
be ACKed.
Some notes:
1) The error templates and the 'Password Expired' message are hardcoded
to be English. It's fine at the moment. Will we internationalize them
sometime in future? If so, we will run into the same problem again.
2) conn.destroy_connection() won't be called if an exception occurs. Not
sure if it is a problem, GC and __del__ should take care of it.
--
Petr Vobornik
More information about the Freeipa-devel
mailing list