[Freeipa-users] [Freeipa-devel] I've done it by myself and it works -- Re: Feature request: Web UI for IPA users to reset their own expired passwords

Gelen James hahaha_30k at yahoo.com
Wed May 23 19:43:34 UTC 2012 

No problem.

The code is attached. It is just one python script, with configuration items on the top.

 Please be reminded that this code is pretty rough and not well-tested as I can not find appropriate documents on how to use python kerberos module.

 Disclaim: This piece of code just works as a prototype, it is not well-tested, nor DOS attack prove at all, so it could potentially harm or totally destroy someone's authentication system. :(

Thanks.

--Gelen



________________________________
 From: Rob Crittenden <rcritten at redhat.com>
To: Gelen James <hahaha_30k at yahoo.com> 
Cc: "freeipa-devel at redhat.com" <freeipa-devel at redhat.com>; "freeipa-users at redhat.com" <freeipa-users at redhat.com> 
Sent: Wednesday, May 23, 2012 12:14 PM
Subject: Re: [Freeipa-devel] I've done it by myself and it works -- Re: Feature request: Web UI for IPA users to reset their own expired passwords
 
Gelen James wrote:
> I've coded it with python-kerberos and it works. Pretty rough though.

Is this something you'd be interested in contributing?

rob

>
> --Gelen.
>
> ------------------------------------------------------------------------
> *From:* Gelen James <hahaha_30k at yahoo.com>
> *To:* "freeipa-devel at redhat.com" <freeipa-devel at redhat.com>
> *Sent:* Sunday, May 20, 2012 2:22 AM
> *Subject:* Feature request: Web UI for IPA users to reset their own
> expired passwords
>
> The currently assumption is that all IPA users can login into Unix/Linux
> machines to change their IPA password, or reset their expired password.
>
> But this is not available all the time, so a more general alternative --
> web UI -- will be more appreciated. The basic requirements are:
>
> 1, The web UI accept user's passwords, expired is also accepted.
> 2, the authentication is based on IPA Kerberos.
>
> 3, authenticated regular IPA user can only reset his/her password only.
>
> 4, (bonus) authenticated admin users can alter other users' password as
> well.
>
>
> Thanks.
>
> --Gelen
>
>
>
>
>
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120523/ec5bbf6a/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kchange.py
Type: application/octet-stream
Size: 8598 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120523/ec5bbf6a/attachment.obj>

More information about the Freeipa-users mailing list