Implement LDAP ppolicy login messages

**Situation**
[LDAP as authentication source in SimpleSAMLphp](https://simplesamlphp.org/docs/stable/ldap:ldap)
[LDAP password policy overlay](https://ldapwiki.com/wiki/Password%20Policy)
When using ppolicy password aging, no messages are shown when logging in with SimpleSAMLphp.
If the password is almost expired (pwdExpireWarning) a warning is sent by LDAP.

**New developments**
That warning can be caught as of php 7.3 via the LDAP control LDAP_CONTROL_PASSWORDPOLICYREQUEST.
See php manual pages [LDAP controls](https://secure.php.net/manual/en/ldap.controls.php) and [Example #1 Bind with ppolicy information](https://secure.php.net/manual/en/ldap.examples-controls.php)

**Solution**
If ppolicy handling is enabled via new ldap module config, show the message to the user before continuing to the SP. The message shown should be configurable, for example to set a link where users will be able to change their password.


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Implement LDAP ppolicy login messages #2

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Implement LDAP ppolicy login messages #2

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions