Add rules for reset password by mail use
We already have the possibility to have a rule to display the standard password form but for reset password, we can just set the search filter. When user is not found, we have a default error message, but it could be nice to have the possibility to define error cases and associated messages, like we have done with grantSessionRules
.
The most significant use case is when we connect to an OpenLDAP server where we have some local accounts (with password) and external accounts (with SASL delegation). We don't want to allow external accounts to reset their password.