Many of you have probably heard of DuoSecurity's Two-factor authentication system (https://www.duosecurity.com). Duo has an integration for Shibboleth, but there's currently nothing available for CAS. Michael Kennedy developed a solution for UC Riverside and posted it on GitHub (https://github.com/highlnd/cas-overlay-duo).
I've built on that work and developed a CAS extension that adds Duo support to CAS: https://github.com/epierce/cas-server-extension-duo Deployers can require two-factor auth by service; all users (or a pre-defined subset) accessing a service are required to login with Duo, or by user; the second factor is necessary regardless of the service the user is accessing. We're not using this module in production yet, but it's been in our test and pre-production environments for the last few weeks and testing has gone very well. We're increasing the number of Duo licenses we have and will be rolling it out to a larger pilot group soon. I'd like to get more people testing it, though. If anyone is using Duo now or is thinking about two-factor in general, please try it out and send some feedback. Thanks, -Eric -- Eric Pierce Identity Management Architect Information Technology University of South Florida (813) 974-8868 -- [email protected] -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
