Hello, I'm wondering if CAS is able to do service-based LOA, eg, internal users use SPNEGO and external users use Login/Password, and if requested by service : MFA with Yubikey or other not yet implemented mean (OTP via SMS, OTP via FreeOTP, etc.). Ideally, I would set a level by service : - access to Webmail with required level of 15 points - access to Personal informations with required level of 20 points
And successful authentication would be granted by handler : - SPNEGO : 25 points - Login/Password : 15 points - MFA yubikey : 10 points - ... So internal users would always gain access with SPNEGO, and external users will be requested login/password only for Webmail, and login/password + MFA for Personal Informations. Is it already possible with CASv5 ? I think it will need some development though, in this case, I'll need directions :-) Regards. -- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19 -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/14829eb7-4567-1b91-0f89-84826f36ed76%40ch-poitiers.fr. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
smime.p7s
Description: Signature cryptographique S/MIME
