I haven't found a description of what this setting really controls - is it saying whether or not any authentication is required at all? Or can I use it to say that a specific handler is required to pass? Does someone have a more detailed guide to setting up authentication policies?
(My particular situation is that for a test deployment, I don't want requests to ever be rejected, I just want to log whether they pass or not before letting them continue, but I would also like to know how to set up more complex scenarios in the future). cheers, Jac This is the documentation I could find: https://apereo.github.io/cas/5.3.x/installation/Configuring-Authentication-Components.html#authentication-policy <https://apereo.github.io/cas/5.3.x/installation/Configuring-Authentication-Components.html#authentication-policy>Authentication Policy CAS presents a number of strategies for handling authentication security policies. Policies in general control the following: 1. Should the authentication chain be stopped after a certain kind of authentication failure? 2. Given multiple authentication handlers in a chain, what constitutes a successful authentication event? Policies are typically activated after: 1. An authentication failure has occurred. 2. The authentication chain has finished execution. Typical use cases of authentication policies may include: 1. Enforce a specific authentication’s successful execution, for the entire authentication event to be considered successful. 2. Ensure a specific class of failure is not evident in the authentication chain’s execution log. 3. Ensure that all authentication schemes in the chain are executed successfully, for the entire authentication event to be considered successful. To see the relevant list of CAS properties, please review this guide <https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#authentication-policy> . *which links to* https://apereo.github.io/cas/5.3.x/installation/Configuration-Properties.html#authentication-polic *y* Authentication Policy To learn more about this topic, please review this guide <https://apereo.github.io/cas/5.3.x/installation/Configuring-Authentication-Components.html#authentication-policy> .* (which links back to the above section)* Global authentication policy that is applied when CAS attempts to vend and validate tickets. 1 # cas.authn.policy.requiredHandlerAuthenticationPolicyEnabled=false -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/5a5873e4-9fd4-458a-81a3-a42a5f9213f8%40apereo.org.