Diego, A service (application) can be configured to trigger MFA https://apereo.github.io/cas/6.6.x/mfa/Configuring-Multifactor-Authentication-Triggers-PerApplication.html and block (bypass=false) or with groovy script https://apereo.github.io/cas/6.6.x/mfa/Configuring-Multifactor-Authentication-Bypass.html#bypass-via-groovy
Ray On Wed, 2023-08-23 at 11:23 -0700, Diego Gimenez wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. I tried using @class instead of _class for my service and CAS will not launch, I am struggling to find a solution. Can you show me your build.gradle and your cas.properties so I can try it and see if the problem may be in any of my local build.gradle or cas.properties? What I mean with that sentence is that I am looking for other solutions to trigger an MFA based on an specific service. The one that I thought about was using Groovy to detect certain serviceId (i.e. https/http prefix) and decide if it should actually trigger an MFA authentication or not. So the part that I am missing is how to actually block an authentication attempt (based on testing, I've reached that if you return null on a Groovy script to trigger certain MFA, the authentication will proceed, and I want to do the opposite). I know is not optimal, but given the fact that I am unable to trigger an MFA authentication by service I am looking for options! The image below shows an example of what I want to do. On Wednesday, 23 August 2023 at 13:12:06 UTC-3 John wrote: Forgot, what do you mean by this? " Is there a way to block authentication when using Groovy to trigger the mfa? " can you post what your doing in groovy to get better idea? On Wednesday, August 23, 2023 at 10:01:04 AM utc-5diego....@unc.edu.ar wrote: Hello John, first of all, thanks for your response. Unfortunately, it did not work. I am using the CAS overlay and set `cas.version=6.6.10` in `gradle.properties`. However, the trigger is still not working, I used a Groovy script to trigger mfa and printed the registered service as I did before. I have a question that is not directly related. Is there a way to block authentication when using Groovy to trigger the mfa? That would temporarily work. (The only method I found was to throw an exception on purpose, but that won't provide feedback to the user with what went wrong) On Wednesday, 23 August 2023 at 10:13:38 UTC-3 John wrote: You have an array set, there was a bug in earlier 6.6 versions and was fixed in a later 6.6 release. Please update to the latest 6.6.x release and it will work as it should. On Wednesday, August 23, 2023 at 7:50:48 AM utc-5diego....@unc.edu.ar wrote: Hello Ray, Sorry about that. I attach the registered service and the providers I get from the service. I used a Groovy script to print the registered service. I have tried using @class instead of _class and it did not made any difference, also tried to search through the CAS source code and I have the hypothesis that it might not be detecting either the policy or the providers I am using. On Friday, 18 August 2023 at 20:19:18 UTC-3 Ray Bon wrote: Diego, Image did not come through. Ray On Fri, 2023-08-18 at 11:46 -0700, 'Diego Gimenez' via CAS Community wrote: Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information. Hello. As the title says I can't make an MFA trigger per service. Looks like the service can't detect such provider as shown in the following image[Displaying image.png] -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0338b3c74afa45c9f024902444a95c32f8de84f0.camel%40uvic.ca.
