DINAKAR,
It looks like line 134 in
https://github.com/apereo/cas/blob/7.1.x/support/cas-server-support-simple-mfa-core/src/main/java/org/apereo/cas/mfa/simple/web/flow/CasSimpleMultifactorSendTokenAction.java#L45
is not successful.
Which should end up on line 64 of
https://github.dev/apereo/cas/blob/7.1.x/support/cas-server-support-simple-mfa-core/src/main/java/org/apereo/cas/mfa/simple/web/flow/CasSimpleMultifactorSendTokenAction.java
It has a trace level log. Adjust log level and see if it is printed.
Ray
On Thu, 2025-01-09 at 18:54 +0530, DINAKAR N wrote:
please find the below logs,
2025-01-09 18:53:06.376 INFO 3732 --- [io-8080-exec-10]
o.a.i.a.s.Slf4jLoggingAuditTrailManager : Audit trail record BEGIN
=============================================================
WHO: dinakar
WHAT: {principal=dinakar, execution=true, provider=mfa-simple}
ACTION: MULTIFACTOR_AUTHENTICATION_BYPASS
APPLICATION: CAS
WHEN: Thu Jan 09 18:53:06 IST 2025
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1
SERVER IP ADDRESS: 0:0:0:0:0:0:0:1
=============================================================
2025-01-09 18:53:06.376 DEBUG 3732 --- [io-8080-exec-10]
.a.MultifactorAuthenticationBypassAction : Bypass rules determined MFA should
execute for user [dinakar] and provider [mfa-simple]
2025-01-09 18:53:06.377 DEBUG 3732 --- [io-8080-exec-10]
.a.MultifactorAuthenticationBypassAction : Authentication updated to forget any
existing bypass for user [dinakar] for provider [mfa-simple]
2025-01-09 18:53:06.378 DEBUG 3732 --- [io-8080-exec-10]
factorAuthenticationFailureModeEvaluator : Setting failure mode to [CLOSED]
based on global policy
2025-01-09 18:53:06.378 DEBUG 3732 --- [io-8080-exec-10]
factorAuthenticationFailureModeEvaluator : Provider failure mode [CLOSED]
overriding global mode [CLOSED]
2025-01-09 18:53:06.382 DEBUG 3732 --- [io-8080-exec-10]
asSimpleMultifactorAuthenticationService : Created multifactor authentication
token [CASMFA-749442] for service [null]
2025-01-09 18:53:06.383 DEBUG 3732 --- [io-8080-exec-10]
.w.f.CasSimpleMultifactorSendTokenAction : Using token [CASMFA-749442] created
at [2025-01-09T13:23:06.382326200Z]
2025-01-09 18:53:06.386 ERROR 3732 --- [io-8080-exec-10]
.w.f.CasSimpleMultifactorSendTokenAction : Communication strategies failed to
submit token [CASMFA-749442] to user
On Thu, Jan 9, 2025 at 3:51 PM DINAKAR N
<[email protected]<mailto:[email protected]>> wrote:
Ray Bon,
If you have free time, please let me know will have a short callon this.
On Wed, Jan 8, 2025 at 7:45 AM Ray Bon <[email protected]<mailto:[email protected]>>
wrote:
DINAKAR,
You may have to turn on debug or trace logging to see what it is trying to do.
Check your config. It looks like it tried to send but could not.
Ray
On Wed, 2025-01-08 at 03:07 +0530, DINAKAR N wrote:
You don't often get email from
[email protected]<mailto:[email protected]>. Learn why this is
important<https://aka.ms/LearnAboutSenderIdentification>
Hi Rbon,
please find the following log output,
2025-01-08 03:02:43,808 ERROR
[org.apereo.cas.mfa.simple.web.flow.CasSimpleMultifactorSendTokenAction] -
<Communication strategies failed to submit token [CASMFA-073802] to user>
On Wed, Jan 8, 2025 at 2:47 AM Ray Bon <[email protected]<mailto:[email protected]>>
wrote:
DINAKAR,
What is the log output?
Ray
On Tue, 2025-01-07 at 13:06 -0800, DINAKAR N wrote:
You don't often get email from
[email protected]<mailto:[email protected]>. Learn why this is
important<https://aka.ms/LearnAboutSenderIdentification>
Hi,
cas overlay with 7.2 it's saying mfa provider unavailable after successfull
credential validation
expecting: it should send email as per configuration with token after token
enter it should say login successfull
please find the below configuration.
1.application.properties
cas.authn.mfa.simple.token.core.time-to-kill-in-seconds=30
cas.authn.mfa.simple.token.core.token-length=6
cas.authn.mfa.simple.name<http://cas.authn.mfa.simple.name/>=mfa-simple
cas.authn.mfa.simple.order=1
cas.authn.mfa.simple.globalPrincipalAttributeNameTriggers=memberof
cas.authn.mfa.simple.globalPrincipalAttributeValueRegex=grouptest
cas.authn.mfa.simple.mail.from=****@gmail.com<http://gmail.com/>
cas.authn.mfa.simple.mail.text=Hello! Your requested CAS token is %s
cas.authn.mfa.simple.mail.subject=CAS MFA Token
cas.authn.mfa.simple.mail.attributeName=mail
cas.authn.mfa.triggers.global.global-provider-id=mfa-simple
cas.authn.mfa.global-provider-id=mfa-simple
cas.authn.accept.users=null
cas.authn.jdbc.query[0].sql=****
cas.authn.jdbc.query[0].url=jdbc:mysql://*.*.*.*:3306/test
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].user=****
cas.authn.jdbc.query[0].password=****
cas.authn.jdbc.query[0].ddlAuto=none
cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver
cas.authn.jdbc.query[0].fieldPassword=****
cas.authn.jdbc.query[0].passwordEncoder.type=****
cas.webflow.auto-configuration.order=0
cas.webflow.auto-configuration.enabled=true
password.management.enabled=true
spring.mail.properties.mail.smtp.starttls.enable=true
spring.mail.properties.mail.smtp.ssl.enable=true
spring.mail.properties.mail.smtp.auth=true
spring.mail.host=smtp.gmail.com<http://smtp.gmail.com/>
spring.mail.username=***@gmail.com<http://gmail.com/>
spring.mail.protocol=smtp
spring.mail.password=****
spring.mail.port=587
spring.mail.testConnection=true
spring.mail.default-encoding=UTF-8
after successfull credentials validation it's giving the following error,
MFA provider unavailable
PFA.
On Tuesday, September 10, 2024 at 6:45:59 AM UTC+5:30 Ray Bon wrote:
Agus,
My interpretation of the docs is that if you fill in both sms and email, the
user will get to choose (or cas will send to both).
Ray
On Fri, 2024-09-06 at 06:26 -0700, Agus Santosa wrote:
You don't often get email from [email protected] why this is
important<https://aka.ms/LearnAboutSenderIdentification>
Hi,
I am trying to implement mfa-simple with email and sms as available options to
users.
In my property file, I have the following properties defined
cas.authn.mfa.triggers.global.global-provider-id=mfa-simple
cas.authn.mfa.simple.sms.attribute-name=phone
....
cas.authn.mfa.simple.mail.attribute-name=email
....
cas.authn.mfa.core.provider-selection.provider-selection-enabled=true
I am not sure what to provide in the
"cas.authn.mfa.triggers.global.global-provider-id" property, because both email
and sms are in the same "mfa-simple" provider.
Is there a way to do it without any custom codes?
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/7ae724165e729d2542d27d7a13445cb3ccb5ba7b.camel%40uvic.ca.
