Hi, Thanks for these informations. The parameter is here
"https://apereo.github.io/cas/6.6.x/mfa/GoogleAuthenticator-Authentication.html;,
in the optional settings. It's indeed working perfectly fine. As no policy
has been validated, I just want to be ready for anything. I had a look
Although I couldn't find it in the docs, maybe a typo, it does work as
intended, the config key
cas.authn.mfa.gauth.core.multiple-device-registration-enabled = false;
You might be better using the
https://apereo.github.io/cas/6.6.x/webflow/Webflow-Customization-Interrupt-Groovy.html
option
Hi, Thanks for your answer. I had read those articles already, but they
didn't help a lot or maybe I am trying to do something too crazy. I am still
not able to get the 'mfa-gauth' state in the 'login' webflow in spite of seeing
it in the logs and the webflow output endpoint. I did some
These should help
https://fawnoos.com/2021/08/20/cas64-webflow-extensions/
https://fawnoos.com/2022/04/21/cas66-webflow-groovy-actions/
I have a helper class that can print out the flow
https://gist.github.com/rbonatuvic/d3ef9e8dc0c5a78870a8520bc2ab2b74
Ray
On Wed, 2023-09-06 at 14:46 +0200,
Hi, I spent some time studying your script and I think I will follow this
way. But I am having hard times gathering informations to write the script I
need. Here is what I am trying to do : now 'mfa-gauth' is working, I would
like to "harden" it a little bit, as I think the authenticator
Maybe Misagh could put in his thoughts on this, but I would argue the
opposite is more true in fact, having custom java code and having to
register, etc.. rely's on way MORE base code in cas then the groovy
methods. If you take a look at the way groovy scripts are written in cas it
is mainly a
Hi, Thansk for your file, I will have a look at it. And I think I will have to
study the whole code in fact, I don't know who is triggering what and how for
now. Regards
Le 21-Jul-2023 20:33:38 +0200, jbanner6...@gmail.com a crit:
This is slimmed down using the groovy script trigger,
Hi, Thanks for your reply. From what I have read in the recommendations in the
docs, scripting is ok but coding is better and more sustainable (build time vs
run time I guess). So I am trying to understand how to implement something like
what is described here :
Hi, Thanks for your answer. So far we don't rely on surrogate, just using a
simple LDAP backend. But it's nice to now there are some constraints and
bypasses. Yes, injecting some parameters to make service names more dynamic is
a good idea. Regards
Le 22-Jul-2023 06:34:41 +0200,
This may provide some direction https://fawnoos.com/2018/11/22/cas5-groovy-mfa/
There may be other posts on this site that can help.
Ray
On Fri, 2023-07-21 at 08:49 +0200, spfma.tech via CAS Community wrote:
Notice: This message was sent from outside the University of Victoria email
system.
10 matches
Mail list logo