Risked Based Authentication - Options for Handling Risky Logins?

4 views
Skip to first unread message

Doug Baker

unread,
Jan 17, 2018, 2:54:53 PM1/17/18
to CAS Community

Hi,

 

We are interested in implementing the CAS Risked Based Authentication component.  I’m not clear on what options are available in CAS to deal with a “risky” login that has been detected by RBA. 

 

In the event of a risky login:

  1. We would like to temporarily block them from proceeding to the requested URL.

  2. We would like to email a verification code to the user that they would enter on the CAS front end and it would be validated against what was emailed.

    1. If the verification codes match, then we would allow the user to complete authentication and proceed to the requested URL.

 

Where in the CAS project does it provide a resolution to deal with “risky” logins so that we can introduce our code to implement a verification code check?

 

Thank you,

Doug

Reply all
Reply to author
Forward
0 new messages