MFA by application

[Francis]

Hi all,

I have an issue on using the MFA gauth, anytime I add the resources/services/gauth.json I have the 500 error on cas/login.

The error showed is "HTTP Status 500 - Request processing failed; nested exception is org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.apereo.cas.web.flow.InitialFlowSetupAction@480ad82c in state 'null' of flow 'login' -- action execution attributes were 'map[[empty]]'"

My cas.properties is :

cas.server.name=http://cas5.mydomain.com

cas.server.prefix=http://cas5.mydomain.com/cas

cas.server.ajp.enabled=true

cas.adminPagesSecurity.ip=.*

####### config simple par defaut

# Cookie

#cas.tgc.cipherEnabled=true

cas.tgc.signingKey=SYYsU15UyaitTeOYHiWaXArEqX5EYDWG79oJiAP4UMumrOgKH1UoiLel9HIvM8of1mg4QhiHUcMHeS4DeRoR0A

cas.tgc.encryptionKey=3OARjK04WMVmlu91ewA3lmlx6T3_4G9WhZftM4OpGGw

# SSL

server.ssl.enabled=false

# webflow

cas.webflow.signing.key=2H1YLO-_8HYK505D8Ty78_cIW3Hn9BTCGJ8QB8vI1n9jhvD4ONAL-LtjoKwohFPWhmLa-aoaPhpP7Yb0GUAh0w

cas.webflow.encryption.key=UGIUmxYrRXPqgMiL

cas.ticket.st.timeToKillInSeconds=100

####### config simple par defaut

# LDAP

cas.authn.ldap[0].type=ANONYMOUS

cas.authn.ldap[0].useSsl=false

cas.authn.ldap[0].ldapUrl=ldap://ldap.mydomain.com:389

cas.authn.ldap[0].baseDn=ou=people,dc=mydomain.com,dc=fr

cas.authn.ldap[0].dnFormat=ou=people,dc=mydomain.com,dc=fr

cas.authn.ldap[0].userFilter=supannAliasLogin={user}

cas.authn.ldap[0].principalAttributeList=uid

My gauth.json :

{

  "@class" : "org.apereo.cas.services.RegexRegisteredService",

  "serviceId" : "^(https|imaps)://.*",

  "id" : 100,

  "multifactorPolicy" : {

    "@class" : "org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy",

    "multifactorAuthenticationProviders" : [ "java.util.LinkedHashSet", [ "mfa-gauth" ] ]

  }

}

My login-webflow.xml :

<?xml version="1.0" encoding="UTF-8"?>

<flow xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

      xmlns="http://www.springframework.org/schema/webflow"

      xsi:schemaLocation="http://www.springframework.org/schema/webflow

                          http://www.springframework.org/schema/webflow/spring-webflow.xsd">

    .....

        

    <action-state id="initializeLoginForm">

    <evaluate expression="initializeLoginAction" />

    <transition on="success" to="startSpnegoAuthenticate"/>

</action-state>

    ......

</flow>

My build.gradle :

.....

dependencies {

    compile "org.apereo.cas:cas-server-webapp:${project.'cas.version'}@war"

    compile "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"

    compile "org.apereo.cas:cas-server-support-pac4j-webflow:${project.'cas.version'}"

    compile "org.apereo.cas:cas-server-support-spnego-webflow:${project.'cas.version'}"

    compile "org.apereo.cas:cas-server-support-gauth:${project.'cas.version'}"

}

....

If you have any idea about this issue, let me know

Francis :)

[Francis]

From the documentation, the "name" was missing.

I created a pull request on the documentation and I created a github issue #2517

The new My gauth.json :

{

  "@class" : "org.apereo.cas.services.RegexRegisteredService",

  "serviceId" : "^(https|imaps)://.*",

  "name": "oupsi",

  "id" : 100,

  "multifactorPolicy" : {

    "@class" : "org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy",

    "multifactorAuthenticationProviders" : [ "java.util.LinkedHashSet", [ "mfa-gauth" ] ]

  }

}

And it is working now.