Is MFA bypass supposed to work with CAS 5.0.4 ?
45 views
Skip to first unread message
Philippe MARASSE
Apr 4, 2017, 11:31:23 AM4/4/17
to CAS Community
Hello,
As I read there :
https://apereo.github.io/cas/5.0.x/installation/Configuring-Multifactor-Authentication.html#bypass-rules
that MFA can be bypassed if the method of primary authentication is
SPNEGO. My configuration works with CAS 5.1.0-RC3 but MFA is not
bypassed with 5.0.4.
cas.properties :
...
cas.authn.mfa.yubikey.clientId=1
cas.authn.mfa.yubikey.secretKey=<key>
cas.authn.mfa.yubikey.rank=0
cas.authn.mfa.yubikey.apiUrls[0]=http://php-dev.example.com/wsapi/2.0/verify
cas.authn.mfa.yubikey.bypass.authenticationHandlerName=JcifsSpnegoAuthenticationHandler
...
How is it supposed to work ?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
As I read there :
https://apereo.github.io/cas/5.0.x/installation/Configuring-Multifactor-Authentication.html#bypass-rules
that MFA can be bypassed if the method of primary authentication is
SPNEGO. My configuration works with CAS 5.1.0-RC3 but MFA is not
bypassed with 5.0.4.
cas.properties :
...
cas.authn.mfa.yubikey.clientId=1
cas.authn.mfa.yubikey.secretKey=<key>
cas.authn.mfa.yubikey.rank=0
cas.authn.mfa.yubikey.apiUrls[0]=http://php-dev.example.com/wsapi/2.0/verify
cas.authn.mfa.yubikey.bypass.authenticationHandlerName=JcifsSpnegoAuthenticationHandler
...
How is it supposed to work ?
Regards.
--
Philippe MARASSE
Responsable pôle Infrastructures - DSIO
Centre Hospitalier Henri Laborit
CS 10587 - 370 avenue Jacques Cœur
86021 Poitiers Cedex
Tel : 05.49.44.57.19
Reply all
Reply to author
Forward
0 new messages