Trusted Device/Browser failing in db storage -Data too long

[Tim Tyler]

CAS experts,

 

  We are running CAS 5.2.  We MFA working fine with Google Authenticator which is stored in an MFA database.  We are now trying to add in the Trusted device configuration.  So we created a new database, mfatrusted.   I assume we should not use the same database that we created for google auth.  We know the database schema is getting created and it does create the following:

 

MariaDB [mfatrust]> show tables;

+--------------------------------------+

| Tables_in_mfatrust                   |

+--------------------------------------+

| MultifactorAuthenticationTrustRecord |

+--------------------------------------+

1 row in set (0.00 sec)

 

MariaDB [mfatrust]> select * from MultifactorAuthenticationTrustRecord;

Empty set (0.00 sec)

 

 

However, we now get a 500 error when trying to authenticate with mfa.   

 

registerTrustedDevice' of flow 'mfa-gauth' -- action execution attributes were 'map[[empty]]'

 

…….

 

Caused by: java.sql.SQLException: Data too long for column 'recordKey' at row 1

Query is: insert into MultifactorAuthenticationTrustRecord (geography, name, principal, recordDate, recordKey) values (?, ?, ?, ?, ?), parameters ['144.89.41.210@Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko','Timdesktop','tyler','2018-03-13','eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRlVsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVkVrMFVUQktSRXhWYUZSTmFsVXlTVzR3TGk1c2RYSlROa0ZOYTJGemFFSkdZMDltYms5TlYzaEJMbVpIWjFNdFJHNUdTWEY2VW1kUWRHbDBSVUUyTnkwNVMwWnlXVmhsUVU0eE1EQkRPRVY1Y21Wa2FsTllaV1JRTTBOMGRtVnNRbFJIVVVab1dXcDZZM1k1WWpOUU1saGtVR1owZUc4NVZtRndSWFZhTkVJeVdtSTVjamt5TVRRNGNreE9VMDR3VGw5eGNVNXFNWGQzWm1GQ1ZXSlBlVXh4Y0hBM1JrSnFiR015TGs1T1dIRmpUbHBZTWxGaWQydDVXVkJUWkVob1NYYz0.DnGt3qqCV8ATGH1HhUFeR4UGCTqUJP5Gj3G2jbcZM7HgacEPuh6HYjY6AowW60dWf3mP_KDzw7CkQEQN_VvT0w']

 

 

Our config in cas.properties has the following for this:

 

# Trusted Device/Browser

cas.authn.mfa.trusted.authenticationContextAttribute=isFromTrustedMultifactorAuthentication

cas.authn.mfa.trusted.deviceRegistrationEnabled=true

cas.authn.mfa.trusted.expiration=30

cas.authn.mfa.trusted.timeUnit=DAYS

 

# cas.authn.mfa.trusted.crypto.encryption.key=

# cas.authn.mfa.trusted.crypto.signing.key=

# cas.authn.mfa.trusted.crypto.enabled=true

 

# CAS MFA Trusted Device

cas.authn.mfa.trusted.jpa.healthQuery=SELECT 1

 

cas.authn.mfa.trusted.jpa.url=jdbc:mariadb://cas.beloit.edu:3306/mfatrust

cas.authn.mfa.trusted.jpa.dialect=org.hibernate.dialect.MariaDBDialect

cas.authn.mfa.trusted.jpa.user=root

cas.authn.mfa.trusted.jpa.password=xxxxxxxx

cas.authn.mfa.trusted.jpa.driverClass=org.mariadb.jdbc.Driver

cas.authn.mfa.trusted.jpa.autocommit=true

##cas.authn.mfa.trusted.jpa.ddlAuto=create

cas.authn.mfa.trusted.jpa.ddlAuto=validate

 

 

 

Any idea what I might be missing?  What should be set for cas.authn.mfa.trusted.jpa.healthQuery=

 

 

Tim Tyler

Network Engineer

Beloit College