Username case in RedisMultifactorAuthenticationTrustStorage
82 views
Skip to first unread message
Jose Luis Martínez del Amor
Jul 20, 2024, 3:36:28 AM7/20/24
to CAS Developer
Hi,
Users complain that CAS asks for Google codes more times than necessary when the device is trusted. I think the problem is in the format of the username, while Google Authenticator Token Credential always generates the key with lowercase username:
RedisGoogleAuthenticatorTokenCredentialRepository:username:1716325316852
The trusted device repository stores the username in case entered by the user:
RedisMultifactorAuthenticationTrustStorage:UserName:1719664679226
Then, when users changes the capital letters in username, CAS requests another code from Google Authenticator.
Regards,
Jose Luis
Users complain that CAS asks for Google codes more times than necessary when the device is trusted. I think the problem is in the format of the username, while Google Authenticator Token Credential always generates the key with lowercase username:
RedisGoogleAuthenticatorTokenCredentialRepository:username:1716325316852
The trusted device repository stores the username in case entered by the user:
RedisMultifactorAuthenticationTrustStorage:UserName:1719664679226
Then, when users changes the capital letters in username, CAS requests another code from Google Authenticator.
Regards,
Jose Luis
Ray Bon
Jul 22, 2024, 10:50:35 PM7/22/24
to CAS Developer
Jose Luis,
You can make the username all one case. See
https://apereo.github.io/cas/7.0.x/installation/Configuring-Principal-Resolution.html under the Principal Transform tab.
Ray
From: cas...@apereo.org <cas...@apereo.org> on behalf of Jose Luis Martínez del Amor <joseluis.mar...@gmail.com>
Sent: 18 July 2024 00:38
To: CAS Developer <cas...@apereo.org>
Subject: [cas-dev] Username case in RedisMultifactorAuthenticationTrustStorage
Sent: 18 July 2024 00:38
To: CAS Developer <cas...@apereo.org>
Subject: [cas-dev] Username case in RedisMultifactorAuthenticationTrustStorage
|
You don't often get email from joseluis.mar...@gmail.com.
Learn why this is important
|
--
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-dev+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/f4e64729-1fc1-41aa-955c-a321a707a6ddn%40apereo.org.
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-dev+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/f4e64729-1fc1-41aa-955c-a321a707a6ddn%40apereo.org.
Reply all
Reply to author
Forward
0 new messages