MFA with Yubikey and WebAuthn

[Hartmut Trüe]

Hello,

I am trying to get CAS to work with Yubikey. I have configured FIDO2 WebAuthn and it seems to work so far, no error messages in cas.log during login process. 

But when I try to register the yubikey on the "register device" page, I get "csrfToken is not defined".

CAS is running behind an Apache reverse proxy, and login without mfa or with simple-mfa is working.

Any ideas?

Regards,

Hartmut

[Hartmut Trüe]

No one uses Yubikey? No idea?

Regards,

Hartmut

[John]

Sounds like you are not on lastest or at least 6.6.10. There was a bug in versions previous

[Hartmut Trüe]

John, at the Moment it is 6.6.13 ... and not working.

I don't know what else is missing.

Regards, Hartmut

[Hartmut Trüe]

Hello,

the Problem was based on customized templates that lacked updates to newer versions. After i applied the changes to the customized templates, it now works fine.

Regards,

Hartmut

[Frédéric Dussurget]

Hi,

I'm interessed in this issue : what did you set as js files in your custom_theme.properties ?

this line :

cas.standard.js.file=/js/cas.js,/js/material.js

I tried to add webauthn/webauthn.js but I had to remove it because I had a failure ...

regards,

[Hartmut Trüe]

Hi Frédéric,

we did it according to the instructions in the documentation:

    https://apereo.github.io/cas/development/ux/User-Interface-Customization-Themes.html

and let it point to our theme:

cas.standard.css.file=/themes/uhi/css/cas.css
cas.standard.js.file=/themes/uhi/js/cas.js
cas.logo.file=/themes/uhi/images/logo_klein.png

Regards,
Hartmut