CAS 6.5.9: MFA Simple Timeout
97 views
Skip to first unread message
Patrik Osorio
Apr 8, 2024, 3:38:49 PM4/8/24
to CAS Community
Hi!
I use simple cas and set the property "cas.authn.mfa.simple.timeToKillInSeconds=180". The CASMFA code effectively remains valid for 180 seconds (they do not change during that time). However, if a user takes more than 30 seconds to enter said code they cannot log in.
"Credentials are rejected/invalid and authentication attempt has failed"
If I press the resend button, CAS sends the same code again and only then is it possible to successfully log in as long as the user does not take more than 30 seconds to enter the code.
Is it possible to set the timeout with different timeouts? What parameters do I need to customize?
######## Configuracion SIMPLE MFA ##############
cas.authn.mfa.triggers.global.global-provider-id=mfa-simple
cas.authn.mfa.simple.name=Email MFA
cas.authn.mfa.simple.order=1
cas.authn.mfa.simple.timeToKillInSeconds=120
cas.authn.mfa.simple.tokenLength=6
cas.authn.mfa.simple.mail.from=no-r...@uc.cl
cas.authn.mfa.simple.mail.text=c\u00f3digo para acceder al servicio de autenticaci\u00f3n central: %s
cas.authn.mfa.simple.mail.subject=C\u00f3digo de validaci\u00f3n MFA
cas.authn.mfa.simple.mail.validateAddresses=false
cas.authn.mfa.simple.mail.html=false
cas.authn.mfa.simple.mail.attributeName=eduPersonPrincipalName
######### Envio de correo #############
spring.mail.host=localhost
spring.mail.port=25
spring.mail.testConnection=true
spring.mail.properties.mail.smtp.auth=false
spring.mail.properties.mail.smtp.starttls.enable=false
I use simple cas and set the property "cas.authn.mfa.simple.timeToKillInSeconds=180". The CASMFA code effectively remains valid for 180 seconds (they do not change during that time). However, if a user takes more than 30 seconds to enter said code they cannot log in.
"Credentials are rejected/invalid and authentication attempt has failed"
If I press the resend button, CAS sends the same code again and only then is it possible to successfully log in as long as the user does not take more than 30 seconds to enter the code.
Is it possible to set the timeout with different timeouts? What parameters do I need to customize?
######## Configuracion SIMPLE MFA ##############
cas.authn.mfa.triggers.global.global-provider-id=mfa-simple
cas.authn.mfa.simple.name=Email MFA
cas.authn.mfa.simple.order=1
cas.authn.mfa.simple.timeToKillInSeconds=120
cas.authn.mfa.simple.tokenLength=6
cas.authn.mfa.simple.mail.from=no-r...@uc.cl
cas.authn.mfa.simple.mail.text=c\u00f3digo para acceder al servicio de autenticaci\u00f3n central: %s
cas.authn.mfa.simple.mail.subject=C\u00f3digo de validaci\u00f3n MFA
cas.authn.mfa.simple.mail.validateAddresses=false
cas.authn.mfa.simple.mail.html=false
cas.authn.mfa.simple.mail.attributeName=eduPersonPrincipalName
######### Envio de correo #############
spring.mail.host=localhost
spring.mail.port=25
spring.mail.testConnection=true
spring.mail.properties.mail.smtp.auth=false
spring.mail.properties.mail.smtp.starttls.enable=false
Reply all
Reply to author
Forward
0 new messages