Radius OTP - Access Challenge
69 views
Skip to first unread message
Colin Ryan
Mar 11, 2021, 2:01:07 PM3/11/21
to cas-...@apereo.org
Folks,
Needing to look into Radius and 2FA support. In my case it is a token
based authentication where the PIN is entered in the token and a code is
generated which is the OTP. So there is no second challenge needed.
However if the provided OTP is stale or out of sync then the Radius
server will return an Access-Challenge and want's a second OTP to be
provided to it.
I looked into the mfa-radius stuff, but it seems to, akin to the Google
Authenticator, always want a challenge. Which isn't what I need.
Any thoughts on making the prompting of a second input be conditional on
the Access-Challenge response from the Radius server.
Thanks
Colin Ryan
Needing to look into Radius and 2FA support. In my case it is a token
based authentication where the PIN is entered in the token and a code is
generated which is the OTP. So there is no second challenge needed.
However if the provided OTP is stale or out of sync then the Radius
server will return an Access-Challenge and want's a second OTP to be
provided to it.
I looked into the mfa-radius stuff, but it seems to, akin to the Google
Authenticator, always want a challenge. Which isn't what I need.
Any thoughts on making the prompting of a second input be conditional on
the Access-Challenge response from the Radius server.
Thanks
Colin Ryan
Reply all
Reply to author
Forward
0 new messages