CAS 5.3.10 with RSA SecurID(Radius MFA) Anyone??

69 views

Skip to first unread message

Keith Alston (Staff)

unread,

Oct 17, 2019, 12:10:48 PM10/17/19

to cas-...@apereo.org

Anyone using this? I'm unsure on how to config as I find no examples anywhere: Logs show this error:

DEBUG [org.apereo.cas.authentication.DefaultMultifactorA

uthenticationProviderBypass] - <Locating matching attribute [null] with value [n

ull] amongst the attribute collection [{cn=[keith22], givenName=[J], mail

=[kei...@xxxxxx.edu], SAMAccountName=[keith22], sn=[A]}]>

2019-10-16 10:25:41,867 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationProviderBypass] - <Failed to match since attribute name is undefined>

2019-10-16 10:25:41,868 DEBUG [org.apereo.cas.authentication.DefaultMultifactorAuthenticationProviderBypass] - <Locating matching attribute [null] with value [n

cas.properties:

cas.authn.mfa.radius.rank=0

cas.authn.mfa.radius.id=mfa-radius

cas.authn.mfa.radius.trustedDeviceEnabled=false

cas.authn.mfa.radius.allowedAuthenticationAttempts=-1

#cas.authn.mfa.radius.name="RRadiusMFA"

cas.authn.mfa.radius.name=

cas.authn.mfa.radius.failoverOnAuthenticationFailure=false

cas.authn.mfa.radius.failoverOnException=false

cas.authn.mfa.radius.client.socketTimeout=3

cas.authn.mfa.radius.client.sharedSecret=xxxxxxxxx

cas.authn.mfa.radius.client.authenticationPort=1812

cas.authn.mfa.radius.client.accountingPort=1813

cas.authn.mfa.radius.client.inetAddress=localhost

cas.authn.mfa.radius.server.retries=3

cas.authn.mfa.radius.server.protocol=PAP

cas.authn.mfa.radius.server.nasIpAddress=10.11.1.188

service file:

{

"@class" : "org.apereo.cas.services.RegexRegisteredService",

"serviceId" : "^https://casdev-casapp.rrxxx.edu/secured-by-cas-rsa(\\z|/.*)",

"name" : "Apache Secured By CAS and RSA MFA",

"id" : 10000007,

"description" : "CAS development Apache mod_auth_cas server with username/password protection and RSA MFA",

"attributeReleasePolicy" : {

"@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"

"multifactorPolicy" : {

"@class" : "org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy",

"multifactorAuthenticationProviders" : [ "java.util.LinkedHashSet", [ "mfa-radius" ] ]

"evaluationOrder" : 9

}

Any ideas would be greatly appreciated!!

Keith Alston

Regent University

IT Department

kei...@regent.edu

757.352.4081

Reply all

Reply to author

Forward

0 new messages