webauthn device registration, endpoint security
53 views
Skip to first unread message
Michal Voců
Jan 12, 2023, 4:03:16 PM1/12/23
to cas-...@apereo.org
Hi all,
is there a way to expose "webAuthnDevices" actuator endpoint without
interfering with standard registration flow in CAS server?
We are using CAS server version 6.6.2. When I try to expose webauthn
actuator endpoints by setting
management.endpoint.webAuthnDevices.enabled=true
management.endpoints.web.exposure.include=webAuthnDevices
and securing them by using
cas.monitor.endpoints.endpoint.webAuthnDevices.access=AUTHENTICATED
with basic Spring Security, the standard device registration flow now
also requires basic authentication, which is not available to users.
I would not mind using the CAS API for adding webauthn device, as
mentioned in doc page, but I could not find description of such API.
Does it refer to using POST to /cas/actuator/webAuthnDevices/{username}?
If that is the case, what data should be sent to the endpoint?
Best regards,
Michal Vocu
is there a way to expose "webAuthnDevices" actuator endpoint without
interfering with standard registration flow in CAS server?
We are using CAS server version 6.6.2. When I try to expose webauthn
actuator endpoints by setting
management.endpoint.webAuthnDevices.enabled=true
management.endpoints.web.exposure.include=webAuthnDevices
and securing them by using
cas.monitor.endpoints.endpoint.webAuthnDevices.access=AUTHENTICATED
with basic Spring Security, the standard device registration flow now
also requires basic authentication, which is not available to users.
I would not mind using the CAS API for adding webauthn device, as
mentioned in doc page, but I could not find description of such API.
Does it refer to using POST to /cas/actuator/webAuthnDevices/{username}?
If that is the case, what data should be sent to the endpoint?
Best regards,
Michal Vocu
Luis Sarmiento Heredia
Jan 13, 2023, 9:22:35 PM1/13/23
to cas-...@apereo.org
good afternoon, I'm sorry for bothering you, but could you help me where I can find information to start with cas because I have reviewed the documentation and I have not been able to implement it with cas overlay.
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/876bd864-7375-8a2c-5976-df8f0cbf3e47%40cuni.cz.
Ray Bon
Jan 16, 2023, 12:10:12 PM1/16/23
to cas-...@apereo.org
Luis,
See, https://paulchauvet.github.io/deploying-cas/ and for version 5, https://dacurry-tns.github.io/deploying-apereo-cas/introduction_overview.html
Ray
On Fri, 2023-01-13 at 18:10 -0500, Luis Sarmiento Heredia wrote:
Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.
Reply all
Reply to author
Forward
0 new messages