Hello everyone,
After spending a week or two in documentation, thoroughly reading and learning about setting up CAS, i finally have the confidence and courage to register and write here.
I'd like to have some recommendations about setting up and removing gauth registration for a user, upon request.
1. I was thinking about gauth registration, i could do this by writing a small app, with service registry setting on cas to force mfa-gauth which first makes the user login with username and password, and then gauth registration details (qr and scratch codes)
page appear, and user just registers there. For next logins on the other services, if user has a record of gauth (i.e looking up in the google_authenticator_registration_record table with username - on a JPA provided gauth-mfa) i'll provide some triggerring
attributes on the principal. Is this thinking ok?
2. I haven't figured out a way for users with gauth to unregister/disable/delete the gauth functionality, any recommendations for this? Another mini-app that deletes the reg-record of username and scratch codes?
Thank you and best regards.
YG