Hi, Out of curiosity, I’m wondering where CAS development currently stands with regards to: Support for Multi-Factor Authentication, https://github.com/Jasig/cas/issues/572
We are approaching a point where we will have to implement multi factor authentication for some services, but not for all users nor all services, so we need some flexible solution where services can be informed the security level of the authentication. In particular, currently we are running a Shibboleth IdP which delegates to CAS for authentication. We primarily use CAS protocol for in house development due to simplicity. Depending on CAS road map we may want to consider reversing that setup to run Shibboleth as the authenticating party in order to make multi-factor a feasible alternative at least for systems using SAML 2.0 and use a CAS server delegating authentication to Shibboleth for compatibility purposes. Best regards, /Fredrik -- Fredrik Jönsson, M.Sc. Email: f...@kth.se System architect Phone: +46 8 790 66 03 Kungliga tekniska högskolan (KTH) Mobile: +46 73 595 66 03 KTH/UF/ITA -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev