No idea, really ? It's mentioned in section MFA of https://apereo.github.io/cas/4.2.x/planning/Security-Guide.html
but not anymore on v5 https://apereo.github.io/cas/development/planning/Security-Guide.html ?? Regards. Le 29/09/2016 à 14:43, Philippe MARASSE a écrit : > Hello, > > I'm wondering if CAS is able to do service-based LOA, eg, internal users > use SPNEGO and external users use Login/Password, and if requested by > service : MFA with Yubikey or other not yet implemented mean (OTP via > SMS, OTP via FreeOTP, etc.). Ideally, I would set a level by service : > - access to Webmail with required level of 15 points > - access to Personal informations with required level of 20 points > > And successful authentication would be granted by handler : > - SPNEGO : 25 points > - Login/Password : 15 points > - MFA yubikey : 10 points > - ... > > So internal users would always gain access with SPNEGO, and external > users will be requested login/password only for Webmail, and > login/password + MFA for Personal Informations. > > Is it already possible with CASv5 ? > > I think it will need some development though, in this case, I'll need > directions :-) > > Regards. > -- Philippe MARASSE Responsable pôle Infrastructures - DSIO Centre Hospitalier Henri Laborit CS 10587 - 370 avenue Jacques Cœur 86021 Poitiers Cedex Tel : 05.49.44.57.19 -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/0a2a19d6-5d9d-a453-c953-156eb585da03%40ch-poitiers.fr. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
smime.p7s
Description: Signature cryptographique S/MIME
