Greetings Dmitriy
Many thanks for the hint.
This worked for me
import org.slf4j.Logger;
...
static final org.slf4j.Logger log =
org.slf4j.LoggerFactory.getLogger(DefaultRegisteredServiceMultifactorPolicy);
...
log.debug("MFA
GroovyMultifactorPolicy.getMultifactorAuthenticationProviders USER
ID=[{}]",thisUser);
and in cas log4j.xml config
<AsyncLogger
name="org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy"
level="debug">
<AppenderRef ref="casFile"/>
</AsyncLogger>
Thanks again.
On Thursday, September 26, 2019 at 9:57:48 AM UTC-4, randomuser878 wrote:
>
> Hello
>
> Attempting to write Groovy MFA that could filter MFA returned value
> based on some selection. At this point stuck on how to get the logger
> output in order to debug and get the solution in play.
>
> Tried: LOGGER.debug("MFA USER Section");
>
> Error message " WARN
> [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
>
> - <No such property: LOGGER for class: GroovyMultifactorPolicy
> Possible solutions: logger>
> groovy.lang.MissingPropertyException: No such property: LOGGER for class:
> GroovyMultifactorPolicy
> Possible solutions: logger
>
> Tried: logger.debug("MFA USER Section");
> WARN
> [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
>
> - <Cannot invoke method debug() on null object>
> java.lang.NullPointerException: Cannot invoke method debug() on null object
>
> Tried: logger.debug "MFA USER Section"
> WARN
> [org.apereo.cas.web.flow.resolver.impl.InitialAuthenticationAttemptWebflowEventResolver]
>
> - <Cannot invoke method debug() on null object>
> java.lang.NullPointerException: Cannot invoke method debug() on null object
>
> I must be missing something fundamental here.
> Multi group selection works just need to debug/log anything
> under getMultifactorAuthenticationProviders and do some more
> customization/troubleshooting
>
> Sample so far (there are more import than probably needed but not sure
> which helps)
> --------------------------- groovy file
> ----------------------------------------
> import java.util.*
> import org.apereo.inspektr.common.web.*;
> import org.apereo.cas.services.*;
> import org.apereo.cas.authentication.principal.*;
> import org.springframework.webflow.execution.RequestContext;
> import org.apereo.cas.web.support.WebUtils;
> // Thought it provided LOGGER object
> import org.slf4j.Logger;
> import lombok.AllArgsConstructor;
> import lombok.Getter;
> import lombok.extern.slf4j.Slf4j;
> import org.apereo.cas.authentication.AuthenticationHandlerResolver;
> import org.apereo.cas.authentication.Authentication;
> import org.apereo.cas.authentication.Credential;
> import org.apereo.cas.authentication.MultifactorAuthenticationCredential;
>
>
> class GroovyMultifactorPolicy extends
> DefaultRegisteredServiceMultifactorPolicy {
>
> String mfaGroupPattern = "cn=something";
>
> @Override
> Set<String> getMultifactorAuthenticationProviders() {
> final Authentication authentication =
> WebUtils.getInProgressAuthentication();
> final String A = authentication.getPrincipal().getId();
> // STUCK POINT
> logger.debug "MFA USER Section"
>
> /* ******* IF someone has a sample code that works and fits this
> idea also it is greatly appreciated,
> def memberOf = authentication.principal.attributes['memberOf'];
> // logger.info "DOING MFA group";
> for (String group : memberOf) {
> if (group.contains(mfaGroupPattern)) {
> // logger.info "In MFA group";
> return "mfa-yubikey";
> }
> // and other checks
> }
> ********** */
> // default if above fails
> ["mfa-gauth"];
> }
> @Override
> RegisteredServiceMultifactorPolicy.FailureModes getFailureMode() {
> // RegisteredServiceMultifactorPolicy.FailureModes.OPEN
> RegisteredServiceMultifactorPolicy.FailureModes.PHANTOM;
> }
>
> @Override
> String getPrincipalAttributeNameTrigger() {
> "groupMembership";
> // "Test"
> }
>
> @Override
> String getPrincipalAttributeValueToMatch() {
> // "(groupA|groupB)";
> "(cn=groupA,ou=....,o=..|cn=groupB,ou=...,o=...)";
> // "TestMatch"
> }
>
> @Override
> boolean isBypassEnabled() {
> // true
> false;
> }
> }
>
>
> Many thanks for your time in looking at this.
>
>
>
>
>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/2ce115a0-3314-460a-bb2a-4b32d14d7c34%40apereo.org.
