Hello,
[version 6.6.13]
I'm working on the implementation of the MFA with the Google Auth. provider
and Trusted Devices.
I have a question concerning the configuration of Trusted Devices.
First time the user comes to a 'Register Device' screen (after MFA Google
Auth screen), with 2 fields:
1/ Name of the current device
----> I want to hide this one on the template. What is the template name
please ?
2/ Duration for registered device
----> I want to hide this one too, by forcing an expiry time for everyone
(30 days)
I've seen some of previous 6.6 configurations using :
cas.authn.mfa.trusted.expiration=30
cas.authn.mfa.trusted.timeUnit=DAY
But these 2 parameters are no longer available in 6.6.13.
I thought that this part was now delegated on the provider side, but I
can't find anything on the Google Auth configuration.
For now, If I take a look at storage, default expiration is 1 year.
So How to set this parameter for now ?
[
{
"id": 1699003407119,
"principal": "testuser",
"deviceFingerprint": "OO5ovcvIZWMPRebiQZGGp6nK2lT1GzElrgtUN87acB8ADGOy",
"recordDate": "2023-11-03T10:23:27+01:00",
"recordKey":
"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6IjBjNjQyMzg3LTM3M2EtNDZkZi1iOGM3LTEyNGNlZmJiMDhlNyJ9.ZXlKNmFYQWlPaUpFUlVZaUxDSmhiR2NpT2lKa2FYSWlMQ0psYm1NaU9pSkJNVEk0UTBKRExVaFRNalUySWl3aVkzUjVJam9pU2xkVUlpd2lkSGx3SWpvaVNsZFVJdIUWhmMmt1dWFlQTQ0TFNjTmhnRDFHb1ZSVW5WejVwSWt0QWsuN3JkWkswX0lTcENaMVQ3a1BFOF9LQQ.hW-Q2nsqjhr0Dnx3LIBJilZgBRoyPAKA8RLN5x2Vtzl44lmizs4-EV-ftwU8jIx7Z7whpTgp6DASz49pc6NO8g",
"name": "charming_wilson",
"expirationDate": "2123-11-03T09:23:27.000+00:00"
}
]
Thanks for your help!
Christophe.
Current MFA trusted devices configuration :
##========================================
## MFA / Trusted Devices :
##========================================
cas.authn.mfa.trusted.mongo.clientUri=mongodb://user:x@localhost:27017/cas-mongo-database
cas.authn.mfa.trusted.mongo.collection=TrustedRepository
cas.authn.mfa.trusted.mongo.drop-collection=false
cas.authn.mfa.trusted.core.authentication-context-attribute=isFromTrustedMultifactorAuthentication
cas.authn.mfa.trusted.core.device-registration-enabled=true
as.authn.mfa.trusted.core.auto-assign-device-name=true
cas.authn.mfa.trusted.crypto.enabled=true
as.authn.mfa.trusted.crypto.encryption.key=xxxxxxxxxxxxxxxxxxx
cas.authn.mfa.trusted.crypto.signing.key=xxxxxxxxxxxxxxxxxxx
cas.authn.mfa.trusted.deviceFingerprint.cookie.crypto.encryption.key=xxxxxxxxxxxxxxxxxxx
cas.authn.mfa.trusted.deviceFingerprint.cookie.crypto.signing.key=xxxxxxxxxxxxxxxxxxx
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/412c6045-b309-4398-bca5-08bf27ad0723n%40apereo.org.
