[cas-user] global-principal-attribute-predicate not evaluated by cas

[Frédéric Dussurget]

Context Cas 7.3.4/Redis 8 for tickets,services and mfa devices

Hi,
I would like to try the trigger defined here : 
https://apereo.github.io/cas/7.3.x/mfa/Configuring-Multifactor-Authentication-Triggers-Global-PrincipalAttribute-Predicate.html.
I've set this :
cas.authn.mfa.triggers.principal.global-principal-attribute-predicate.location: 
file:/etc/cas/config/mfa_predicate.groovy

But … this script is not evaluated when starting the webapp or in the 
authentication flow ...
Nothing in the logs.
All other groovies are being evaluated in my context such as 
cas.authn.mfa.groovy-script.location, 
cas.authn.mfa.gauth.bypass.groovy.location, etc. without any problem.
Did I miss Something ?

Some of the deps I used to compile :

    //MFA TOTP
   implementation "org.apereo.cas:cas-server-support-gauth"
   implementation "org.apereo.cas:cas-server-support-gauth-core"
   implementation "org.apereo.cas:cas-server-support-gauth-core-mfa"
   implementation "org.apereo.cas:cas-server-support-gauth-redis"

    // MFA FIDO2 WEBAUTHN
    implementation "org.apereo.cas:cas-server-support-webauthn"
    implementation "org.apereo.cas:cas-server-support-webauthn-redis"

    //MFA TRUSTED DEVICE
    implementation "org.apereo.cas:cas-server-support-trusted-mfa"
    implementation "org.apereo.cas:cas-server-support-trusted-mfa-redis"

    implementation "org.apereo.cas:cas-server-support-redis-authentication"
    implementation "org.apereo.cas:cas-server-support-redis-core"

// GROOVY SCRIPTING
    implementation "org.apereo.cas:cas-server-core-scripting"


For info, the content of the groovy script 
/etc/cas/config/mfa_predicate.groovy is below, but anyway, it does not seem 
to be read

import org.apereo.cas.authentication.*
import java.util.function.*
import org.apereo.cas.services.*

class PredicateExample implements 
Predicate<MultifactorAuthenticationProvider> {

    def service
    def principal
    def providers
    def logger

    public PredicateExample(service, principal, providers, logger) {
        this.service = service
        this.principal = principal
        this.providers = providers
        this.logger = logger
    }

    @Override
    boolean test(final MultifactorAuthenticationProvider p) {
        logger.info("Testing provider {}", p.getId())
        if (p.matches("mfa-gauth")) {
           logger.info("Provider {} is available. Checking eligibility...", 
p.getId())
           if (p.isAvailable(this.service)) {
               logger.info("Provider {} matched. Good to go!", p.getId())
               return true;
           }
           logger.info("Skipping provider {}. Match failed.", p.getId())
           return false;
        }
        logger.info("Provider {} cannot be reached", p.getId())
        return false
    }
}

-- 
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5410fb5-ae02-42d4-9f11-83c5b56366b9n%40apereo.org.