Fixed. It's now evaluated. Thank you Misagh Le vendredi 13 février 2026 à 16:25:20 UTC+1, Frédéric Dussurget a écrit :
> Context Cas 7.3.4/Redis 8 for tickets,services and mfa devices > > Hi, > I would like to try the trigger defined here : > https://apereo.github.io/cas/7.3.x/mfa/Configuring-Multifactor-Authentication-Triggers-Global-PrincipalAttribute-Predicate.html > . > I've set this : > cas.authn.mfa.triggers.principal.global-principal-attribute-predicate.location: > > file:/etc/cas/config/mfa_predicate.groovy > > But … this script is not evaluated when starting the webapp or in the > authentication flow ... > Nothing in the logs. > All other groovies are being evaluated in my context such as > cas.authn.mfa.groovy-script.location, > cas.authn.mfa.gauth.bypass.groovy.location, etc. without any problem. > Did I miss Something ? > > Some of the deps I used to compile : > > //MFA TOTP > implementation "org.apereo.cas:cas-server-support-gauth" > implementation "org.apereo.cas:cas-server-support-gauth-core" > implementation "org.apereo.cas:cas-server-support-gauth-core-mfa" > implementation "org.apereo.cas:cas-server-support-gauth-redis" > > // MFA FIDO2 WEBAUTHN > implementation "org.apereo.cas:cas-server-support-webauthn" > implementation "org.apereo.cas:cas-server-support-webauthn-redis" > > //MFA TRUSTED DEVICE > implementation "org.apereo.cas:cas-server-support-trusted-mfa" > implementation "org.apereo.cas:cas-server-support-trusted-mfa-redis" > > implementation "org.apereo.cas:cas-server-support-redis-authentication" > implementation "org.apereo.cas:cas-server-support-redis-core" > > // GROOVY SCRIPTING > implementation "org.apereo.cas:cas-server-core-scripting" > > > For info, the content of the groovy script > /etc/cas/config/mfa_predicate.groovy is below, but anyway, it does not seem > to be read > > import org.apereo.cas.authentication.* > import java.util.function.* > import org.apereo.cas.services.* > > class PredicateExample implements > Predicate<MultifactorAuthenticationProvider> { > > def service > def principal > def providers > def logger > > public PredicateExample(service, principal, providers, logger) { > this.service = service > this.principal = principal > this.providers = providers > this.logger = logger > } > > @Override > boolean test(final MultifactorAuthenticationProvider p) { > logger.info("Testing provider {}", p.getId()) > if (p.matches("mfa-gauth")) { > logger.info("Provider {} is available. Checking > eligibility...", p.getId()) > if (p.isAvailable(this.service)) { > logger.info("Provider {} matched. Good to go!", p.getId()) > return true; > } > logger.info("Skipping provider {}. Match failed.", p.getId()) > return false; > } > logger.info("Provider {} cannot be reached", p.getId()) > return false > } > } > > -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/c15dfde9-6926-4a48-baa1-04151f6684edn%40apereo.org.
