Peishu, There's nothing stopping you from implementing multifactor authentication. The login flow is extensible and in particular can be extended to involve multiple authentication steps with multiple factors.
At least one adopter cleverly implements multiple informal levels of assurance by chained CAS servers, with the higher assurance CAS server requiring login first via the lower assurance server (thereby achieving multiple factors and selection of level of assurance in relying applications simply by configuration of what CAS server URL to use). https://wiki.jasig.org/display/CASUM/Second-Level+CAS+Server All that said, no, CAS doesn't particularly support multi-factor authentication, in any version. Would be a fine set of features to work on. It's loosely on the roadmap and vision, without specific plans in place and resources identified for implementing it. Andrew -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
