> What are members of this community currently using, looking into, or > developing for MFA via Duo?
We quickly prototyped two MFA solutions on top of 3.5.2, one for Google Authenticator and another for YubiKey. Almost all the customization was at the WebFlow layer. Assuming you approach a solution similarly, I would expect any code for 3.5.x to port to 4.x with minor changes. I would also argue that the enrollment and backup processes (no token/device) are so specific to each institution that it's hard to develop a general framework. That's to say I would think rolling your own is necessary, and our experiments show it's fairly easy for a development team familiar with Java/Spring. Best, M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
