Many thanks Nick. Yes I am planning to use RADIUS with PAP. We use HID 4TRESS Server for OTP.
Yes I have seen you post. Great work. Very useful. I would revisit it. Cheers Jay On Mon, Oct 27, 2014 at 7:40 PM, Nick Owen <[email protected]> wrote: > Also, you can use radius. I tested CAS with two-factor authentication > and documented it: > > https://www.wikidsystems.com/support/wikid-support-center/how-to/configuring-cas-on-ubuntu-for-two-factor-authentication-with-wikid > . > Most 2FA solutions support radius. Note that with a real radius > server in the middle, it can do the authorization in AD/LDAP too. > > On Mon, Oct 27, 2014 at 1:08 PM, Jay <[email protected]> wrote: > > Hi John > > > > That's very helpful to start. I would have a look. > > > > Cheers > > Jay > > > > On Mon, Oct 27, 2014 at 5:00 PM, John Gasper <[email protected]> wrote: > >> > >> Jay, > >> > >> You can modify the login-webflow.xml to do the OTP check after the > >> realSubmit state runs. You'll probably need to write some code to wrap > the > >> OTP service call in Spring webflow action code, but it should be do > able. > >> You'll need to modify the casLoginView.jsp to add the extra field, and > also > >> an a new binding in the viewLoginForm view-state binder section. You > might > >> need to extended the credential as well, or at least play with getting > the > >> value stored in the flow so you can use it later. > >> > >> Good luck. > >> > >> --- > >> John Gasper > >> IAM Consultant > >> Unicon, Inc. > >> PGP/GPG Key: 0xbafee3ef > >> > >> On 10/27/14 9:45 AM, Jayakumar Jayaraman wrote: > >> > >> Hi Guys > >> > >> I want to include the OTP field along with the username & password. > >> > >> And on clicking the Login button I want to do the below 2 actions in one > >> go. > >> - Validate the username+password against the LDAP > >> - Validate the username+OTP against OTP service > >> > >> Is this possible ? > >> > >> I have seen some samples where they do these 2 actions in 2 separate > >> pages. But I am trying to see if I can combine for better user > experience. > >> > >> Please clarify. > >> > >> Thanks > >> Jay > >> > >> > >> > >> > >> > >> -- > >> You are currently subscribed to [email protected] as: > >> [email protected] > >> To unsubscribe, change settings or access archives, see > >> http://www.ja-sig.org/wiki/display/JSG/cas-user > >> > >> > >> -- > >> You are currently subscribed to [email protected] as: > >> [email protected] > >> To unsubscribe, change settings or access archives, see > >> http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > > > -- > > You are currently subscribed to [email protected] as: > > [email protected] > > To unsubscribe, change settings or access archives, see > > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > -- > Nick Owen > WiKID Systems, Inc. > http://www.wikidsystems.com > Commercial/Open Source Two-Factor Authentication > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
