There is no MFA in CAS in the way that you would want it to work. All functionality needs to be built out by you as you have done.
From: Nouman Fallouh [mailto:[email protected]] Sent: Thursday, March 26, 2015 1:15 AM To: [email protected] Subject: Re:[cas-user] applying OTP MFA Hello, Any responses about the issue I'd previously sent? While waiting any response to my email, I implemented a custom authentication that accepts custom Credential (username, password and optional otp), off course this required me to have my custom related bunch of classes. I'm okay with it, but still get the feeling that there's something messing and I'm not yet understand about deploying MFA in CAS. Regards, On Tue, Mar 17, 2015 at 12:05 PM, Nouman Fallouh <[email protected] <mailto:[email protected]> > wrote: Hello, I'm trying to deploy a CAS v4.x instance with MFA where I need the triplet (username, password and optional otp) as credentials. With previous version 3.5.x I could do this by creating my own needed classes, I can remember these at least: * UsernamePasswordOtpCredentials * UsernamePasswordOtpCredentialsToPrincipalResolver * AbstractUsernamePasswordOtpAuthenticationHandler * CustomSearchModeSearchDatabaseAuthenticationHandler Also I had to modify the web-flow and for sure the login-view. Now in the new version, I'm reading about new features: http://jasig.github.io/cas/4.0.x/installation/Configuring-Authentication-Components.html#authentication-manager Where policies might solve the problem, but looks like I still need to re-define or extend standard classes like I did before cause I don't have a credential of three attributes as I need. While searching, I found there is new invented credential `OneTimePasswordCredential` but it's also insufficient for my case. Finally, I really waited for this new version and exactly for this new feature, am I going wrong in my believes about it? or is there anything missing? Any help is appreciated. Best regards. -- You are currently subscribed to [email protected] <mailto:[email protected]> as: [email protected] <mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
