No. That would be a feature request followed by an issue on Github :)
--Misagh
From: cas-user@apereo.org [mailto:cas-user@apereo.org] On Behalf Of K S
Sent: Thursday, November 17, 2016 10:35 AM
To: CAS Community <cas-user@apereo.org>
Subject: [cas-user] Re: cas5 MFA for SAML2 SP
I was able to trigger it using the Opt-In Request Parameter but is there a
way to do it using entityID in SAML2 SP service registry JSON ?
On Thursday, November 17, 2016 at 11:17:59 AM UTC-6, K S wrote:
Can MFA can be triggered for a specific SAML2 SP inside the CAS service
registry. I am using following JSON but it's not triggering the DUO login .
I am able to login to SP though.
{
@class: org.apereo.cas.support.saml.services.SamlRegisteredService
serviceId:
https://localhost:8443/spring-security-saml2-sample/saml/metadata
name: SAMLService
id: 1023
description: SAML Client Metadata
evaluationOrder: 10
logoutType: BACK_CHANNEL
attributeReleasePolicy:
{
@class: org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy
principalAttributesRepository:
{
@class:
org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository
expiration: 2
timeUnit: HOURS
}
authorizedToReleaseCredentialPassword: false
authorizedToReleaseProxyGrantingTicket: false
}
multifactorPolicy:
{
@class:
org.apereo.cas.services.DefaultRegisteredServiceMultifactorPolicy
multifactorAuthenticationProviders:
[
java.util.HashSet
[
mfa-duo
]
]
failureMode: CLOSED
principalAttributeNameTrigger: eduPersonAffiliation
principalAttributeValueToMatch: alum
}
accessStrategy:
{
@class: org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy
enabled: true
ssoEnabled: true
requireAllAttributes: true
caseInsensitive: false
}
metadataLocation: /home/cas/spring-security-saml.xml
metadataMaxValidity: 0
signAssertions: false
signResponses: true
encryptAssertions: false
metadataCriteriaRoles: SPSSODescriptor
metadataCriteriaRemoveEmptyEntitiesDescriptors: true
metadataCriteriaRemoveRolelessEntityDescriptors: true
}
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines:
https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups
"CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to cas-user+unsubscr...@apereo.org
<mailto:cas-user+unsubscr...@apereo.org> .
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/708c1df4-56bb-4e38-81a4-aec7bc687170%40apereo.org
<https://groups.google.com/a/apereo.org/d/msgid/cas-user/708c1df4-56bb-4e38-81a4-aec7bc687170%40apereo.org?utm_medium=email_source=footer>
.
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/05a401d240fc%24fbc89ad0%24f359d070%24%40unicon.net.