PPLICATION FAILED TO START
***
Description:
Method requestedContextValidator in
org.apereo.cas.config.CasCoreMultifactorAuthenticationConfiguration
required a bean of type
'org.apereo.cas.authentication.MultifactorAuthenticationTriggerSelectionStrategy'
that could
thanks a lot for reply.
We have customized CAS flow and added additional flows. So, upgrading means
to move all this over, we are actually upgrading to CAS5 already.
CAS5 does support encryption. I do not see we need to move to CAS6 to
satisfy security requirements.
CAS4 does not support
Yan,
That sounds right. It has been a while since I used those versions of cas.
I know that with cas 6 there are properties for ticket encryption, and they
have to be set.
What is preventing you from upgrading?
Is cas 5 still supported? What about the java versions and host OS, are they
Hi Ray,
Thanks for the info., We use both CAS4/CAS5 in production.
Due to our security policy, we need to encrypt anything having user info.
(even in the backend), this means we need to encrypt TGT in the ticket
storage. Otherwise, someone on our network can intercept the traffic
between
I am adding the following from the cas.log file , maybe someone can help me
understand what is missing in the default attribute release policy and why
is Person Directory not triggered:
2020-11-18 16:59:43,750 DEBUG
[org.apereo.cas.config.CasPersonDirectoryConfiguration] -
2020-11-18
Hi,
A web application triggers a mfa-duo authentication with http request
parameter authn_method=mfa-duo. Is it possible to bypass this
application from using mfa-duo ?
We didn't set cas.authn.mfa.request-parameter so default value is on (
authn_method ). Tried to add these lines in service