CAS experts,
We are running CAS 5.2. We MFA working fine with Google Authenticator which is stored in an MFA database. We are now trying to add in the Trusted device configuration. So we created a new database, mfatrusted. I assume we should not use the same database that we created for google auth. We know the database schema is getting created and it does create the following: MariaDB [mfatrust]> show tables; +--------------------------------------+ | Tables_in_mfatrust | +--------------------------------------+ | MultifactorAuthenticationTrustRecord | +--------------------------------------+ 1 row in set (0.00 sec) MariaDB [mfatrust]> select * from MultifactorAuthenticationTrustRecord; Empty set (0.00 sec) However, we now get a 500 error when trying to authenticate with mfa. registerTrustedDevice' of flow 'mfa-gauth' -- action execution attributes were 'map[[empty]]' ……. Caused by: java.sql.SQLException: Data too long for column 'recordKey' at row 1 Query is: insert into MultifactorAuthenticationTrustRecord (geography, name, principal, recordDate, recordKey) values (?, ?, ?, ?, ?), parameters ['144.89.41.210@Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko','Timdesktop','tyler','2018-03-13','eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRlVsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVkVrMFVUQktSRXhWYUZSTmFsVXlTVzR3TGk1c2RYSlROa0ZOYTJGemFFSkdZMDltYms5TlYzaEJMbVpIWjFNdFJHNUdTWEY2VW1kUWRHbDBSVUUyTnkwNVMwWnlXVmhsUVU0eE1EQkRPRVY1Y21Wa2FsTllaV1JRTTBOMGRtVnNRbFJIVVVab1dXcDZZM1k1WWpOUU1saGtVR1owZUc4NVZtRndSWFZhTkVJeVdtSTVjamt5TVRRNGNreE9VMDR3VGw5eGNVNXFNWGQzWm1GQ1ZXSlBlVXh4Y0hBM1JrSnFiR015TGs1T1dIRmpUbHBZTWxGaWQydDVXVkJUWkVob1NYYz0.DnGt3qqCV8ATGH1HhUFeR4UGCTqUJP5Gj3G2jbcZM7HgacEPuh6HYjY6AowW60dWf3mP_KDzw7CkQEQN_VvT0w'] Our config in cas.properties has the following for this: # Trusted Device/Browser cas.authn.mfa.trusted.authenticationContextAttribute=isFromTrustedMultifactorAuthentication cas.authn.mfa.trusted.deviceRegistrationEnabled=true cas.authn.mfa.trusted.expiration=30 cas.authn.mfa.trusted.timeUnit=DAYS # cas.authn.mfa.trusted.crypto.encryption.key= # cas.authn.mfa.trusted.crypto.signing.key= # cas.authn.mfa.trusted.crypto.enabled=true # CAS MFA Trusted Device cas.authn.mfa.trusted.jpa.healthQuery=SELECT 1 cas.authn.mfa.trusted.jpa.url=jdbc:mariadb://cas.beloit.edu:3306/mfatrust cas.authn.mfa.trusted.jpa.dialect=org.hibernate.dialect.MariaDBDialect cas.authn.mfa.trusted.jpa.user=root cas.authn.mfa.trusted.jpa.password=xxxxxxxx cas.authn.mfa.trusted.jpa.driverClass=org.mariadb.jdbc.Driver cas.authn.mfa.trusted.jpa.autocommit=true ##cas.authn.mfa.trusted.jpa.ddlAuto=create cas.authn.mfa.trusted.jpa.ddlAuto=validate Any idea what I might be missing? What should be set for cas.authn.mfa.trusted.jpa.healthQuery= Tim Tyler Network Engineer Beloit College -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/f30ee0f2dd877c583dead7881b289c1a%40mail.gmail.com.
