Hi, Where can I find a guided steps of using the `RequiredHandlerAuthenticationPolicy`, where as I read in the documentation that:
> > This policy could be used to support a multi-factor authentication > situation, for example, where username/password authentication is required > but an additional OTP is optional. > > > Or at least what are the CAS components I should use, work on or modify? Regards, On Wed, May 25, 2016 at 11:17 AM, Nouman Fallouh <[email protected]> wrote: > Thanks Jonathan, > > I've already worked around it by extending the UsernamePasswordCredential > and a related database authentication handler. > Honestly, I'm looking for a solution using the CAS abilities without > external modules and with minimum core modifications. > > Regards, > > On Mon, May 23, 2016 at 8:46 PM, Jonathan Bell <[email protected]> wrote: > >> Hi Nouman, >> >> We here at URQUi have adapted our OTP software for CAS. Information and >> software can be found here: <https://github.com/urqui/cas> >> https://github.com/urqui/cas >> >> Feel free to contact me if you have any questions about CAS/OTP and URQUi. >> >> cheers >> Jonathan. >> >> web: http://urqui.com/ >> >> ---------- Forwarded message ---------- >> From: Nouman Fallouh <[email protected]> >> Date: Mon, May 23, 2016 at 4:01 AM >> Subject: [cas-user] OTP MFA >> To: [email protected] >> >> >> Hi >> I'm reading in here: >> http://apereo.github.io/cas/4.2.x/installation/Configuring-Multifactor-Authentication.html >> the following lines: >> >>> >>> The kinds of required credentials are specified by naming the >>> authentication handlers that accept them, for example, ldapHandler and >>> >>> oneTimePasswordHandler. Thus a service could be registered that imposes >>> security constraints like the following: >> >> *Only permit users with SSO sessions created from both a >>> username/password and OTP token to access this service.* >>> >> >> H >> ow can I find such >> >> oneTimePasswordHandler >> handler? or it's a one I should invent? >> >> Is there any guided steps of how I can apply such scenario? >> >> Regards, >> -- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to <[email protected]> >> [email protected]. >> Visit this group at >> https://groups.google.com/a/apereo.org/group/cas-user/. >> To view this discussion on the web visit >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOEgFxb4w5T7oj%2Bism8GbDKET-omLRykDh3asjewdaWE3iGw8A%40mail.gmail.com?utm_medium=email&utm_source=footer> >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOEgFxb4w5T7oj%2Bism8GbDKET-omLRykDh3asjewdaWE3iGw8A%40mail.gmail.com >> . >> For more options, visit https://groups.google.com/a/apereo.org/d/optout. >> >> >> > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAOEgFxYS99Rc5s9BcvL_C48257zhcGWwHXKzF%3DDkX4%2BYB%3DWUzA%40mail.gmail.com. For more options, visit https://groups.google.com/a/apereo.org/d/optout.
