Alright Misagh and Manfredo, I believe you're both putting me on the right
track with this. Unfortunately, I haven't used a groovy script before and
I'm having trouble getting it to get picked up by CAS. Could either of you
help with this example?
*/etc/cas/selectiveDuo.groovy:*
def String run(final Object... args) {
def authentication = args[0]
def principal = args[1]
def service = args[2]
def provider = args[3]
def logger = args[4]
def httpRequest = args[5]
logger.info("Evaluating principal attributes ${principal.attributes}")
def bypass = principal.attributes['uid']
if (bypass.contains("testuid")) {
logger.info("Skipping bypass for principal ${principal.id}
return false
}
return true
}
Is this really what the groovy file should look like or am I missing
imports and package info at the top? I never get any info logged, so I'm
pretty sure this script never gets run.
*/etc/cas/config/cas.properties:*
*cas.authn.mfa.duo[0].rank=0cas.authn.mfa.duo[0].duoApiHost=REMOVEDcas.authn.mfa.duo[0].duoIntegrationKey=REMOVEDcas.authn.mfa.duo[0].duoSecretKey=REMOVEDcas.authn.mfa.duo[0].duoApplicationKey=REMOVEDcas.authn.mfa.duo[0].id=mfa-duocas.authn.mfa.globalProviderId=mfa-duocas.authn.mfa.globalPrincipalAttributePredicate=file:///etc/cas/selectiveDuo.groovy*
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/9ade320d-4c96-4c23-b22b-a830387cf692%40apereo.org.
