Hi all, In my quest to test out some CAS authentication, I stumble across *Radius Authentication*: https://apereo.github.io/cas/6.1.x/mfa/RADIUS-Authentication.html and want to try it out. I am using CAS 6.1.x
I used freeradius docker varience ( https://hub.docker.com/r/freeradius/freeradius-server), and setup a very simple testing config with a single user (i.e. bob), */etc/raddb/mods-config/files/authorize* bob Cleartext-Password := "hello" */etc/raddb/clients.conf* client dockernet { ipaddr = 0.0.0.0/0 secret = testing123 } and configure CAS using: *cas.yml* cas.authn.radius: client.sharedSecret: testing123 client.inetAddress: my.radius.server *build.gradle dependency:* compile "org.apereo.cas:cas-server-support-radius:${project.'cas.version'}" But was greeted with the following error: *Error Log* 2019-11-06 04:15:20,417 INFO [org.apereo.cas.authentication.PolicyBasedAuthenticationManager] - <Authenticated principal [bob] with attributes [{EAP-Message=[[Binary Data (length=22)]], Message-Authenticator=[[Binary Data (length=16)]], State=[[Binary Data (length=16)]]}] via credentials [[UsernamePasswordCredential(username=bob, source=null, customFields={})]].> 2019-11-06 04:15:20,423 INFO [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN ============================================================= WHO: bob WHAT: Supplied credentials: [UsernamePasswordCredential(username=bob, source=null, customFields={})] ACTION: *AUTHENTICATION_SUCCESS* APPLICATION: CAS WHEN: Wed Nov 06 04:15:20 GMT 2019 CLIENT IP ADDRESS: 172.20.0.1 SERVER IP ADDRESS: 172.20.0.5 ============================================================= > *2019-11-06 04:15:20,434 ERROR [org.apereo.cas.adaptors.radius.web.flow.RadiusAccessChallengedMultifactorAuthenticationTrigger] - <No multifactor authentication providers are available in the application context>* 2019-11-06 04:15:20,434 WARN [org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver] - <1 errors, 0 successes> org.apereo.cas.authentication.AuthenticationException: 1 errors, 0 successes Despite the Authentication success shown above, I was greeted with error related to MFA. My question is follows: - Is there any misconfiguration from me above? Seems unlikely since I did correctly see AUTHENTICATION_SUCCESS and didn't setup MFA. - If my config is OK, is this true that Radius Authentication needs MFA in order to work? Is that intended behavior? - If no, then would need to look into why Radius Authentication is linked together with MFA inseparably. Thanks! Cheers! - Andy -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/da53899e-448f-44a8-a79a-9cb95bcffdcb%40apereo.org.
