I use simple cas and set the property "cas.authn.mfa.simple.timeToKillInSeconds=180". The CASMFA code effectively remains valid for 180 seconds (they do not change during that time). However, if a user takes more than 30 seconds to enter said code they cannot log in.
"Credentials are rejected/invalid and authentication attempt has failed" If I press the resend button, CAS sends the same code again and only then is it possible to successfully log in as long as the user does not take more than 30 seconds to enter the code. Apereo CAS 6.5.9 ######## Configuracion SIMPLE MFA ############## cas.authn.mfa.triggers.global.global-provider-id=mfa-simple cas.authn.mfa.simple.name=Email MFA cas.authn.mfa.simple.order=1 cas.authn.mfa.simple.timeToKillInSeconds=120 cas.authn.mfa.simple.tokenLength=6 cas.authn.mfa.simple.mail.from=no-re...@something.com cas.authn.mfa.simple.mail.text=c\u00f3digo para acceder al servicio de autenticaci\u00f3n central: %s cas.authn.mfa.simple.mail.subject=C\u00f3digo de validaci\u00f3n MFA cas.authn.mfa.simple.mail.validateAddresses=false cas.authn.mfa.simple.mail.html=false cas.authn.mfa.simple.mail.attributeName=eduPersonPrincipalName ######### Envio de correo ############# spring.mail.host=localhost spring.mail.port=25 spring.mail.testConnection=true spring.mail.properties.mail.smtp.auth=false spring.mail.properties.mail.smtp.starttls.enable=false -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/58f298e7-4fef-45cf-a91c-58e638558d52n%40apereo.org.
