Currently testing an upgrade to CAS 7.0.2 and running into an issue
where if the user authenticates with Spnego/Kerberos, Duo-MFA will not
trigger properly (user is dropped back to the standard login page, which
works fine). The same config works fine in CAS 6.6.x if I flip back and
I've tried
(CAS 6.6.x)
The documentation suggests that in the
SurrogatedRegisteredServiceAccessStrategies that the
attributes/principal being evaluated is the "primary" user (Specifically
it says: "Decide whether the primary user is tagged with enough
attributes and entitlements to allow impersonation t
On 5/4/23 3:31 PM, Ray Bon wrote:
> 2. release surrogate id [test] and surrogate attributes to application
> [groovy script] (i.e. as far as application is concerned, it only ever
> knows about surrogate, and nothing about admin)
So just to clarify, that means when the documentation here:
https:
I'm having a heck of a time setting up trustedDevice authentication
(outlined here:
https://apereo.github.io/cas/5.1.x/installation/Multifactor-TrustedDevice-Authentication.html)
under a fresh 5.1.2 install and I'm not sure if I'm misunderstanding the
feature altogether or simply configuring it
