[[CAS 7 MFA]]
CAS 7 MFA
reference
dependencies
[root@cas cas-overlay-template]# vim build.gradle
implementation "org.apereo.cas:cas-server-support-simple-mfa:${project.'cas.version'}"
parametrage MFA cas.properties
[root@cas cas-overlay-template]# vim etc/cas/config/cas.properties
#configure the global MFA trigger to always use this provider:
cas.authn.mfa.triggers.global.global-provider-id=mfa-simple
#simple mfa via mail
spring.mail.host=smtp.domain.fr
spring.mail.port=25
spring.mail.testConnection=true
# Where CAS finds the user's email address
cas.authn.mfa.simple.mail.attribute-name=mail
#Sender and content
cas.authn.mfa.simple.mail.from=adminmfa@domain.eu
cas.authn.mfa.simple.mail.subject=CAS MFA Token
cas.authn.mfa.simple.mail.text=Hello! Your requested CAS token is ${token}
## Since in 7.x the settings moved to a token core namespace, use:
#cas.authn.mfa.simple.time-to-kill-in-seconds=300
#cas.authn.mfa.simple.token.time-to-live-in-seconds=300
cas.authn.mfa.simple.token.core.time-to-kill-in-seconds=300
cas.authn.mfa.simple.token.core.token-length=6
#Give the provider a name and order (optional but useful):
cas.authn.mfa.simple.name=Email MFA
cas.authn.mfa.simple.order=0
Log debug
[root@cas cas-overlay-template]# vim /opt/cas-src/cas-overlay-template/src/main/resources/application.yml
# Application properties that need to be
# embedded within the web application can be included here
logging:
level:
org.apereo.cas.authentication.mfa: DEBUG
rebuild
enchainement de commande depuis [root@cas cas-overlay-template]#
539 systemctl stop tomcat 540 ./gradlew clean copyCasConfiguration build --no-daemon 541 cp /opt/cas-src/cas-overlay-template/build/libs/cas.war /opt/tomcat/webapps/cas.war 542 systemctl start tomcat.service 543 tail -f /opt/tomcat/logs/catalina.out
