https://apereo.github.io/cas/6.5.x/authentication/Configuring-Authentication-Events.html
I don't see a 'redis' option for storing the CAS Events. You might try a storage mechanism listed there. Thanks, David Malia On Tue, Feb 14, 2023 at 11:19 PM wouldsmina <wouldsm...@gmail.com> wrote: > Hello, > > In addition, here is the documentation I used: > https://apereo.github.io/cas/6.5.x/authentication/Configuring-RiskBased-Authentication.html > > Is there more complete documentation? > > Sorry if my request is unclear, I'm not very good at English. > > Le mar. 14 févr. 2023 à 06:20, wouldsmina <wouldsm...@gmail.com> a écrit : > >> Hello, >> >> I'm trying to set up Risk-based Authentication (on CAS 6.5.9), but I >> can't figure out if it works or not (but I don't seem to). Following the >> documentation, I configure these modules in gradle : >> >> implementation "org.apereo.cas:cas-server-support-electrofence" >> implementation >> "org.apereo.cas:cas-server-support-trusted-mfa-redis" >> implementation "org.apereo.cas:cas-server-support-events-redis" >> implementation "org.apereo.cas:cas-server-support-geolocation" >> implementation >> "org.apereo.cas:cas-server-support-geolocation-maxmind" >> implementation "org.apereo.cas:cas-server-core-events" >> >> And in case.properties : >> cas.maxmind.country-database=/usr/share/GeoIP/GeoIP.dat >> >> cas.authn.adaptive.policy.require-timed-multifactor[0].provider-id=mfa-yubikey >> cas.authn.mfa.trusted.crypto.encryption.key=... >> cas.authn.mfa.trusted.crypto.signing.key=... >> cas.authn.mfa.trusted.device-fingerprint.cookie.crypto.encryption.key=... >> cas.authn.mfa.trusted.device-fingerprint.cookie.crypto.signing.key=... >> cas.authn.mfa.trusted.redis.host=localhost >> cas.authn.mfa.trusted.redis.port=6379 >> cas.authn.mfa.trusted.redis.database=0 >> cas.authn.mfa.trusted.redis.enabled=true >> cas.events.redis.host=localhost >> cas.events.redis.enabled=true >> cas.events.redis.database=0 >> >> I connected from different IP and browser, without result. I also tried >> to force the mfa at certain times: >> cas.authn.adaptive.policy.require-timed-multifactor[0].on-or-after-hour=20 >> cas.authn.adaptive.policy.require-timed-multifactor[0].on-or-before-hour=7 >> >> always the same. >> >> Logs : >> [2023-02-13 22:08:00] [info] >> ============================================================= >> [2023-02-13 22:08:00] [info] WHO: audit:unknown >> [2023-02-13 22:08:00] [info] WHAT: >> {source=RankedMultifactorAuthenticationProviderWebflowEventResolver, >> event=success, timestamp=Mon Feb 13 22:08:00 CET 2023} >> [2023-02-13 22:08:00] [info] ACTION: AUTHENTICATION_EVENT_TRIGGERED >> [2023-02-13 22:08:00] [info] APPLICATION: CAS >> [2023-02-13 22:08:00] [info] WHEN: Mon Feb 13 22:08:00 CET 2023 >> [2023-02-13 22:08:00] [info] CLIENT IP ADDRESS: .... >> [2023-02-13 22:08:00] [info] SERVER IP ADDRESS: .... >> [2023-02-13 22:08:00] [info] >> ============================================================= >> ... >> [2023-02-13 22:08:05] [info] #033[32m2023-02-13 22:08:05,636 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit >> trail record BEGIN >> [2023-02-13 22:08:05] [info] >> ============================================================= >> [2023-02-13 22:08:05] [info] WHO: usertest >> [2023-02-13 22:08:05] [info] WHAT: >> [RememberMeUsernamePasswordCredential(super=UsernamePasswordCredential(username=usertest, >> source=null, customFields={}), rememberMe=false)] >> [2023-02-13 22:08:05] [info] ACTION: AUTHENTICATION_SUCCESS >> [2023-02-13 22:08:05] [info] APPLICATION: CAS >> [2023-02-13 22:08:05] [info] WHEN: Mon Feb 13 22:08:05 CET 2023 >> [2023-02-13 22:08:05] [info] CLIENT IP ADDRESS: .... >> [2023-02-13 22:08:05] [info] SERVER IP ADDRESS: .... >> [2023-02-13 22:08:05] [info] >> ============================================================= >> [2023-02-13 22:08:05] [info] >#033[m >> [2023-02-13 22:08:05] [info] #033[32m2023-02-13 22:08:05,712 INFO >> [org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit >> trail record BEGIN >> [2023-02-13 22:08:05] [info] >> ============================================================= >> [2023-02-13 22:08:05] [info] WHO: usertest >> [2023-02-13 22:08:05] [info] WHAT: TGT-1-*****VbkzpcWGqI-cas >> [2023-02-13 22:08:05] [info] ACTION: TICKET_GRANTING_TICKET_CREATED >> [2023-02-13 22:08:05] [info] APPLICATION: CAS >> [2023-02-13 22:08:05] [info] WHEN: Mon Feb 13 22:08:05 CET 2023 >> [2023-02-13 22:08:05] [info] CLIENT IP ADDRESS: .... >> [2023-02-13 22:08:05] [info] SERVER IP ADDRESS: .... >> [2023-02-13 22:08:05] [info] >> ============================================================= >> >> Can someone tell me if I forgot something? >> >> Regards, >> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-user+unsubscr...@apereo.org. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/80949868-dd80-4213-a0bb-9c9cebd02bc5n%40apereo.org >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/80949868-dd80-4213-a0bb-9c9cebd02bc5n%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNaG57CPqbjCTu_hyV%2BkWDTQwZuNe0L4y4esHYg5%2BVHHQQ%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAH2NqNaG57CPqbjCTu_hyV%2BkWDTQwZuNe0L4y4esHYg5%2BVHHQQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAL3JkE%2BYS42qpx3GKtQ-Q1JeE06hEqF_1_zWvW%2BV04shRTmRVQ%40mail.gmail.com.
