Hi All , One more.observation is that, I am getting authentication success and few multifactor authentication bypass logs in server. However I haven't added any bypass mechanism
Please someone help here. Thanks & Regards Vikash Chandra On Mon, Aug 21, 2023, 8:19 PM Vikash Chandra Ansh <vikasharnav0...@gmail.com> wrote: > Hi Peter and Ray, > > Thanks for your input. I have added the global trigger and set the value > as mfa-radius. > > Now I am getting type mismatch error. > > Please find the logs below:- > > Ignoring the received exception > (org.springframework.web.util.NestedServletException: > Handler dispatch falled; nested exception is > java.lang.NoClassDeffoundError: org/bouncycastle/asn1/DEROjectidentifier) > due to type mismatch with handler [[ > FlowHandlerMapping.DefaultFlowHandler@3b873134]]> > > 3823-03-31 13:40:47,365 ERROR > [org.springframework.boot.web.servlet.support.ErrorPaegfilter] Forwarding > to error page free request [/login) due to exception > [org/bouncycastle/asn1/DERObjectIdentifier > > > > Thanks and regards > Vikash > > On Fri, Aug 18, 2023, 12:21 PM Petr Bodnár <p.bod...@centrum.cz> wrote: > >> Vikash, >> >> as you haven't provided much details (e.g. what you actually see in the >> CAS UI and in CAS logs), I can only guess that maybe, you just only haven't >> *activated* the Radius MFA provider for example via the " >> *cas.authn.mfa.triggers.global.global-provider-id*" property - see >> https://apereo.github.io/cas/6.6.x/mfa/Configuring-Multifactor-Authentication-Triggers-Global.html >> as one of the available MFA triggers. >> >> Petr >> >> On Thursday, 17 August 2023 at 20:57:38 UTC+2 vikasha...@gmail.com wrote: >> >>> Thanks Ray >>> >>> My LDAP authentication is working fine . On top of it I want Radius as >>> 2FA, where I am struggling. >>> >>> Anybody please help here >>> >>> Thanks and regards >>> Vikash Chandra >>> On Thu, Aug 17, 2023, 11:24 PM Ray Bon <rb...@uvic.ca> wrote: >>> >>>> Vikash, >>>> >>>> I have these ldap properties for cas authentication: >>>> >>>> cas.authn.ldap[0].type= >>>> cas.authn.ldap[0].ldapUrl= >>>> cas.authn.ldap[0].connectTimeout= >>>> cas.authn.ldap[0].baseDn= >>>> cas.authn.ldap[0].subtreeSearch= >>>> cas.authn.ldap[0].searchFilter= >>>> cas.authn.ldap[0].bindDn=cn= >>>> cas.authn.ldap[0].bindCredential= >>>> >>>> I have not used Radius, so unfamiliar with it config. >>>> https://apereo.github.io/cas/6.6.x/mfa/RADIUS-Authentication.html >>>> >>>> Ray >>>> >>>> On Thu, 2023-08-17 at 15:46 +0530, Vikash Chandra Ansh wrote: >>>> >>>> Notice: This message was sent from outside the University of Victoria >>>> email system. Please be cautious with links and sensitive information. >>>> >>>> Hi Ray, >>>> >>>> Could you please suggest what all properties need to be enabled to use >>>> Radius as 2FA. My primary authentication will be LDAP >>>> >>>> Thanks and Regards >>>> Vikash Chandra >>>> >>>> On Thu, Aug 10, 2023, 2:27 PM Vikash Chandra Ansh <vikasha...@gmail.com> >>>> wrote: >>>> >>>> Hi Ray, >>>> >>>> We have NW change in place. There is UDP connectivity from my cas >>>> server to radius server(unidirectional ) on port 1812 and 1813 . >>>> >>>> >>>> On Wed, Aug 9, 2023, 10:29 PM Ray Bon <rb...@uvic.ca> wrote: >>>> >>>> Vikash, >>>> >>>> Is it possible there is a network issue? >>>> >>>> Ray >>>> >>>> On Tue, 2023-08-08 at 17:20 +0530, Vikash Chandra Ansh wrote: >>>> >>>> Notice: This message was sent from outside the University of Victoria >>>> email system. Please be cautious with links and sensitive information. >>>> >>>> Hi Everyone, >>>> >>>> We are trying to implement radius MFA in CAS. In our case our primary >>>> authentication will be LDAP and then for MFA we need RSA. >>>> >>>> I have also added dependency as cas-server-support-radius-mfa. >>>> >>>> I have added the required properties like client.inet-address and >>>> shared-secert. >>>> But still I can not see any hit on the radius server. >>>> Can anyone please help here. >>>> >>>> Cas version I am using is 6.6.8. >>>> >>>> Thanks and regards >>>> Vikash Chandra >>>> >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email tocas-user+u...@apereo.org. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/ebab25780f77a0697d2191e2fc4e466d00d59f56.camel%40uvic.ca >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/ebab25780f77a0697d2191e2fc4e466d00d59f56.camel%40uvic.ca?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to cas-user+u...@apereo.org. >>>> >>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/42932cfeeb2c1bfac9ca42c058f6017b46ab6196.camel%40uvic.ca >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/42932cfeeb2c1bfac9ca42c058f6017b46ab6196.camel%40uvic.ca?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BdrvxiuB4BCkDej%2BMMV7%2BoENk5VsWudN5AtXEPjSN4o%3DROoBQ%40mail.gmail.com.
