audit log of Duo login
Doan, Tommy
tdoan at smu.edu
Fri Dec 11 11:21:30 EST 2015
Is there a way in the IdP audit log to capture the fact that a Duo login occurred, even when PasswordProtectedTransport is the method that is returned to the SP? By default, the audit log appears identical to when Duo is not required.
For testing and evaluation, I have two different configurations to require Duo login for different scenarios. I have one SP in the RelyingPartyByName configuration. This causes Duo to be required for anyone who logs into that SP. I also have a Mapped attribute that requires Duo when the criteria matches on this definition. It appears the relying party configuration (RelyingPartyByName) causes the authN context to be logged, but the attribute resolver configuration (Mapped attribute) does not. None of my SPs sends an RequestedAuthnContext.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20151211/281a491f/attachment.html>
More information about the users
mailing list