ECP Non-Browser MFA Duo
Joshua Brodie
josbrodie at gmail.com
Wed Dec 4 18:56:27 EST 2019
I'm a bit at sea...apologies in advance for anything ambiguous.
Completed:
*conf/authn/duo.properties -- added the non-duo integration (per the sample
in v3.4.6)*
*conf/authn/duo-authn-config.xml -- added the following:*
<bean id="NonBrowserDuo"
class="net.shibboleth.idp.authn.duo.BasicDuoIntegration"
p:APIHost="%{idp.duo.nonbrowser.apiHost:none}"
p:applicationKey="%{idp.duo.nonbrowser.applicationKey:none}"
p:integrationKey="%{idp.duo.nonbrowser.integrationKey:none}"
p:secretKey="%{idp.duo.nonbrowser.secretKey:none}" />
*authn/general-auth.xml - removed p:nonBrowserSupported property setter on
the "auth/Duo"*
*However MFA is not triggered for a service when via ECP (triggered when
access via regular browser -- no change from previous) -- aim is to trigger
for both ECP and browser. Ant directional tips would be very appreciated.
Thank you/*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20191204/2d8a3070/attachment.html>
More information about the users
mailing list