Autumn flow: MFA and Password interoperability
Mak, Steve
makst at upenn.edu
Fri Jul 12 11:29:50 EDT 2019
So I've converted everything to MFA flow and built a bypass in the checkSecondFactor script and set reuseCondition="false" on authn/MFA.
If I need to run some code block ONLY if the Duo flow was previously NOT run, how would I do that?
I've tried comparing authContext.getActiveResults().get('authn/MFA') with authContext.getAuthenticationResult() and authContext.getInitialAuthenticationResult(),
But none of that seems to work.
2019-07-12 10:15:00,266 - INFO [authn/MFA-checkSecondFactor:12] - Authentication result: null
2019-07-12 10:15:00,266 - INFO [authn/MFA-checkSecondFactor:15] - Previous authn/MFA results: AuthenticationResult{authenticationFlowId=authn/MFA, authenticatedPrincipal=blahblah, authenticationInstant=2019-07-12T10:14:52.314-04:00, lastActivityInstant=2019-07-12T10:14:52.314-04:00, previousResult=true}
And this is after I logged into a duo app, killed the SP shib_session cookie, and did a full SAML flow again.
- Steve Mak
More information about the users
mailing list