Forcing the timeout of 2nd factor in a MFA login

Cantor, Scott cantor.2 at
Mon Feb 10 10:32:16 EST 2020

4.0 carries the reuseConditon property across from the login method descriptor beans into the results so it should be possible to attach a rule to check the last activity time and forcibly prevent it from being reused.

I don't believe all the necessary pieces line up prior to that release to make it possible to do this kind of thing.

-- Scott

More information about the users mailing list