Storing data (ip address) to database after successful login.

Arnaud Houdelette arnaud.houdelette at
Wed Sep 29 14:56:02 UTC 2021

Hi there.

I'm currently in the process of enabling MFA for our institution (on IDP 

To limit the hassle on my 'angry' users, i'd like to ask for second 
factor only when the connecting IP address is not on a dynamic 
(expiring) allowlist.

I already found how to use a static whitelist with 
conf/authn/mfa-authn-config.xml checkSecondFactor script.

I intend to load the address list from a database (sqlite) with the 
attribute resolver...

but where in the auth process should I write the sucessful login IP in 
the database ?

Arnaud Houdelette
Administrateur des infrastructures systèmes et réseaux
Normandie Université

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3632 bytes
Desc: Signature cryptographique S/MIME
URL: <>

More information about the users mailing list