-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
2FA and authentication level #178
Comments
vever001
changed the title
Restrict login options when enabling "Force two factor authentication" (add "Authentication level" option)
2FA and authentication level
Nov 22, 2023
I just realized that we need to clear all drupal caches and after that we only see the 2FA options as expected. So I was wrong but this seems to suggest there might be some cache invalidation/metadata missing when oe_authentication alters the CAS redirect.
This is less of a problem but might be worth looking into. |
It's not in our plans to fix this as we are not directly impacted. Feel free to contribute the fix. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
If we enable the option "Force two factor authentication" from the module settings (/admin/config/system/oe_authentication), we are still able to select the password authentication method from ECAS.
When we do so, we get a vague error in Drupal, which is very confusing for end users:
And the Drupal logs contain:
Ideally EULogin should only list applicable login options.
I believe https://citnet.tech.ec.europa.eu/CITnet/confluence/display/IAM/Multi-factor+authentication is related and explains 3 types of authentication methods (basic/medium/high).
Shouldn't the module expose these 3 options (as select?) in settings instead of the "Force two factor authentication" checkbox?
Thank you
The text was updated successfully, but these errors were encountered: