Menu
▾
▴
[Unity-idm-discuss] Potential bug in home endpoint at unity 3.14.0
|
From: Sander A. <sa....@fz...> - 2023-12-13 15:33:36
|
Hi Krzysztof,
hi Roman,
we found an issue which looks like a bug. We set up MFA, using OTP,
some time ago and most time it works well. But now a user reported a
problem, we do not understand. When we sign into the home endpoint
using OIDC (tested with Google and ORCID), the local credential are not
shown (see first screenshot). If we sign in, using SAML, the local
credentials are shown. The logs do not show any error.
May we missed any additional configuration, which I do not remember and
find in the setting at the moment or is it a bug. I can reproduce this
on another instance as well.
This is our MFA config:
unityServer.core.authenticators.otp.authenticatorName=otp
unityServer.core.authenticators.otp.authenticatorType=otp
unityServer.core.authenticators.otp.localCredential=mfa_otp
unityServer.core.authenticators.otp.configurationFile=${CONF}/authenticators/passwordRetrieval.properties
unityServer.core.authenticationFlow.mfaOptin.authenticationFlowName=mfaOptin
unityServer.core.authenticationFlow.mfaOptin.authenticationFlowPolicy=USER_OPTIN
unityServer.core.authenticationFlow.mfaOptin.firstFactorAuthenticators=samlWeb,oauthWeb
unityServer.core.authenticationFlow.mfaOptin.secondFactorAuthenticators=otp
unityServer.core.authenticationFlow.mfaEnforce.authenticationFlowName=mfaEnforce
unityServer.core.authenticationFlow.mfaEnforce.authenticationFlowPolicy=REQUIRE
unityServer.core.authenticationFlow.mfaEnforce.firstFactorAuthenticators=samlWeb,oauthWeb
unityServer.core.authenticationFlow.mfaEnforce.secondFactorAuthenticators=otp
Best regards,
Sander
--
Large-Scale Data Science
Juelich Supercomputing Centre
phone: +49 2461 61 8847
fax: +49 2461 61 6656
email: sa....@fz...
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Stefan Müller
Geschaeftsfuehrung: Prof. Dr. Astrid Lambrecht (Vorsitzende),
Karsten Beneke (stellv. Vorsitzender), Dr. Ir. Pieter Jansens
-----------------------------------------------------------------------
-----------------------------------------------------------------------
|
