By: Fabrice Dossin user 28 Jan 2019 at 8:43 a.m. CST

1 Response

Hello, I need to apply different policy workflow depending of users. Is there a way with Gluu to select the authentication method based on the user domain ? For example based on user mail domain apply social login method instead of basic auth ? This seems a little bit complicated since it should get the user then fetch for authentication method but I do not know if it already exist into Gluu or possible to customize. Or based on an LDAP attribute, could I apply eventually a second step in authentication workflow, eg. an MFA attribute telling if the user group need multiple factor authentication ? May I implement this using custom scripts ? Regards, Fabrice

Ubuntu 16.04

closed

By Chris Blanton user 28 Jan 2019 at 9:55 a.m. CST

Copy

Fabrice, > Or based on an LDAP attribute, could I apply eventually a second step in authentication workflow, eg. an MFA attribute telling if the user group need multiple factor authentication ? May I implement this using custom scripts ? Without getting into too many specifics on how to build an interception script, please take a look at the Duo example that comes as a default. It's a great example of how to use all the functions in the scripts. https://github.com/GluuFederation/community-edition-setup/blob/master/static/extension/person_authentication/DuoExternalAuthenticator.py Specifically this line for your use case example: https://github.com/GluuFederation/community-edition-setup/blob/master/static/extension/person_authentication/DuoExternalAuthenticator.py#L111 This is where they check if a user has the `duo_group` attribute https://github.com/GluuFederation/community-edition-setup/blob/master/static/extension/person_authentication/DuoExternalAuthenticator.py#L41

You need to Login in order to post an answer

User based authentication workflow

By: Fabrice Dossin user 28 Jan 2019 at 8:43 a.m. CST

Answers

By Chris Blanton user 28 Jan 2019 at 9:55 a.m. CST

Post an answer