Versions Compared

Old Version 36

changes.mady.by.user Guillaume Rousse

Saved on

compared with

New Version Current

changes.mady.by.user Guillaume Rousse

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagexml
titleconditional Conditional usage of two factors, based on client address
collapsetrue
<util:map id="shibboleth.authn.MFA.TransitionMap">
	<entry key="">
		<bean parent="shibboleth.authn.MFA.Transition" p:nextFlow="authn/Flow1" />
	</entry>
	<entry key="authn/Flow1">
		<bean parent="shibboleth.authn.MFA.Transition" p:nextFlowStrategy-ref="checkSecondFactor" />
	</entry>
</util:map>

<bean id="InternalNetwork" class="org.opensaml.profile.logic.IPRangePredicate"
    p:httpServletRequest-ref="shibboleth.HttpServletRequest"
    p:ranges="#{ '192.168.1.0/24' }" />

<bean id="checkSecondFactor" parent="shibboleth.ContextFunctions.Scripted" factory-method="inlineScript"
    p:customObject-ref="InternalNetwork">
    <constructor-arg>
        <value>
            <![CDATA[
if (custom.apply(input)) {
    nextFlow = null;
} else {
    nextFlow = "authn/Duo";
}
nextFlow;
]]>
        </value>
    </constructor-arg>
</bean>

...