Uploaded image for project: 'RH-SSO'
  1. RH-SSO
  2. RHSSO-1080

Conditional OTP enforcement does not work

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • RH-SSO-7.2.0.ER1
    • RH-SSO-7.1.2.CR3
    • Server
    • None
    • Hide

      0. create a custom realm
      1. create a custom authentication flow
      2. add Username Password Form and Conditional OTP Form to the flow
      3. set OTP control User Attribute to "otpsetting"
      4. bind the custom flow to the Browser Flow
      5. create a user and set its password
      6. access http://localhost:8080/auth/realms/your_realm_name/account/ and enter the username/password
      7. "MOBILE AUTHENTICATOR SETUP" is exptected, but the account management console is shown without initializing OTP.

      Show
      0. create a custom realm 1. create a custom authentication flow 2. add Username Password Form and Conditional OTP Form to the flow 3. set OTP control User Attribute to "otpsetting" 4. bind the custom flow to the Browser Flow 5. create a user and set its password 6. access http://localhost:8080/auth/realms/your_realm_name/account/ and enter the username/password 7. "MOBILE AUTHENTICATOR SETUP" is exptected, but the account management console is shown without initializing OTP.

      Conditional OTP Authentication enforcement works, if OTP control User Attribute, Skip OTP for Role, Force OTP for Role, Skip OTP for Header, and Force OTP for Header are empty. However, it does not work, if one ore more of them are set.

              rh_vmuzikar Václav Muzikář
              rhn-support-hokuda Hisanobu Okuda
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: