I am trying to integrate CAS 6.6 via RADIUS for 1st factor and 2-factor authentications.
I am getting the below message even after entering the correct OTP and displays the following message in UI OTP page.
Credentials are rejected/invalid and authentication attempt has failed.
2023-11-24 00:36:51,382 WARN \[org.apereo.cas.authentication.policy.AllAuthenticationHandlersSucceededAuthenticationPolicy\] - \<Number of successful authentications, \[2\], does not match the number of authentication handlers, \[1\].\>
2023-11-24 00:36:51,382 WARN \[org.apereo.cas.authentication.policy.AllAuthenticationHandlersSucceededAuthenticationPolicy\] - \<Number of successful authentications, \[2\], does not match the number of authentication handlers, \[1\].\>
2023-11-24 00:36:51,383 ERROR \[org.apereo.cas.authentication.DefaultAuthenticationManager\] - \<\[AuthenticationException\]: \[Unable to satisfy authentication policy AllAuthenticationHandlersSucceededAuthenticationPolicy\]\>
2023-11-24 00:36:51,384 INFO \[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager\] - \<Audit trail record BEGIN
WHO: 1234
WHAT: \[RadiusTokenCredential\]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Fri Nov 24 00:36:51 AST 2023
Below is my configuration:
`cas.authn.accept.enabled=false
cas.authn.policy.all-handlers.enabled=true
cas.authn.policy.all.enabled=true
cas.authn.radius.client.inet-address=x.x.x.x
cas.authn.radius.client.shared-secret=1234567890
cas.authn.radius.client.socket-timeout=30
cas.authn.radius.server.protocol=PAP
cas.authn.radius.server.retries=1
cas.authn.mfa.radius.server.protocol=PAP
cas.authn.mfa.radius.client.shared-secret=1234567890
cas.authn.mfa.radius.client.inet-address=x.x.x.x
cas.authn.mfa.radius.allowed-authentication-attempts=10
cas.authn.mfa.radius.id=mfa-radius
cas.authn.mfa.triggers.global.globalProviderId=mfa-radius
cas.service-registry.core.init-from-json=false
cas.service-registry.json.location=file:C:\etc\cas\services`
I was expecting it to complete the authentication sucessfully
Had to make the following changes to work in my RADIUS Server.