Class RiskBasedAuthenticationResponseProperties
java.lang.Object
org.apereo.cas.configuration.model.core.authentication.risk.RiskBasedAuthenticationResponseProperties
- All Implemented Interfaces:
Serializable
@RequiresModule(name="cas-server-support-electrofence")
public class RiskBasedAuthenticationResponseProperties
extends Object
implements Serializable
- Since:
- 7.0.0
- See Also:
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionRisk confirmation attempts are only evaluated up to a point in history, controlled by this setting.getMail()
Email settings for notifications, If an authentication attempt is deemed risky.If an authentication attempt is deemed risky, force a multi-factor authentication event noted by the provider id here.Control the expiration window of the verification token that can be used to verify and confirm risky authentication attempts.If an authentication attempt is deemed risky, communicate the nature of this attempt back to the application via a special attribute in the final CAS response indicated here.getSms()
SMS settings for notifications, If an authentication attempt is deemed risky.boolean
If an authentication attempt is deemed risky, block the response and do not allow further attempts.setBlockAttempt
(boolean blockAttempt) If an authentication attempt is deemed risky, block the response and do not allow further attempts.setGetRiskVerificationHistory
(String getRiskVerificationHistory) Risk confirmation attempts are only evaluated up to a point in history, controlled by this setting.setMail
(EmailProperties mail) Email settings for notifications, If an authentication attempt is deemed risky.setMfaProvider
(String mfaProvider) If an authentication attempt is deemed risky, force a multi-factor authentication event noted by the provider id here.setRiskVerificationTokenExpiration
(String riskVerificationTokenExpiration) Control the expiration window of the verification token that can be used to verify and confirm risky authentication attempts.setRiskyAuthenticationAttribute
(String riskyAuthenticationAttribute) If an authentication attempt is deemed risky, communicate the nature of this attempt back to the application via a special attribute in the final CAS response indicated here.setSms
(SmsProperties sms) SMS settings for notifications, If an authentication attempt is deemed risky.
-
Constructor Details
-
RiskBasedAuthenticationResponseProperties
public RiskBasedAuthenticationResponseProperties()
-
-
Method Details
-
isBlockAttempt
public boolean isBlockAttempt()If an authentication attempt is deemed risky, block the response and do not allow further attempts. -
getMfaProvider
If an authentication attempt is deemed risky, force a multi-factor authentication event noted by the provider id here. -
getRiskyAuthenticationAttribute
If an authentication attempt is deemed risky, communicate the nature of this attempt back to the application via a special attribute in the final CAS response indicated here. -
getRiskVerificationTokenExpiration
Control the expiration window of the verification token that can be used to verify and confirm risky authentication attempts. -
getGetRiskVerificationHistory
Risk confirmation attempts are only evaluated up to a point in history, controlled by this setting. That is to say, authentication attempts that are detected as risky are evaluated against previous confirmations in history using this time window. Once we move beyond this point in the history of authentication attempts, the confirmations no longer hold and the user will be asked to verify their attempt again. -
getMail
Email settings for notifications, If an authentication attempt is deemed risky. -
getSms
SMS settings for notifications, If an authentication attempt is deemed risky. -
setBlockAttempt
If an authentication attempt is deemed risky, block the response and do not allow further attempts.- Returns:
this
.
-
setMfaProvider
If an authentication attempt is deemed risky, force a multi-factor authentication event noted by the provider id here.- Returns:
this
.
-
setRiskyAuthenticationAttribute
public RiskBasedAuthenticationResponseProperties setRiskyAuthenticationAttribute(String riskyAuthenticationAttribute) If an authentication attempt is deemed risky, communicate the nature of this attempt back to the application via a special attribute in the final CAS response indicated here.- Returns:
this
.
-
setRiskVerificationTokenExpiration
public RiskBasedAuthenticationResponseProperties setRiskVerificationTokenExpiration(String riskVerificationTokenExpiration) Control the expiration window of the verification token that can be used to verify and confirm risky authentication attempts.- Returns:
this
.
-
setGetRiskVerificationHistory
public RiskBasedAuthenticationResponseProperties setGetRiskVerificationHistory(String getRiskVerificationHistory) Risk confirmation attempts are only evaluated up to a point in history, controlled by this setting. That is to say, authentication attempts that are detected as risky are evaluated against previous confirmations in history using this time window. Once we move beyond this point in the history of authentication attempts, the confirmations no longer hold and the user will be asked to verify their attempt again.- Returns:
this
.
-
setMail
Email settings for notifications, If an authentication attempt is deemed risky.- Returns:
this
.
-
setSms
SMS settings for notifications, If an authentication attempt is deemed risky.- Returns:
this
.
-