Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision |
en:shibidp:plugin-fudiscr [2022/06/20 10:00] – hofmann@fu-berlin.de | en:shibidp:plugin-fudiscr [2023/01/27 11:39] – [WebAuthn] hofmann@fu-berlin.de |
---|
//rpId// (relying party Id), //challenge//, //userVerification// and //timeout// are identical. | //rpId// (relying party Id), //challenge//, //userVerification// and //timeout// are identical. |
| |
If a user owns multiple active WebAuthn tokens and you set ''fudiscr.user_token_selection=multipleToken'' or ''fudiscr.user_token_selection=multipleTokenTypeGroup'' in ''%{idp.home}/conf/authn/fudiscr.properties'', | If a user owns multiple active WebAuthn tokens and you set ''fudiscr.user_token_selection=none'', ''fudiscr.user_token_selection=multipleToken'' or ''fudiscr.user_token_selection=multipleTokenTypeGroup'' in ''%{idp.home}/conf/authn/fudiscr.properties'', |
you have to set ''fudiscr.privacyidea.single_trigger_challenges=false'' as well. | you have to set ''fudiscr.privacyidea.single_trigger_challenges=false'' as well. |
</alert> | </alert> |
* 1.1.0 | * 1.1.0 |
* privacyIDEA version 3.7 is also supported | * privacyIDEA version 3.7 is also supported |
* in case of invalid/empty input the message `FudiscrNoResponse` is written to the `AuthenticationErrorContext` | * in case of invalid/empty input the message ''FudiscrNoResponse'' is written to the ''AuthenticationErrorContext'' |
* in case of incorrect validation of a response (e.g. OTP) the message `FudiscrInvalidResponse` is written to the AuthenticationErrorContext` | * in case of incorrect validation of a response (e.g. OTP) the message ''FudiscrInvalidResponse'' is written to the ''AuthenticationErrorContext'' |
* ''login-error.vm'' is included by ''insert-response.vm'' | * ''login-error.vm'' is included by ''insert-response.vm'' |
* ''fudiscr.UserHasAnyTokenPredicate'': Predicate tests if a user owns any token, no matter in which state. | * ''fudiscr.UserHasAnyTokenPredicate'': Predicate tests if a user owns any token, no matter in which state. |
* WebAuthn is supported | * WebAuthn is supported |
* ''main.vm'' and ''insert-response.vm'' were changed | * ''main.vm'' and ''insert-response.vm'' were changed |
* Important bugfix: Due to missing ''@NameParameter'' annotation in ''ChallengeResponseTokenIdPrincipal'' the serializer from ''postconfig.xml'' could not be assigned. This had an effect on all principal serializers. Randomly different serializers were used. | * Important bugfix: Due to missing ''@NameParameter'' annotation in ''ChallengeResponseTokenIdPrincipal'' a serializer could not be assigned. This had an effect on all principal serializers. Randomly different serializers were used. |
| |
===== Further resources ==== | ===== Further resources ==== |