Hello there!

Need Help? We are right here!

miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Two-Factor Authentication (2FA/MFA) for CAS


CAS provides a secure application access and data protection solutions offered by CAS to access corporate data, applications and virtual desktops anytime, anywhere. It consolidates remote access solutions with a diverse Identity and Access Management capabilities to deliver a unified experience across all applications.

Enable miniOrange MFA for External RADIUS Servers


MFA 2FA two-factor authentication for CAS

  • Primary authentication initiates when the user enters the credentials in order to access the application.
  • An authentication request is sent to miniOrange by the application.
  • Based on the authentication request miniOrange sends the RADIUS Request to the external RADIUS Server (in this case CAS) to validate the intial request.
  • Once the user's first level of authentication gets validated, the RADIUS Server will then send RADIUS Response to miniOrange.
  • Then, miniOrange asks for the 2-factor authentication challenge to the user.
  • User submits the response/code based on the second factor method selected.
  • The user response (or second factor) is validated in miniOrange.
  • On successful 2nd factor authentication the user is granted access to the application.

What are different 2FA/MFA methods for CAS supported by miniOrange?

miniOrange provides 15+ 2FA/MFA authentication methods for CAS: OTP over SMS-Email, Push Notification, Software Token, Google / Microsoft Authenticator etc. You can opt for any of the 2FA methods to secure your CAS. To integrate 2FA, you can enable RADIUS authentication in CAS and configure policies in miniOrange to enable or disable 2FA for users.


Connect with any External Directories


miniOrange provides user authentication from various external directories such as miniOrange Directory, Microsoft AD, Azure Active Directory/LDAP, AWS Cognito and many more.

Can't find your Directory? Contact us on idpsupport@xecurify.com



Enable Two-Factor Authentication (2FA)/MFA for CAS as RADIUS Server to extend security level.

1. Add CAS as External RADIUS Server

  • Login to miniOrange Admin Console.
  • From the dashboard navigation select User Store >> Add User Store.
  • CAS Two-Factor Authentication 2FA User Store

  • Select User Store type as Radius.
  • Enter your Server Name.
  • Enter Server Host or Host IP Address.
  • Enter Server Port.
  • Enter Shared Secret.
  • CAS Two-Factor Authentication 2FA Configure as RADIUS Server

  • Click Save.

2. Configure 2FA for CAS

2.1: Enable 2FA for Users of CAS app

  • To enable 2FA for Users of CAS application. Go to Policies >> App Authentication Policy
  • Click on Edit against the configured application.
  • Two factor-authentication for CAS | Two Factor Authentication configure 2fa of application

  • Enable the Enable 2-Factor Authentication (MFA) option.
  • Two factor-authentication for CAS | Two Factor Authentication enable 2fa

  • Click on Save.

2.2: Configure 2FA for your Endusers

  • To enable 2FA/MFA for CAS endusers, go to 2-Factor Authentication >> 2FA Options For EndUsers.
  • Select default Two-Factor authentication method for end users. Also, you can select particular 2FA methods, which you want to show on the end users dashboard.
  • Once Done with the settings, click on Save to configure your 2FA settings.
  • MFA/Two-Factor Authentication(2FA) for CAS  Configure 2FA Panel

2.3: Enduser 2FA Setup

  • Login to End-User Dashboard using end user login URL.
    • For Cloud Version: The login URL (branding url) which you have set.
    • For On-Premise version: The login URL will be the same as of Admin Login URL.
  • Select Setup 2FA from left panel. Then select any of the 2FA method available.
  • For now, we have selected the SMS >> OTP OVER SMS as our 2FA method. You can explore the guide to setup other 2FA methods here.
  • Enable the OTP over SMS if you have your phone number added under your profile section else click on Edit button.
  • MFA/Two-Factor Authentication(2FA) for CAS  Configure 2FA Panel

  • Enter you Phone Number along with the necessary country code and click on the SAVE button.
  • MFA/Two-Factor Authentication(2FA) for CAS  Configure Second Factor-SMS(Enter Mobile Number)



Want To Schedule A Demo?

Request a Demo
  


Our Other Identity & Access Management Products