Forum Discussion
How to develop a second factor authentication plugin/extension?
Hi the extension is something I am building and yes it can be run on a separate tomcat.
I was able to get to a point where I created a pool, virtual server and access policy. but kind of stuck how to configure the policy to include it.
- Ahmed_GalalNov 11, 2020Cirrostratus
for me Radius Auth is OTP server but first you need to configure Radius authentication server under APM module
- VKanwadeNov 13, 2020Nimbostratus
I am trying to build my own extension. So instead of the SSO Credential Mapping step, I have added External Logon Page. But for some reason [ACCESS::policy result] is always not_started instead of in_progress.
- Ahmed_GalalNov 15, 2020Cirrostratus
SSO credential mapping step not related to login it only take username and password that user inserted on logon page and pass it to application page so user can access application directly without entering credential again.
if you want to configure external logon page you should configure it instead of logon page in the begging but why do you want to configure external logon page??
- VKanwadeNov 19, 2020Nimbostratus
The external logon page is not actually logon page. Its a custom implementation of OTP (RSA Adaptive Authentication).
So the AD Auth actually does the authentication and then passes username to the tomcat server. The server talks to RSA AA, which tells which OTP method to use, the user finishes the OTP flow and is then redirected back to APM.
This is what I am trying to achieve.
Let me know if I am looking at this all wrong!
Thanks
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com