Google Authenticator Authentication

Google Authenticator generates 2-step verification codes on your phone. With 2-step verification signing in will require a code generated by the Google Authenticator app in addition to primary authentication.

Learn more about the topic here.

Support is enabled by including the following module in the overlay:

1
2
3
4
5
<dependency>
     <groupId>org.apereo.cas</groupId>
     <artifactId>cas-server-support-gauth</artifactId>
     <version>${cas.version}</version>
</dependency>

Configuration

To see the relevant list of CAS properties, please review this guide.

Registration

By defaults, an account registry implementation is included that collects user device registration and saves them into memory. This option should only be used for demo and testing purposes. Production deployments of this feature will require a separate implementation of the registry that is capable to register accounts into persistent storage.

JPA

Registration records may be kept inside a database instance, via the following module:

1
2
3
4
5
<dependency>
     <groupId>org.apereo.cas</groupId>
     <artifactId>cas-server-support-gauth-jpa</artifactId>
     <version>${cas.version}</version>
</dependency>

To learn how to configure database drivers, please see this guide.

MongoDb

Registration records may be kept inside a mongo db instance, via the following module:

1
2
3
4
5
<dependency>
     <groupId>org.apereo.cas</groupId>
     <artifactId>cas-server-support-gauth-mongo</artifactId>
     <version>${cas.version}</version>
</dependency>