[RADIATOR] Slow Auth process
misanthrope at sapo.pt
misanthrope at sapo.pt
Wed Apr 27 11:10:17 UTC 2022
Hello,
Trying to implement a MFA with offband token validation.
The validation phase, between receiving a SMS, opening the web page
and clicking the validation link, can take from a couple of seconds to
30s where the radius auth process is waiting to either ACCEPT or REJECT.
So, the solutions to allow for other authentications to happen at the
same time are:
1. we set a FarmSize other than 0, but we break the use of Context and
so multiple auth methods stop working, or
2. we Fork the authentication process where the validation happens
(AuthBy SMSToken)
The last seems to be the best solution but we can't seem to get it
working properly. On IGNORE the authentication continues and the
clients end up getting an ACCEPT. The SMSToken continues on the
background but to no use.
The configuration is:
<Handler ...>
AuthByPolicy ContinueUntilReject
<AuthBy GROUP>
AuthByPolicy ContinueUntilAccept
AuthBy NTLM_DOM_A
AuthBy NTLM_DOM_B
AuthBy NTLM_DOM_C
</AuthBy>
AuthBy SMSToken
AuthBy DynPool_this
</Handler>
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20220427/5e4b49de/attachment.html>
More information about the radiator
mailing list