Allow multiple MFA types

  • sentrypress

    (@sentrypress)


    3 months, 1 week ago

    Your plugin has been working flawlessly until recently some of our remote users have been migrating away from a username/password to “Windows Hello” and receiving login errors.

    Is there a way to allow multiple (or all) MFA types?

    Thank you in advance!

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Support Scott Buscemi

    (@swb1192)

    3 months, 1 week ago

    Hi, we have a patch in progress that may allow for this. https://github.com/pantheon-systems/wp-saml-auth/pull/433

    We’re expecting a new version to be released soon. You may choose to test this pre-release PR and add the filter to see if it resolves your issue.

    Thread Starter sentrypress

    (@sentrypress)

    3 months, 1 week ago

    Ok thank you Scott!

    Is there a date in mind for the next official release?

    Plugin Support Scott Buscemi

    (@swb1192)

    3 months, 1 week ago

    No promises, but we’re shooting for the next 1-2 weeks.

    Thread Starter sentrypress

    (@sentrypress)

    2 months, 2 weeks ago

    Hi Scott,

    Has the new version been released?

    Thank you!

    Plugin Contributor Anais Pantheor

    (@anaispantheor)

    2 months, 2 weeks ago

    Hello, we will be releasing it in the next few days. Thank you for your patience.

    Plugin Contributor Anais Pantheor

    (@anaispantheor)

    2 months, 2 weeks ago

    Hello @sentrypress, the update has been released. Please let us know if this improve your experience with the plugin.

    Thread Starter sentrypress

    (@sentrypress)

    2 months ago

    Hello,

    We upgraded to your latest release and the end-users authenticating with “Windows Hello” are still seeing this same error message as before we upgraded. Please advise. Thanks in advance!

    Plugin Contributor Anais Pantheor

    (@anaispantheor)

    2 months ago

    Hi @sentrypress, thank you for the update.
    Would you mind first confirming that you have added the following filter? Without it set up, the problem will persist.

    readme.txt
    If you’re using the OneLogin connection type and need to modify the internal_config (e.g. to set requestedAuthnContext to false), you can use the wp_saml_auth_internal_config filter:

    /**
 * Modify the OneLogin SAML configuration.
 */
add_filter( 'wp_saml_auth_internal_config', function( $config ) {
    $config['security'] = array(
        'requestedAuthnContext' => false,
    );
    return $config;
} );

    Hopefully, this should be enough to fix the sso error.

    Thread Starter sentrypress

    (@sentrypress)

    2 months ago

    Hi Anais,

    Can you reply with specific directions on how to add this filter? Up until now I’d only been using the WordPress backend for configuration.

    Thank you!

    Plugin Contributor Anais Pantheor

    (@anaispantheor)

    2 months ago

    @sentrypress, find this excerpt from the readme.txt about installing the filter.

    Where to add configuration code: When using the filter-based configuration approach, add your code to a location that loads before the plugin initializes. You can create a custom must-use plugin or add the code to your theme’s functions.php file (note: theme-based configuration will need to be migrated if you switch themes).

Viewing 10 replies - 1 through 10 (of 10 total)

You must be logged in to reply to this topic.