Jump to content
Welcome to our new Citrix community!

Conditional second factor authentication


Grega Zoubek

Recommended Posts

Hello gurus, 

 

I'd like to ask if something like following is possible:

 

We have 2FA set with radius as primary and LDAP as secondary. Customer would like users to authenticate first to 2FA and then after session timouts authenticate to LDAP only. I assume this could be achieved by nFactor where secondary RADIUS would need some condition in policy. Is it possible to insert time based persistant cookie that expires in f.ex. in 1h (form initial login) and if htis cookie is present, skip RADIUS?

 

Thanks for any thoughts.

 

G.

Link to comment
Share on other sites

1 hour ago, Sam Jacobs said:

Here is an example of setting a cookie using nFactor:

https://docs.citrix.com/en-us/citrix-adc/current-release/aaa-tm/authentication-methods/multi-factor-nfactor-authentication/set-a-cookie-using-nfactor.html

 

You should be able to use the cookie in nFactor policies to determine whether to skip RADIUS and go straight to LDAP authentication.

Thank you, Sam. This was exactly what I was looking for!

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...