Follow the instructions given here to try out multi-factor authentication.
Pickup wants to enhance the security standards by introducing a second level of authentication when users sign in to applications. Multi-factor authentication (MFA) is enabled in WSO2 Identity Server using the following factors:
- First factor: username/password
- Second factor: HARDWARE KEY
Let's use the command-line to check the MFA functionality.
Before you begin, do the following:
- Install WSO2 Identity Server.
Deploy the sample authenticator dependency and its web application in WSO2 Identity Server.
- Stop the Identity Server if already running.
- Download the org.wso2.carbon.identity.sample.extension.authenticator.jar file and copy it to the
Download the sample-auth.war file and copy it to the
.warfile contains the WEB UI for the sample authenticators used in this tutorial.
deployment.tomlfile in the
<IS_HOME>/repository/conffolder and add the following configuration:
[[resource.access_control]] context = "(.*)/sample-auth/(.*)" secure = false http_method = "all"
Start WSO2 Identity Server.
Run the sample scenario¶
Let's run the sample applications Pickup-Dispatch and Pickup-Manager.
Follow the instructions on setting up the samples.
A message appears to pick a scenario.
3as the scenario number at the command prompt.
yto confirm that you have already done the following steps.
Try it out¶
Let's access the Pickup-Dispatch application and proceed to sign in.
http://localhost:8080/saml2-web-app-pickup-dispatch.comURL to your web browser to access the Pickup-Dispatch application.
Click Log in to access the first authentication step provided by WSO2 Identity Server.
Enter either of the following credentials to sign in to the application:
Manager --> Username: cameron | Password: cameron123 Employee --> Username: alex | Password: alex123
The HARDWARE KEY login page appears as HARDWARE KEY is the second authentication factor.
Enter the DEMO key that appears in the browser and click Sign In.
After successful authentication, the User Consent page of the Pickup-Dispatch application appears.
Select the attributes you agree to share with the Pickup-Dispatch application and click Continue.
Obtaining user consent is a fundamental requirement of the General Data Protection Regulation (GDPR). WSO2 Identity Server facilitates this through its Consent Management features. To learn more about GDPR and how WSO2 Identity Server handles consent, see Consent Management.
Note that the Pickup-Dispatch application home screen appears.
To try out other scenarios, navigate back to the command-line where you ran the quickstart sample and enter
y to clean the setup.