Releases: MultifactorLab/MultiFactor.Radius.Adapter
Releases · MultifactorLab/MultiFactor.Radius.Adapter
1.0.176
Release 10.01.2023 | LDAP error handling
Bugfixes
- Fixed: the LDAP request error was parsed incorrectly in case of 773 code (user must change password). Because of this the AccessChallenge response to change the password was not generated.
1.0.173
Release 22.12.2022 | Authenticated Client Cache
Bugfixes
- Fixed: The cache was not activated correctly in case of challenge request.
1.0.170
Bump Newtonsoft.Json in /MultiFactor.Radius.Adapter (#18) Bumps [Newtonsoft.Json](https://github.com/JamesNK/Newtonsoft.Json) from 13.0.1 to 13.0.2. - [Release notes](https://github.com/JamesNK/Newtonsoft.Json/releases) - [Commits](https://github.com/JamesNK/Newtonsoft.Json/compare/13.0.1...13.0.2)
1.0.167
Release 07.12.2022 | First factor memberchip checking Membership check logic has been changed.
1.0.164
Release 24.11.2022 | Authenticated client cache
In this release we added a caching subsystem for clients successfully authenticated with the second factor.
Repeated requests for these clients within a given period of time will be ACCEPTED without requesting a second factor.
The request whose parameters (from the list below) match the previous request is a REPEATED REQUEST.
Request parameters:
- client configuration frendly name;
- calling-station-id (if defined) or Remote Host;
- username.
To activate caching functionality you need to specify the following setting in the client's configuration file ('clients' directory):
<add key="authentication-cache-lifetime" value="LIFETIME_VALUE" />
Examples:
<add key="authentication-cache-lifetime" value="00:00:00" /> - cache is OFF (by default).
<add key="authentication-cache-lifetime" value="00:00:20" /> - repeated requests will be accepted without second factor within 20 seconds.
<add key="authentication-cache-lifetime" value="01:20:10" /> - repeated requests will be accepted without second factor within 1 hour 20 minutes 10 seconds.
1.0.161
Release 02.11.2022 | PCI DSS: reject delay This release added custom delay functionality. Now you can customize the behavior of the Radius Adapter in case of AccessReject response: - return response immediately (default behavior); - return response with a constant delay; - return response with a random (within range) delay. To activate custom delay functionality you need to specify the following setting in the root (the whole service level) configuration file: <add key="invalid-credential-delay" value="DELAY_VALUE" /> Examples: <add key="invalid-credential-delay" value="0" /> - delay mode is OFF (by default). <add key="invalid-credential-delay" value="3" /> - AccessReject response will be returned after a 3 seconds delay. <add key="invalid-credential-delay" value="2-6" /> - in this case the delay will have a random value between 2 and 6 (including range limits).
1.0.158
Release 27.10.2022 | GEO info This release adds geolocation information in the AccessAccepted log event. Now it will be known who confirmed the second factor and from where. Geolocation information will be available only if the 'Calling-Station-Id' attribute contains the correct IP address.
1.0.153
Release 24.10.2022 | Logging subsystem improvements
1. Added correlation identifier (CID) for user's authentication/authorization requests.
2. Added new log property 'CorrelationId'. To render it in logs you can use output templates settings (see information below). Property value format: "ConfigName-N". "ConfigName" is a frendly name of the connected client configuration and "N" is a counter that resets every day at 00:00 or every time the application is restarted.
3. Added root (the whole service level) log output template settings: syslog-output-template, file-log-output-template, console-log-output-template. If any of the settings are not specified, the default values are used.
Custom templates examples:
[{Timestamp:HH:mm:ss} {Level:u3}] {Message:lj}{NewLine}{Exception}
[{Timestamp:HH:mm:ss} {Level:u3}] {CorrelationId} {Message:lj}{NewLine}{Exception}
{Timestamp:yyyy-MM-dd HH:mm:ss.fff zzz} [{Level:u3}] {CorrelationId}{Message:lj}{NewLine}{Exception}
More information about log formatting: https://github.com/serilog/serilog/wiki/Formatting-Output
4. Custom new lines have been removed from the application logs. But Serilog adds exception info new line ({NewLine}) by default. You can modify this behavior (see information above).
5. Added additional information to the WARNING and ERROR events for Multifactor API calls: username, host, port.
1.0.150
removed root sign-up-groups settings
1.0.148
- added Sign-Up Groups feature.