Details

    • Sprint:
      Iteration 30, Iteration 31, Iteration 32, Iteration 33, Iteration 34, Iteration 35, Iteration 36
    • Type of Documentation:
      Deployment

      Description

      Background:
      Having the ability to store and review auditing information of any MFA activities would help secure portal.
       
      Features:
      Display auditing information of any MFA activity.
       
      Steps:
      1. Enable MFA Email OTP verifier.
      2. Intentionally fail to login with a wrong Email OTP
      3. Login
      4. Go to Configuration --> Audit
      5. Verify there should be 3 entries of Email OTP verifier of that user:

      • Unsuccessful attempt: user not login yet
      • Unsuccessful attempt: wrong email otp
      • Successful attempt

      Technical Documentation Details

      • Most important class(es) and module(s) that provide the implementation for this feature
        • MFAEmailOTPAuditMessageBuilder.java and MFAEmailOTPChecker.java
      • Any specific implementation details that helps understanding how it works, hints for debugging and fixing
        • MFAEmailOTPAuditMessageBuilder is a helper class to build and send audit message, while MFAEmailOTPChecker does the actual EMail OTP verification and invokes MFAEmailOTPAuditMessageBuilder whenever a failure or success verfication happens

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              tibor.lipusz Tibor Lipusz
              Reporter:
              nora.szel Nóra Szél
              Recent user:
              Tibor Lipusz
              Participants of an Issue:
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Packages

                  Version Package
                  7.3.10 DXP GA1