Get Started!

˂ Return to FAQ

Duo Security MFA – How to Configure in XTAM

If you are already a user of Duo Security Multi-factor or Two-factor authentication and would like to configure XTAM to use Duo, then please perform the following steps. Please note that you will need to be able to access and modify files on the XTAM host computer. Contact your XTAM System Administrator for assistance.

Pre-requisite: XTAM must be deployed with and configured to use its Federated Sign-In component in order to integrate with multi-factor authentication providers.

The XTAM integration with Duo does not use the native Duo user directory; Duo Directory Sync is required. User accounts are first authenticated against XTAM (using AD or Local users) and then the second authentication is done solely through Duo.

1

Log on to the XTAM host computer.

2

Open the file $XTAM_HOME/web/conf/catalina.properties

3

Uncomment the following line:

#cas.authn.mfa.globalProviderId=mfa-duo
4

Edit the following lines by replacing the bolded values with your specific Duo configuration parameters:

cas.authn.mfa.duo[0].duoSecretKey=duoSecretKey
cas.authn.mfa.duo[0].duoApplicationKey=duoApplicationKey|duoSecretKey
cas.authn.mfa.duo[0].duoIntegrationKey=duoIntegrationKey
cas.authn.mfa.duo[0].duoApiHost=duoApiHost

Use your same Duo Secret Key for both the cas.authn.mfa.duo[0].duoSecretKey= and cas.authn.mfa.duo[0].duoApplicationKey= parameters in the above configuration.

5

When complete, save and close this file.

6

Restart the service PamManagement

Once configured, refer to the following FAQ article Duo Security MFA – How to Login to Xton Access Manager as a User for steps on how to use Duo MFA with XTAM from an end user’s perspective.

 
 

Copyright © 2018 Xton Technologies, LLC. All rights reserved.