Opened 5 years ago

Closed 5 years ago

#1086 closed enhancement (fixed)

Changes needed for supporting multiple authentication managers

Reported by: Nicklas Nordborg Owned by: Nicklas Nordborg
Priority: critical Milestone: YubiKey v1.5
Component: net.sf.basedb.yubikey Keywords:
Cc:

Description

The Yubikey extension should be updated so that it works with multiple authentication managers. See BASE ticket: http://base.thep.lu.se/ticket/2131

Change History (7)

comment:1 by Nicklas Nordborg, 5 years ago

(In [5143]) References #1086: Changes needed for supporting multiple authentication managers

Switch to BASE 3.14.

comment:2 by Nicklas Nordborg, 5 years ago

(In [5144]) References #1086: Changes needed for supporting multiple authentication managers

Updated CSS rules so that they are only active when <body data-login-form="net.sf.basedb.yubikey.login-form"> is set.

Added display name YubiKey to the login form.

comment:3 by Nicklas Nordborg, 5 years ago

(In [5148]) References #1086: Changes needed for supporting multiple authentication managers

The login manager now ignores login requests from other login forms.

comment:4 by Nicklas Nordborg, 5 years ago

(In [5150]) References #1086: Changes needed for supporting multiple authentication managers

Removed the optional "YubiKey or password" login option since it will not do what is expected if multiple authentication manages are installed. If this functionality is wanted when only the YubiKey manager is installed the server manager should enable the "Password" login that is implemented in BASE. See http://base.thep.lu.se/changeset/7536

Also changed the interpration of the 'require-yubikey' setting so that it will not allow any other login manager if enabled.

comment:5 by Nicklas Nordborg, 5 years ago

(In [5156]) References #1086: Changes needed for supporting multiple authentication managers

Added configuration setting for allowing other authentication methods also for user accounts that have been assigned a YubiKey.

The check and enforcement is implemented in the new YubiKeyAuthenticationManager.vetoAuthenticatedUser() method.

comment:6 by Nicklas Nordborg, 5 years ago

(In [5186]) References #1086: Changes needed for supporting multiple authentication managers

Updated README

comment:7 by Nicklas Nordborg, 5 years ago

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.