Opened 2 years ago

Closed 23 months ago

#1086 closed enhancement (fixed)

Changes needed for supporting multiple authentication managers

Reported by: Nicklas Nordborg Owned by: Nicklas Nordborg
Priority: critical Milestone: YubiKey v1.5
Component: net.sf.basedb.yubikey Keywords:
Cc:

Description

The Yubikey extension should be updated so that it works with multiple authentication managers. See BASE ticket: http://base.thep.lu.se/ticket/2131

Change History (7)

comment:1 Changed 2 years ago by Nicklas Nordborg

(In [5143]) References #1086: Changes needed for supporting multiple authentication managers

Switch to BASE 3.14.

comment:2 Changed 2 years ago by Nicklas Nordborg

(In [5144]) References #1086: Changes needed for supporting multiple authentication managers

Updated CSS rules so that they are only active when <body data-login-form="net.sf.basedb.yubikey.login-form"> is set.

Added display name YubiKey to the login form.

comment:3 Changed 2 years ago by Nicklas Nordborg

(In [5148]) References #1086: Changes needed for supporting multiple authentication managers

The login manager now ignores login requests from other login forms.

comment:4 Changed 2 years ago by Nicklas Nordborg

(In [5150]) References #1086: Changes needed for supporting multiple authentication managers

Removed the optional "YubiKey or password" login option since it will not do what is expected if multiple authentication manages are installed. If this functionality is wanted when only the YubiKey manager is installed the server manager should enable the "Password" login that is implemented in BASE. See http://base.thep.lu.se/changeset/7536

Also changed the interpration of the 'require-yubikey' setting so that it will not allow any other login manager if enabled.

comment:5 Changed 2 years ago by Nicklas Nordborg

(In [5156]) References #1086: Changes needed for supporting multiple authentication managers

Added configuration setting for allowing other authentication methods also for user accounts that have been assigned a YubiKey.

The check and enforcement is implemented in the new YubiKeyAuthenticationManager.vetoAuthenticatedUser() method.

comment:6 Changed 23 months ago by Nicklas Nordborg

(In [5186]) References #1086: Changes needed for supporting multiple authentication managers

Updated README

comment:7 Changed 23 months ago by Nicklas Nordborg

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.