Opened 2 years ago

Closed 23 months ago

#1087 closed enhancement (fixed)

Changes needed for supporting multiple authentication managers

Reported by: Nicklas Nordborg Owned by: Nicklas Nordborg
Priority: critical Milestone: OTP login v1.2
Component: net.sf.basedb.otp Keywords:
Cc:

Description

The OTP extension should be updated so that it works with multiple authentication managers. See BASE ticket: ​http://base.thep.lu.se/ticket/2131

Change History (8)

comment:1 Changed 2 years ago by Nicklas Nordborg

(In [5145]) References #1087: Changes needed for supporting multiple authentication managers

Switch to BASE 3.14.

comment:2 Changed 2 years ago by Nicklas Nordborg

(In [5146]) References #1087: Changes needed for supporting multiple authentication managers

Updated CSS rules and script so that they are only active when <body data-login-form="net.sf.basedb.otp.login-form"> is set.

Added display name OTP to the login form.

comment:3 Changed 2 years ago by Nicklas Nordborg

(In [5147]) References #1087: Changes needed for supporting multiple authentication managers

The login manager now ignores login requests from other login forms.

comment:4 Changed 2 years ago by Nicklas Nordborg

(In [5151]) References #1087: Changes needed for supporting multiple authentication managers

Removed the optional "OTP or password" login option since it will not do what is expected if multiple authentication manages are installed. If this functionality is wanted when only the !OTP manager is installed the server manager should enable the "Password" login that is implemented in BASE. See http://base.thep.lu.se/changeset/7536

Also changed the interpration of the 'require-otp' setting so that it will not allow any other login manager if enabled.

comment:5 Changed 2 years ago by Nicklas Nordborg

(In [5153]) References #1087: Changes needed for supporting multiple authentication managers

The OTP setup now uses the 'login-form' attribute with value 'net.sf.basedb.otp.otp-setup' to trigger the setup login manager.

The returned authentication method has been changed to 'password' (from 'otp+password') since the OTP used in the setup is not really used for authentication.

comment:6 Changed 2 years ago by Nicklas Nordborg

(In [5157]) References #1087: Changes needed for supporting multiple authentication managers

Added configuration setting for allowing other authentication methods also for user accounts that have been configured to use OTP.

The check and enforcement is implemented in the new OtpAuthenticationManager.vetoAuthenticatedUser() method.

comment:7 Changed 23 months ago by Nicklas Nordborg

(In [5187]) References #1087: Changes needed for supporting multiple authentication managers

Updated README

comment:8 Changed 23 months ago by Nicklas Nordborg

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.