Changes between Version 3 and Version 4 of net.sf.basedb.otp/install


Ignore:
Timestamp:
Dec 6, 2018, 11:15:12 AM (23 months ago)
Author:
Nicklas Nordborg
Comment:

Documented new configuration option for #1087

Legend:

Unmodified
Added
Removed
Modified
  • net.sf.basedb.otp/install

    v3 v4  
    5959== Additional configuration settings ==
    6060
    61 There are some additional configuration settings that can be made in the `base-otp.properties` file. This step is optional.
     61There are some additional configuration settings that can be made in the `base-otp.properties` file. This step is optional. If you are installing multiple login managers on the same system you probably want to check the value for the `allow-other-authentication` setting. The authentication methods published by this extension are named `otp-only` and `otp+password`. You may need this when configuring the other login managers.
    6262
    63 || '''Setting''' || '''Description''' || '''Since''' ||
    64 || login-method || Set the value to `otp-password` (the default) to require users to specify [[BR]]both the password and an OTP or to `otp-only` to only use an OTP. || 1.0 ||
    65 || no-otp || Comma- or whitespace- separated list of application ids for which OTP login should be disabled.[[BR]] For example, if you have installed the [wiki:net.sf.basedb.ftp FTP server] but do not want to use OTP for that: [[BR]] `no-otp=net.sf.basedb.clients.ftp` || 1.0 ||
    66 || require-otp || Comma- or whitespace- separated list of application ids for which OTP login is required.[[BR]] Users that has not configured OTP login will not be able to use those clients. || 1.0 ||
     63'''Note! Since version 1.2 changes to the configuration file are automatically detected and applied. There is no longer any need to re-start the server.'''
    6764
     65==== login-method ====
     66Set the value to `otp+password` (the default) to require users to specify both the password and an OTP or to `otp-only` to only use an OTP.
    6867
     68==== no-otp ====
     69Comma- or whitespace- separated list of application ids for which OTP login should be disabled. For example, if you have installed the [wiki:net.sf.basedb.ftp FTP server] but do not want to use OTP for that:
     70{{{
     71no-otp = net.sf.basedb.clients.ftp
     72}}}
     73
     74==== require-otp ====
     75Comma- or whitespace- separated list of application ids for which OTP login is required. Users that has not configured OTP login will not be able to use those clients. For example, to force all users of the web client to use OTP:
     76{{{
     77require-otp = net.sf.basedb.clients.web
     78}}}
     79
     80==== allow-other-authentication (since 1.2) ====
     81Comma- or whitespace- separated list of other authentication methods that are allowed even if a user has configured OTP. Use `*` as a wildcard for all other authentication methods (including password authentication). Examples:
     82
     83{{{
     84# Also allow password authentication even if a user has OTP
     85allow-other-authentication = password
     86
     87# Allow all other authentication methods
     88allow-other-authentication = *
     89
     90# If the YubiKey login extension is also installed we can
     91# allow users to use either OTP or YubiKey
     92allow-other-authentication = yubikey
     93}}}