Changes between Version 6 and Version 7 of net.sf.basedb.yubikey/install


Ignore:
Timestamp:
Dec 6, 2018, 9:37:54 AM (5 years ago)
Author:
Nicklas Nordborg
Comment:

Documented new configuration option for #1086

Legend:

Unmodified
Added
Removed
Modified

  • net.sf.basedb.yubikey/install

    v6 v7  
    4747There are some additional configuration settings that can be made in the `yubikey.properties` file. This step is optional.
    4848
    49 || '''Setting''' || '''Description''' || '''Since''' ||
    50 || no-yubikey || Comma- or whitespace- separated list of application ids for which !YubiKey login should be disabled.[[BR]] For example, if you have installed the [wiki:net.sf.basedb.ftp FTP server] but do not want to use !YubiKey for that: [[BR]] `no-yubikey=net.sf.basedb.clients.ftp` || !YubiKey 1.1 ||
    51 || require-yubikey || Comma- or whitespace- separated list of application ids for which !YubiKey login is required.[[BR]] Users without a !YubiKey will not be able to use those clients. || !YubiKey 1.3 ||
     49==== no-yubikey (since 1.1) ====
     50Comma- or whitespace- separated list of application ids for which !YubiKey login should be disabled. For example, if you have installed the [wiki:net.sf.basedb.ftp FTP server] but do not want to use !YubiKey for that:
     51{{{
     52no-yubikey = net.sf.basedb.clients.ftp
     53}}}
     54
     55==== require-yubikey (since 1.3) ====
     56Comma- or whitespace- separated list of application ids for which !YubiKey login is required. Users without a !YubiKey will not be able to use those clients. For example, to force all users of the web client to use !YubiKey:
     57{{{
     58require-yubikey = net.sf.basedb.clients.web
     59}}}
     60
     61==== allow-other-authentication (since 1.5) ====
     62Comma- or whitespace- separated list of other authentication methods that are allowed even if a user has configured a !YubiKey. Use `*` as a wildcard for all other authentication methods (including password authentication). Examples:
     63
     64{{{
     65# Also allow password authentication even if a user has a YubiKey
     66allow-other-authentication = password
     67
     68# Allow all other authentication methods
     69allow-other-authentication = *
     70
     71# If the OTP login extension is also installed we can
     72# allow users to use either YubiKey or OTP (with or without password)
     73allow-other-authentication = otp-only otp+password
     74}}}
    5275
    5376