[Freeipa-devel] [PATCH 0057] Add TOTP watermark support
Martin Kosek
mkosek at redhat.com
Fri Jul 25 08:48:15 UTC 2014
On 07/25/2014 10:24 AM, Alexander Bokovoy wrote:
> On Fri, 11 Jul 2014, Nathaniel McCallum wrote:
>> This prevents the reuse of TOTP tokens by recording the last token
>> interval that was used. This will be replicated as normal. However,
>> this patch does not increase the number of writes to the database
>> in the standard authentication case. This is because it also
>> eliminates an unnecessary write during authentication. Hence, this
>> patch should be write-load neutral with the existing code.
>>
>> Further performance enhancement is desired, but is outside the
>> scope of this patch.
>>
>> https://fedorahosted.org/freeipa/ticket/4410
> ACK. I've tested it with successive LDAP binds with TOTP token and only
> first attempt to bind was successful with the same TOTP code.
>
Thanks!
Pushed to:
master: d3638438fce1a9d1e07c2be3b8f43befb07a6b40
ipa-4-1: d3638438fce1a9d1e07c2be3b8f43befb07a6b40
ipa-4-0: b7c0c9335a5a0f88243b63bb26d6349444e6ed19
Martin
More information about the Freeipa-devel
mailing list