[Freeipa-devel] [PATCHES 0089-0093] Authentication Indicators
Nathaniel McCallum
npmccallum at redhat.com
Wed May 4 21:33:55 UTC 2016
This series of patches implements authentication indicator insertion,
evaluation and management in FreeIPA. Besides these patches, two other
patches are needed to round out support.
First, we need a UI patch: https://fedorahosted.org/freeipa/ticket/5872
Second, we need a SSSD patch to handle the new case where multiple
responders are set (when either 1FA or 2FA can be used).
Please note that the last patch in this series (0093) is untested and
simply represents my desire to get these patches off of my hard disk
before I take a long weekend. This patch also requires mrogers' patch
0001 (already merged to master).
Also worthy of note is the need for an OID for the authentication
control. Hopefully Simo can assign this after we agree that this
control method is sufficient. One question I had was whether or not it
would be possible to send the control only on UNIX sockets (0089;
report_auth_method()).
Please review the approaches taken here. I plan to hit this hard on
Monday.
Nathaniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0093-Enable-managing-authentication-indicators-on-service.patch
Type: text/x-patch
Size: 5716 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160504/0c4c0003/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0092-Enable-authentication-indicators-for-OTP-and-RADIUS.patch
Type: text/x-patch
Size: 1941 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160504/0c4c0003/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0091-Return-password-only-preauth-if-passwords-are-allowe.patch
Type: text/x-patch
Size: 1631 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160504/0c4c0003/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0090-Validate-the-auth-method-control-in-ipa-otpd.patch
Type: text/x-patch
Size: 3113 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160504/0c4c0003/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-npmccallum-0089-Return-an-LDAP-control-indicating-the-auth-method.patch
Type: text/x-patch
Size: 5418 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160504/0c4c0003/attachment-0004.bin>
More information about the Freeipa-devel
mailing list