[Freeipa-devel] [PATCHES 0089-0093] Authentication Indicators
Sumit Bose
sbose at redhat.com
Fri May 6 12:44:44 UTC 2016
On Wed, May 04, 2016 at 05:33:55PM -0400, Nathaniel McCallum wrote:
> This series of patches implements authentication indicator insertion,
> evaluation and management in FreeIPA. Besides these patches, two other
> patches are needed to round out support.
>
> First, we need a UI patch: https://fedorahosted.org/freeipa/ticket/5872
>
> Second, we need a SSSD patch to handle the new case where multiple
> responders are set (when either 1FA or 2FA can be used).
I've already some initial work done here and will continue with your
patches.
>
> Please note that the last patch in this series (0093) is untested and
> simply represents my desire to get these patches off of my hard disk
> before I take a long weekend. This patch also requires mrogers' patch
> 0001 (already merged to master).
>
> Also worthy of note is the need for an OID for the authentication
> control. Hopefully Simo can assign this after we agree that this
> control method is sufficient. One question I had was whether or not it
> would be possible to send the control only on UNIX sockets (0089;
> report_auth_method()).
>
> Please review the approaches taken here. I plan to hit this hard on
> Monday.
I'm on a conference next week and currently busy preparing my
presentation. I will give you feedback in the following week.
bye,
Sumit
>
> Nathaniel
More information about the Freeipa-devel
mailing list