[RADIATOR] Combining AuthBy ldap2 and AuthBy yubikeysql
jm
jeffm at ghostgun.com
Wed Nov 16 16:24:38 CST 2011
I'm currently evaluating Radiator to see how suitable it is as a two
factor authentication mechanism. The current test, that I'm stuck on,
is to authenticate a two factor password ( given in the form static:otp
to the server) against two different sources. The static part against an
ldap server that already exists and the dynamic OTP part against the
mysql back end. So far. I've been able to,
1) auth the yubikeys against a mysql database using AuthBy YUBIKEY.
2) auth static:yubikey against a mysql database using AuthBy YUBIKEY.
3) auth a static only password against ldap using ServerChecksPassword
using AuthBy LDAP2
When it comes to attempting an AuthBy LDAP2 followed by an AuthBy
YUBIKEY I can't see anything in the documentation anything about how to
split the password into parts. I found TranslatePasswordHook but this
seem to be predicate on the password being in the ldap database rather
than being called before the bind attempt. Is there a command or a hook
I can use on a per AuthBy basis to split the password?
Jeff.
More information about the radiator
mailing list