Uploaded image for project: 'UY'
  1. UY
  2. UY-710

Runtime selection of credential for local authenticators

    Details

    • Type: Task
    • Status: Done
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: v2.6.0
    • Labels:
      None
    • Story Points:
      7

      Description

      Use case 1: we have users with password1 and some with password2 credentials. We want to present a single authentication option on UI for them, using the appropriate credential (as determined at authN time).

      Use case 2: we have users with password credential (local) and users with password in LDAP. We want to present a single authentication option for them, using the appropriate credential (as determined at authN time).

      To achieve this a new password verificator can be introduced: composite-password. This verificator will be compatible with all password retrievals as all other existing currently. It should be configured with a list of local passwords and list of remote verificators (configured). The behaviour should be as follows:

      • check if authenticated user is a local user and has any of the local credentials set. If yes authenticate with this credential (selecting the first one available from the list).
      • otherwise try authenticating one by one with remove verificators.

      Note for testing: currently for remote password verificators we can have LDAP and PAM

        Attachments

          Activity

            People

            • Assignee:
              piotrpiernik Piotr Piernik
              Reporter:
              golbi Krzysztof Benedyczak
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: