cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jānis Andersons | Files.fm / Failiem.lv <anders...@files.fm>
Subject Re: two factor authentication
Date Thu, 06 Apr 2017 13:43:29 GMT
I tried that, but only thing is that users still can login using "local 
login"

JA

On 06/04/2017 16:11, Simon Weller wrote:
> So, could you use the existing auth plugins and then use a broker such as keycloak to
manage your dual factor?
>
> Here's a good article on the saml plugin:
> http://www.shapeblue.com/saml2-cloudstack/
>
> - Si
>
> Simon Weller/615-312-6068
>
> -----Original Message-----
> From: Jānis Andersons | Files.fm / Failiem.lv [andersons@files.fm]
> Received: Thursday, 06 Apr 2017, 8:06AM
> To: users@cloudstack.apache.org [users@cloudstack.apache.org]
> Subject: Re: two factor authentication
>
> Well its the only one that I could find in google. I wrote them an
> email, but haven't received any response .
> And it was compiled against libraries from CloudStack 3.0.2
>
> And there is no information about two factor authentication except WikID
> plugin.
>
> I looked around cloudstack code and found ../cloud.core.callbacks.js and
> as I understand I have to set global variable g_loginResponse to the
> JSON response.
> And then ../CloudStack.js    will check the session, to bypass login screen.
> Will try this, but I doubt that I will get it to work.
>
> JA
>
> On 06/04/2017 15:27, Rafael Weingärtner wrote:
>> I have never heard of this plugin before. Have you tried to get some help
>> on that plugin community?
>> It does not say for which version of ACS it requires.
>>
>> Just for clarification, did you try to login before using the plugin? Did
>> it work?
>>
>>
>> On Thu, Apr 6, 2017 at 6:58 AM, Jānis Andersons | Files.fm / Failiem.lv <
>> andersons@files.fm> wrote:
>>
>>> As I didn't got any response and couldn't set up wikid for ACS 4.8.0 2fa,
>>> I figure out, that I can try to login with api, for example:
>>> (...8080/client/api.jsp), set session parameters, after everything is ok
>>> and redirect to ...8080/client/
>>>
>>> When login with API, I get response : "User: admin in domain 1 has
>>> successfully logged in" and after redirect all session parameters are still
>>> ok.
>>>
>>> But everithing fails on:
>>> ===START===  192.168.0.252 -- GET command=listCapabilities&respo
>>> nse=json&_=1491408768692
>>> 2017-04-05 19:12:43,686 ERROR [c.c.a.ApiServlet]
>>> (catalina-exec-15:ctx-6d580ae4) (logid:d7f0e94b) unknown exception
>>> writing api response
>>>
>>> The same happens without redirecting and retrieving session parameters on
>>> 8080/client/index.jsp
>>>
>>> Still would appreciate any info about two factor authentication.
>>>
>>> JA
>>>
>>>
>>> On 03/04/2017 18:37, andersons@files.fm wrote:
>>>
>>>> Hi,
>>>>
>>>> Has anyone have some tips how to implement two factor authentication in
>>>> ACS 4.8.0?
>>>> I have looked at this: https://www.wikidsystems.com/s
>>>> upport/how-to/how-to-add-wikid-two-factor-authentication-to-
>>>> cloudstack-manager/
>>>> But it seems to bee for older version, I guess.
>>>> Also I have considered to change GUI, but I don't think that wold be a
>>>> good idea.
>>>>
>>>>
>


Mime
View raw message