14 Feb
2013
14 Feb
'13
8:11 a.m.
The two stage tokens is the underlying way it works in OAuth, I'm not saying it's
the way you intend it.
Please explain or give references.
Paul
On 13 févr. 2013, at 22:36, shouldbe q931 wrote:
On Wed, Feb 13, 2013 at 7:53 PM, Paul Libbrecht
<paul(a)hoplahup.net> wrote:
Did you say OAuth?
The socialauth library has been employed in
https://github.com/xwiki-contrib/xwiki-social-login .
Maybe this helps?
Or maybe you want the converse?
paul
I might be missing something, but I thought that OAuth was allowing a user
to use a 3rd party for authentication and initial authorization, such as
using a google account to create an account on stackoverflow, but did not
have any connection to two factor authentication where you are restricting
access to users that have a username, password and "token".
I mentioned tokens, as for this use case client certificates would not be a
workable solution, otherwise I could just put haproxy in front of xwiki and
do client certificate checks there....
>> I'm quite happy with LDAP auth, but a possible use case has arisen where
>> two factor auth (token or similar) would be required.
>>
>> Does anyone have any experiences with any two factor authentication
> methods
>> for xwiki.