dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0546303dac
lemonldap-ng/doc/pages/documentation/current/sfextra.html
Xavier 39c968b215 Update doc
2019-09-23 22:41:16 +02:00

147 lines
6.5 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:sfextra</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,sfextra"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="sfextra.html"/>
<link rel="contents" href="sfextra.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:sfextra","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery-ui/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="additional_second_factors">Additional Second Factors</h1>
<div class="level1">
<p>
Starting with version 2.0.6, LemonLDAP::NG lets you configure multiple instances of second factor authentication modules, in a manner similar to the <a href="authcombination.html" class="wikilink1" title="documentation:2.0:authcombination">Combination module</a>.
</p>
<p>
Only the following Second Factor modules are compatible with this feature:
</p>
<ul>
<li class="level1"><div class="li"> <a href="mail2f.html" class="wikilink1" title="documentation:2.0:mail2f">E-Mail</a></div>
</li>
<li class="level1"><div class="li"> <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">External</a></div>
</li>
<li class="level1"><div class="li"> <a href="rest2f.html" class="wikilink1" title="documentation:2.0:rest2f">REST</a></div>
</li>
</ul>
<p>
Using this option, lets you give your users a wider range of possible second factors. They could decide between using their work email or home email. And as an administrator you may now plug in more than one Second Factor solution through <a href="rest2f.html" class="wikilink1" title="documentation:2.0:rest2f">REST</a> or <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">external commands</a>.
</p>
</div>
<!-- EDIT1 SECTION "Additional Second Factors" [1-671] -->
<h2 class="sectionedit2" id="configuration">Configuration</h2>
<div class="level2">
<p>
You can find the configuration for this feature in <code>General parameters</code> » <code>Second factors</code> » <code>Additional second factors</code>
</p>
<ul>
<li class="level1"><div class="li"> <code>Name</code>: the technical name of this second factor, it should be all lowercase, and it is used as a sort key when second factors are displayed to the user</div>
</li>
<li class="level1"><div class="li"> <code>Type</code>: what type of second factor you want to use</div>
</li>
<li class="level1"><div class="li"> <code>Rule</code>: If you leave this field empty, this second factor will always be enabled. You may use a perl expression to decide when this second factor is available. </div>
<ul>
<li class="level2"><div class="li"> <code>$homeMail</code> : this second factor will only trigger if the <code>$homeMail</code> session key exists</div>
</li>
<li class="level2"><div class="li"> <code>defined $hGroups{&#039;admin&#039;}</code> : this second factor will only trigger if the user is in the <code>admin</code> group</div>
</li>
</ul>
</li>
</ul>
<p>
After adding your second factors, don&#039;t forget to add overload parameters to them. You usually should at least give them different logos so that the user can tell the difference between two second factors of the same type.
</p>
<p>
See the <a href="parameterlist.html" class="wikilink1" title="documentation:2.0:parameterlist">parameters list</a> page for a full list of parameters you may overload. Here are the most useful ones:
</p>
<ul>
<li class="level1"><div class="li"> E-Mail</div>
<ul>
<li class="level3"><div class="li"> <code>mail2fLogo</code></div>
</li>
<li class="level3"><div class="li"> <code>mailSessionKey</code></div>
</li>
<li class="level3"><div class="li"> <code>mail2fCodeRegex</code></div>
</li>
<li class="level3"><div class="li"> <code>mail2fSubject</code></div>
</li>
<li class="level3"><div class="li"> <code>mail2fBody</code></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> External</div>
<ul>
<li class="level3"><div class="li"> <code>ext2fLogo</code></div>
</li>
<li class="level3"><div class="li"> <code>ext2fCodeActivation</code></div>
</li>
<li class="level3"><div class="li"> <code>ext2FSendCommand</code></div>
</li>
<li class="level3"><div class="li"> <code>ext2FValidateCommand</code></div>
</li>
</ul>
</li>
<li class="level1"><div class="li"> REST</div>
<ul>
<li class="level3"><div class="li"> <code>rest2fLogo</code></div>
</li>
<li class="level3"><div class="li"> <code>rest2fVerifyUrl</code></div>
</li>
<li class="level3"><div class="li"> <code>rest2fVerifyArgs</code> (must be a JSON object)</div>
</li>
<li class="level3"><div class="li"> <code>rest2fInitUrl</code></div>
</li>
<li class="level3"><div class="li"> <code>rest2fInitArgs</code> (must be a JSON object)</div>
</li>
</ul>
</li>
</ul>
</div>
<!-- EDIT2 SECTION "Configuration" [672-] --></div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink