Create a security library for fusiondirectory
Create a security library for fusiondirectory
Descriptive title for this enhancement
Create a security library for fusiondirectory
Actual behavior
Actually all the check for the various type of connection is done on index.php, but as we get mo and more way of connecting i think we should have separate php include files like we do for the password method for exemple.
Expected behavior
Have separate class with connexion method to be able to drop new connecion method when a new one is needed7
Step by step description of new behaviour
- split connexion method into separe include files
- Add a new method
- [and so on...]
Benefits
More lisibility, more room for new enhancement and easier contributions
Possible Drawbacks
The order of checking the method or interaction between them
Applicable Issues
All login process
Activity
created branch
5778-create-a-security-library-for-fusiondirectoryBy Côme Chilliet on 2018-03-15T14:48:42 (imported from GitLab)
mentioned in commit 7c2f3120
By Côme Chilliet on 2018-03-15T14:49:46 (imported from GitLab)
added PJ1802-0188 label
By bmortier on 2018-03-17T21:21:17 (imported from GitLab)
changed milestone to %FusionDirectory 1.4
By bmortier on 2018-03-26T09:11:12 (imported from GitLab)
Should it be possible to activate several login method at the same time?
In the current code only one can be activated, either HTTP Header, HTTP Auth, CAS, or the FD login page will be used.
If there will always only be one active, we could put in fusiondirectory configuration a SetAttribute allowing to select which method will be used.
By Côme Chilliet on 2018-03-28T09:19:41 (imported from GitLab)
hello,
- HTTP Header
- HTTP Auth
those two are mainly used being an sso portal, so i'am not sure we should add a two factor sequence for those
- CAS
in this case its the cas system itself that should support two factor
- FD login
This is the case for two factor, like on the gitlab for example, first user/password than ask for second factor. second factor can be an otp generated by free otp for exemple or a physical device like a yubikey
what do you think about my answer @coudot
By bmortier on 2018-06-12T10:06:59 (imported from GitLab)
added Need Info technical discussion labels
By Côme Chilliet on 2018-03-28T09:19:42 (imported from GitLab)
mentioned in commit a028b11b
By Côme Chilliet on 2018-05-07T09:07:22 (imported from GitLab)
mentioned in commit 5ffe6989
By Côme Chilliet on 2018-05-07T09:25:43 (imported from GitLab)
added packaging label
By bmortier on 2018-06-12T09:42:34 (imported from GitLab)
created branch
5778-create-a-security-library-for-fusiondirectoryBy Côme Chilliet on 2018-06-12T12:41:27 (imported from GitLab)
created branch
5778-create-a-security-library-for-fusiondirectoryBy Côme Chilliet on 2018-06-12T12:44:48 (imported from GitLab)
mentioned in commit 84fa0d26
By Côme Chilliet on 2018-06-12T14:12:43 (imported from GitLab)
mentioned in commit 37e67f4b
By Côme Chilliet on 2018-06-12T14:12:43 (imported from GitLab)
mentioned in commit 4415be6f
By Côme Chilliet on 2018-06-12T14:12:43 (imported from GitLab)
Now only one method can be selected in the configuration. The render of the login form was moved into LoginPost class.
It should be reading old config if the new fdLoginMethod is not found in the configuration, migration tests will be needed to make sure this works.
By Côme Chilliet on 2018-06-12T14:35:44 (imported from GitLab)
