Re: Fedora Account Migration & Production Deployment Update: COMPLETE!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On to, 01 huhti 2021, Kevin Fenzi wrote:

On Thu, Apr 01, 2021 at 01:50:40PM +0300, Alexander Bokovoy wrote:


This split of fields in FreeIPA Web UI exists since FreeIPA 4.0 which
was part of early RHEL 7 deliveries (the code for separate OTP field was
added in 2014).

There is nothing specific about it -- Noggin developers simply missed
this part, as well as they missed OTP token sycnhronization
functionality.


Odd. I am looking at our "RED HAT IDENTITY MANAGEMENT" web interface and
it has a Username and a Password field and the Password field has
"Password or Password + One Time Password" in it.


Sorry, I mixed these things myself. Main password login screen has
only a password login field, not two. I mixed it up with the password
reset form where there is a separate OTP field.

Noggin can have a separate OTP field on the login screen, though. This
would be a UX optimization as currently you'd still need to pass both
values concatenated as a 'password' to the server in the login POST
request. Once we add prompting support to kinit, though, we would be
able to pass the OTP token value separately and could add a separate OTP
value field to the server login form.


library. SSSD does use them, so it is possible to change password
through SSSD with separate prompts.

Improving 'kpasswd' and 'kinit' utilities in on my todo list as I'll
need this for other use cases as well.


Cool. I'll investigate if we want to make this case easier.




--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux