[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-technical
Subject: Re: LDAP authentication using Radius
From: Michael =?utf-8?q?Str=C3=B6der?= <michael () stroeder ! com>
Date: 2012-08-18 13:10:54
Message-ID: 502F945E.7080904 () stroeder ! com
[Download RAW message or body]
Howard Chu wrote:
> JET JETASIK wrote:
>> I am investigating 2 factor authentication in which mostly they are radius
>> server actually.
>>
>> My problem is that most of my applications relying on LDAP auth only.
>
> If by 2-factor authentication you mean some kind of challenge/response method,
> that will not work. The module has no way to relay the challenge back to the
> LDAP client, and the LDAP Simple Bind request doesn't support
> challenge/response type authentication.
IIRC the RADIUS service of RSA SecurID accepted the personal token PIN and the
OTP concantenated in a single RADIUS request. No need for extra challenge
response PDUs in this case. But it feels like 2-factor authc for the user.
Ciao, Michael.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic