I'm trying to come up to speed on how factors work. Are these assumptions
correct?
Any POST that contains the fields specified on the "factor" directive line
will get invoked, e.g.
factor /usr/cosign/factor/securid -2 login tokencode
If the POST includes fields named "login" and "tokencode", cosign.cgi will
invoke the "securid" factor.
Those fields get passed to the factor script not as command line arguments,
but as lines of input on STDIN, and the factor will need to read those
lines in for them to be available to the factor. e.g.
uid = sys.stdin.readline()
If a factor is required by the cosign filter ("CosignRequireFactor OTP"),
cosign.cgi will invoke all of the factors whose field requirements have
been met, and watch for one to return the factor name?
I've been trying to figure out whether there is any correlation between the
factor's name and the name of the script or program that fulfills that
factor. The duo_cosign factor on soureforge, seems to return the factor
name "Duo".
If there is no correlation, could that multiple factor directives /could/
fulfill the same factor? (I know you can do that with the "suffix"
directive).
Liam
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Cosign-discuss mailing list
Cosign-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
