Hi all,
I've been digging into Serf's support for various authentication schemes
and I notices something that looks like a bit of a limitation.
Unless I'm much mistaken, there's space for only one authentication
baton in Serf's context. It would seem that this is rather a blocker for
implementing multi-factor authentication flows, for example, Basic +
OTP, where the server would first require basic credentials and then, if
those were correct, go on to issue an OTP challenge.
It seems to me that a simple solution for that would be to store an
authn baton per scheme, but I know on the close order of nothing about
the possible side effects.
Yeah, I'm starting small, I have no wish to implement OAuth2 flow any
time soon. Still, a bit of insight from the knowledgeable would be welcome.
-- Brane
- Thinking about MFA infrastructure Branko Čibej
-
