On Wed, May 04, 2016 at 05:33:55PM -0400, Nathaniel McCallum wrote: > This series of patches implements authentication indicator insertion, > evaluation and management in FreeIPA. Besides these patches, two other > patches are needed to round out support. > > First, we need a UI patch: https://fedorahosted.org/freeipa/ticket/5872 > > Second, we need a SSSD patch to handle the new case where multiple > responders are set (when either 1FA or 2FA can be used).
I've already some initial work done here and will continue with your patches. > > Please note that the last patch in this series (0093) is untested and > simply represents my desire to get these patches off of my hard disk > before I take a long weekend. This patch also requires mrogers' patch > 0001 (already merged to master). > > Also worthy of note is the need for an OID for the authentication > control. Hopefully Simo can assign this after we agree that this > control method is sufficient. One question I had was whether or not it > would be possible to send the control only on UNIX sockets (0089; > report_auth_method()). > > Please review the approaches taken here. I plan to hit this hard on > Monday. I'm on a conference next week and currently busy preparing my presentation. I will give you feedback in the following week. bye, Sumit > > Nathaniel -- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code