So, could you use the existing auth plugins and then use a broker such as keycloak to manage your dual factor?
Here's a good article on the saml plugin: http://www.shapeblue.com/saml2-cloudstack/ - Si Simon Weller/615-312-6068 -----Original Message----- From: Jānis Andersons | Files.fm / Failiem.lv [[email protected]] Received: Thursday, 06 Apr 2017, 8:06AM To: [email protected] [[email protected]] Subject: Re: two factor authentication Well its the only one that I could find in google. I wrote them an email, but haven't received any response . And it was compiled against libraries from CloudStack 3.0.2 And there is no information about two factor authentication except WikID plugin. I looked around cloudstack code and found ../cloud.core.callbacks.js and as I understand I have to set global variable g_loginResponse to the JSON response. And then ../CloudStack.js will check the session, to bypass login screen. Will try this, but I doubt that I will get it to work. JA On 06/04/2017 15:27, Rafael Weingärtner wrote: > I have never heard of this plugin before. Have you tried to get some help > on that plugin community? > It does not say for which version of ACS it requires. > > Just for clarification, did you try to login before using the plugin? Did > it work? > > > On Thu, Apr 6, 2017 at 6:58 AM, Jānis Andersons | Files.fm / Failiem.lv < > [email protected]> wrote: > >> As I didn't got any response and couldn't set up wikid for ACS 4.8.0 2fa, >> I figure out, that I can try to login with api, for example: >> (...8080/client/api.jsp), set session parameters, after everything is ok >> and redirect to ...8080/client/ >> >> When login with API, I get response : "User: admin in domain 1 has >> successfully logged in" and after redirect all session parameters are still >> ok. >> >> But everithing fails on: >> ===START=== 192.168.0.252 -- GET command=listCapabilities&respo >> nse=json&_=1491408768692 >> 2017-04-05 19:12:43,686 ERROR [c.c.a.ApiServlet] >> (catalina-exec-15:ctx-6d580ae4) (logid:d7f0e94b) unknown exception >> writing api response >> >> The same happens without redirecting and retrieving session parameters on >> 8080/client/index.jsp >> >> Still would appreciate any info about two factor authentication. >> >> JA >> >> >> On 03/04/2017 18:37, [email protected] wrote: >> >>> Hi, >>> >>> Has anyone have some tips how to implement two factor authentication in >>> ACS 4.8.0? >>> I have looked at this: https://www.wikidsystems.com/s >>> upport/how-to/how-to-add-wikid-two-factor-authentication-to- >>> cloudstack-manager/ >>> But it seems to bee for older version, I guess. >>> Also I have considered to change GUI, but I don't think that wold be a >>> good idea. >>> >>> >
