The two stage tokens is the underlying way it works in OAuth, I'm not saying it's the way you intend it. Please explain or give references.
Paul On 13 févr. 2013, at 22:36, shouldbe q931 wrote: > On Wed, Feb 13, 2013 at 7:53 PM, Paul Libbrecht <[email protected]> wrote: > >> Did you say OAuth? >> The socialauth library has been employed in >> https://github.com/xwiki-contrib/xwiki-social-login . >> Maybe this helps? >> Or maybe you want the converse? >> >> paul > > > I might be missing something, but I thought that OAuth was allowing a user > to use a 3rd party for authentication and initial authorization, such as > using a google account to create an account on stackoverflow, but did not > have any connection to two factor authentication where you are restricting > access to users that have a username, password and "token". > > I mentioned tokens, as for this use case client certificates would not be a > workable solution, otherwise I could just put haproxy in front of xwiki and > do client certificate checks there.... >>> I'm quite happy with LDAP auth, but a possible use case has arisen where >>> two factor auth (token or similar) would be required. >>> >>> Does anyone have any experiences with any two factor authentication >> methods >>> for xwiki. _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
