That e-mail is dated, feel free to ignore. Later I sent another one
mentioning password + OTP. But of course I can't find it anymore.
On 2016-08-23, Stian Thorgersen wrote:
I thought we where just going to do password and OTP in a single
On 18 July 2016 at 23:53, Bruno Oliveira <abstractj(a)redhat.com> wrote:
> Good morning,
> Today to authentication against PAM with just simple username/password I
> implemented UserFederationProvider and added the proper PAM login to
> validCredentials. This covers the most basic scenario.
> Now I would like to cover a more complex scenario like OTP and change
> the flow a little bit like this:
> 1. User providers her username
> 2. The next screen asks to provide how many factor our user has(For
> example: OTP, password). We just don't know, PAM will tell what's next.
> 3. We authenticate against it
> To see in practice against FreeIPA server, I just recorded it
> for a practical example.
> What would be the best approach to implement this flow? I was considering
> move my authentication logic out of SSSD federation provider and create a
> Does it make sense?
>  - http://www.keycloak.org/docs/javadocs/org/keycloak/models/
>  - https://asciinema.org/a/atwnfbu0kqfasjl65weyoiz7a
> PGP: 0x84DC9914
> keycloak-dev mailing list
keycloak-dev mailing list