[jboss-user] [JBoss Portal] - Strong authentication - how to implement?

tl83 do-not-reply at jboss.com
Tue Jun 3 12:02:07 EDT 2008


I would like to have following functionality:

1. User log on with username and password
2. The system sends one time password in SMS to the users mobile
3. User log on with one time password

So how could this be implemented to the JBossPortal? Could you give me some hints if it is possible or not without huge amount of work?

Could this work:

1. First login.jsp is changed to redirect to the page, where user "log on with username and password". Real authentication does not take place yet, but I could check if the password correlate with the username.

2. System sends SMS to user's mobile

3. Send SMS - button redirect to the real login.jsp, where there is one time password - field.

Now that user login with one time password, the system authenticate the user with username, password and one time password.

I'm really looking forward to hear your comments..

I'm using JBoss Portal 2.6.5-GA

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4155424#4155424

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4155424

More information about the jboss-user mailing list