[TYPO3-dev] Improving login security in TYPO3 (BE+FE)
Ernesto Baschny [cron IT]
ernst at cron-it.de
Fri May 18 16:18:04 CEST 2012
Dave Sexton schrieb am 16.05.2012 16:39:
> On Wed, 2012-05-16 at 14:51 +0200, Xavier Perseguers wrote:
>>
>> However the point is that the Core should be adapted, if ever, to easily
>> allow such enhancements for the authentication mechanism. So Kay, if you
>> need something more (a hook, ...) then this is definitely something
>> worth being included in the Core.
>
> Going ever so slightly off-topic, one thing that does spring to mind
> that could be useful in the core would be a way for an auth service to
> provide contributions to the log-in UI. This could be anything from some
> flexform definition to add an extra log-in field through to some form of
> work-flow capability for multi-stage authentication.
>
> Then fe_login (or whatever) could render controls based on the
> requirements of the active auth services.
>
> Sorry, just a bit of a brain-dump/pipedream.
Yes, would be very cool. The current integration of openid is more like
a "hack", as it is the core that modifies the login screen if openid
extension is installed and enabled. :)
Once such an API is there, we could / should also modify openid to make
use of it.
Cheers,
Ernesto
More information about the TYPO3-dev
mailing list