[TYPO3-project-4-3] Using OpenID in combination with rsaauth and saltedpasswords
Marcus Krause
marcus#exp2009 at t3sec.info
Wed Sep 9 19:03:31 CEST 2009
Dmitry Dulepov schrieb:
> Hi!
>
> [...]
>> Then the ideal setup would be to have openid,rsaauth and
>> saltedpasswords installed and working.
>>
>> Highest preference on openid. (in case a user does use openid) If
>> there's no usable openid, degrade to rsaauth and saltedpasswords.
>>
>> So, IMHO, we should try to make openid work together with rsaauth
>> at the same time.
>>
>> What's your opinion?
>
> The idea sounds good and very reasonable. +1.
Nice to hear that.
> I think the problem might be in the login security levels. RSA auth
> expects "rsa" and will not work if it is anything else. This is a
> precaution against incorrect usage of this extension.
>
> What login security level do you have in the Install tool settings?
> Normally it is empty, which means 'superchallenged'.
I'm having rsa for FE and BE. With that, rsaauth and saltedpasswords
work fine together. Would be nice if openid could handle rsa in
loginSecurityLevel, too. Then, all three extensions would work together
and we would have the IMHO best possible (security) solution for 4.3.
Marcus.
More information about the TYPO3-project-4-3
mailing list