[Neos] Implementing an own authentication provider?
henjo at simplyadmire.com
Wed Nov 12 08:02:45 CET 2014
On 2014-11-11 21:24:45 +0000, Torben Hansen said:
> Hi all,
> I'm trying to extend the Neos backend login with a two-factor
> authentication. I thought, I could just create a new authentication
> provider and authentication token and add the provider to the
> settings.yaml, but obviously I'm missing something.
> My first problem is, when I install the package with my authentication
> provider to my Neos site and set "authenticationStrategy: allTokens" in
> TYPO3.Flow.security.authentication, I end up in a redirection loop to
> the Neos login form.
> When I set "authenticationStrategy: atLeastOneToken", then the login
> form is displayed and the new authentication provider seems to work (I
> could see, that my token input was parsed in the Neos security log).
> But that is actually not what I want, since both tokens need to be
> checked and valid.
> My second problem is more general, since I'm unsure how to implement
> the two-factor authentication in the Neos authentication process. I
> could imagine two scenarios.
> Scenario 1
> 1. Neos username/password login (Typo3BackendProvider - entryPoint:
> 2. My 2FA Form (My2FAProvider - entryPoint: 'WebRedirect')
> For this scenario, I could display the 2FA form after the
> username/password form. But - I'm really not sure if this is possible
> at all, since the authentication process would be interrupted by the
> 2FA form.
> Scenario 2
> 1. Extend Neos username/password login with 2FA field
> This is the scenario I'm running into problems right now. I just added
> my 2FA field to the default Neos login template and here I run into the
> redirection-problems as soon as I set the authentication strategy as
> described above. Also here, I'm not sure if this is the way to go if I
> want to add 2FA to the Neos login. Is there an easy way to override the
> Neos Login form from my package?
> It would be great if someone could give me some assistance or point me
> in the right direction.
> Best regards
redirect loops could be pointing to routing issues. Did you make sure
your routing is correct for all used controller/action combinations?
More information about the Neos