[TYPO3-core] RFC #11016: Implement RSA authentication for BE and FE

[Dmitry Dulepov]

Hi!

Oliver Hader wrote:
> Ha, well... I know, how factories are used.

I'm sure you do, I know you are a pro! No doubts.

> +1 on testing

Thanks!

> Since Ingmar and Andi did a positive review some days ago, I'd say that
> you can commit this new feature to SVN Trunk. I'm going to post my
> suggestions as a patch to the current version later on.

I think it is definitely be a better idea than posting patches to Forge. Once RSA auth is committed, we can enhance it as we wish. For example, I need to fix ajax login box for it.

> Concerning enabling this new feaure: Can you think about another way
> than setting the property "loginSecurityLevel" to "rsa" in Install Tool?

Not sure... At least this is not a thing that should be done lightly. RSA auth requires a PHP extension or a command line utility. If neither is present but RSA auth is enabled, users will not be able to login at all. So it should not be like a checkbox. I think requiring Install tool setting serves like a protection against accidental enabling of this login method.

Thanks again for the review! I'll commit the patch tomorrow (too late today).

-- 
Dmitry Dulepov
In TYPO3 blog: http://dmitry-dulepov.com/article/when-do-you-need-chash-in-typo3.html
LinkedIn: http://www.linkedin.com/in/dmitrydulepov
Twitter: http://twitter.com/dmitryd
Skype: liels_bugs