Re: mideye authentication

[Norbert Wegener <norbert.wegener@siemens.com>]

Alan DeKok wrote:
> Norbert Wegener wrote:
>   
> > It should be simple to generate a one time password, throw it into a
> > database,send it via sms  and make it available for the next time, the
> > user requests access. The problem here seems to be, that after a first
> > successfull authentication another one with only a new password but the
> > already entered username has to be done.
> > Can this be realised with an actual freeradius? If so: Where can I find
> > documentation about it?
> >     
>
>   You first need to define what you mean by "successful authentication".
>  Is it sending an Access-Accept?  Or receiving an Accounting start for
> that user?
>
>   For this kind of special requirements, I would suggest writing a C
> module that implements the logic.  It should be very small, even if it
> stores the passwords in SQL.
>
>   
Would otpd, which is mentioned in otp.conf do that job?
Up to now I had not time to take a look at it.

Norbert Wegener
>   You could do much of the logic in "unlang".  The only part I'm not
> sure about is the insert/query/delete from a database.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>