Ask Your Question
1

how to implement 2-factor authentication in Horizon?

asked 2014-11-12 05:54:40 -0500

New-stack gravatar image

updated 2014-11-12 08:40:50 -0500

smaffulli gravatar image

hi people, somebody have experience about 2 factor authentication in horzion? I'm interesting to implement in my test environment...

some suggestion about how to start ? ^_^

edit retag flag offensive close merge delete
add a comment

2 answers

Sort by ยป oldest newest most voted
2

answered 2014-11-12 13:35:29 -0500

Haneef Ali gravatar image

updated 2014-11-12 13:37:32 -0500

You need to do this in keystone, since horizon doesn't maintain any user data. BTW you need keystone v3 to do this. V2 authentication is not pluggable

1) Add an auth plugin -- say OTP

2) Implement OTP functionality ( https://github.com/nathforge/pyotp )

3) Horizon needs to get username/pwd + otp value for login and pass it to keystone

4) Now your request to keystone will include 2 methods .

{ "auth": {
    "identity": {
      "methods": ["password" , "OTP"],
      "password": {
        "user": {
          "name": "admin",
          "domain": { "id": "default" },
          "password": "adminpwd"
        }
      },
      "OTP" : {
         "otp_value" : "342342343"
      }

    }
  }
}'

This should give you a rough idea

edit flag offensive delete link more
add a comment
0

answered 2020-08-30 17:34:59 -0500

Francewhoa gravatar image

updated 2020-08-30 17:59:01 -0500

In addition to Haneef Ali's answer, those documentation might be of interest:

Time-based One-time Password (TOTP)

https://docs.openstack.org/keystone/l...

Multi-Factor Authentication (MFA)

https://docs.openstack.org/keystone/l...

Configuring MFA

https://docs.openstack.org/keystone/l...

edit flag offensive delete link more
add a comment

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

subscribe to rss feed

Stats

Asked: 2014-11-12 05:54:40 -0500

Seen: 2,129 times

Last updated: Aug 30

Related questions

password authentication thru ldap

Juno unable to retrieve instance list

Error while building dashboard through horizon.

icehouse horizon instance console cannot be displayed

Accesss Horizon from outside?

How to add new dashboard on Horizon?

How to pass the auth token and use it with python API?

what JavaScript/CSS libraries does horizon use?

Using a default keystone domain at horizon login

Horizon requirements