Ask Your Question
0

how to implement 2-factor authentication in Horizon?

asked 2014-11-12 05:54:40 -0600

New-stack gravatar image

updated 2014-11-12 08:40:50 -0600

smaffulli gravatar image

hi people, somebody have experience about 2 factor authentication in horzion? I'm interesting to implement in my test environment...

some suggestion about how to start ? ^_^

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
1

answered 2014-11-12 13:35:29 -0600

updated 2014-11-12 13:37:32 -0600

You need to do this in keystone, since horizon doesn't maintain any user data. BTW you need keystone v3 to do this. V2 authentication is not pluggable

1) Add an auth plugin -- say OTP

2) Implement OTP functionality ( https://github.com/nathforge/pyotp )

3) Horizon needs to get username/pwd + otp value for login and pass it to keystone

4) Now your request to keystone will include 2 methods .

{ "auth": {
    "identity": {
      "methods": ["password" , "OTP"],
      "password": {
        "user": {
          "name": "admin",
          "domain": { "id": "default" },
          "password": "adminpwd"
        }
      },
      "OTP" : {
         "otp_value" : "342342343"
      }

    }
  }
}'

This should give you a rough idea

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2014-11-12 05:54:40 -0600

Seen: 1,860 times

Last updated: Nov 12 '14