Canonical SSO provider

Old Yubikey-specific code and settings need to be removed

Bug #928346 reported by Stuart Metcalfe on 2012-02-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Canonical SSO provider	Confirmed	Low	Unassigned

Bug Description

The old, experimental, Yubikey code and settings are still lurking in at least the schema.py and main.cfg files in both trunk and the sso-config branch. We can't remove the section independently as it's defined as 'fatal=True' so we'll need to correlate removal and and deployment. There may also be removable Yubi code in other areas and in the templates. This has all been superseded by the OATH 2-factor code so should be removed at some point.

Tags:

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2012-05-24:

How are you going to support multiple devices?
Yubikey supports sending token id, OATH by itself does not.

Revision history for this message

Stuart Metcalfe (stuartmetcalfe) wrote on 2012-05-24:

@dmitrij.ledkov: We loop through each device to match the entered token. Also, Yubico have *just* added a feature to their ykpersonalize tool (currently in an experimental PPA) to support IDs in OATH tokens (www.openauthentication.org/oath-id) and we will aim to support that in our implementation.

Ricardo Kirkner (ricardokirkner) on 2012-10-03

tags:

added: twofactor

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.