WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

2factor authentication

This commit is contained in:
Roland Gruber 2017-01-23 19:57:50 +01:00
parent 16bc59f4c3
commit afdc4b3f92
2 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
lam/help/help.inc
View File

@ -4,7 +4,7 @@ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Michael Duergner
2003 - 2016 Roland Gruber
2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -279,6 +279,12 @@ $helpArray = array (
"Text" => _('Use this to enter an additional LDAP filter (e.g. "(objectClass=passwordSelfReset)") to reduce the number of accounts who may use self service.')),
"513" => array ("Headline" => _('Use for all operations'),
"Text" => _('By default all modifications are done as the user that authenticated in self service. If active then LAM will use the connection user for all LDAP modifications and searches.')),
"514" => array ("Headline" => _('2-factor authentication'),
"Text" => _('You can enable 2-factor authentication here (e.g. via mobile device).')),
"515" => array ("Headline" => _('2-factor base URL'),
"Text" => _('URL of external 2-factor authentication service.')),
"516" => array ("Headline" => _('Disable certificate check'),
"Text" => _('This will disable the check of the SSL certificates for the 2-factor authentication service. Not recommended for production usage.')),
"520" => array ("Headline" => _("Generate random password"),
"Text" => _("This will set a random password and display it on the screen or send it to the user via mail. Please edit your LAM server profile to setup the mail settings.")),
"550" => array ("Headline" => _("From address"),

14
lam/lib/selfService.inc
View File

@ -3,7 +3,7 @@
$Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2006 - 2016 Roland Gruber
Copyright (C) 2006 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -302,6 +302,11 @@ function isSelfService() {
*/
class selfServiceProfile {
/** 2factor authentication disabled */
const TWO_FACTOR_NONE = 'none';
/** 2factor authentication via privacyIDEA */
const TWO_FACTOR_PRIVACYIDEA = 'privacyidea';
/** server address */
public $serverURL;
@ -376,6 +381,10 @@ class selfServiceProfile {
public $timeZone = 'Europe/London';
public $twoFactorAuthentication = selfServiceProfile::TWO_FACTOR_NONE;
public $twoFactorAuthenticationURL = 'https://localhost';
public $twoFactorAuthenticationInsecure = false;
/**
* Constructor
*
@ -413,6 +422,9 @@ class selfServiceProfile {
$this->enforceLanguage = true;
$this->followReferrals = 0;
$this->timeZone = 'Europe/London';
$this->twoFactorAuthentication = selfServiceProfile::TWO_FACTOR_NONE;
$this->twoFactorAuthenticationURL = 'https://localhost';
$this->twoFactorAuthenticationInsecure = false;
}
}