Path

ez projects / yubico_yubikey_otp_extensio...


Yubico YubiKey OTP extension for eZ Publish

UNIX name Owner Status Version Compatible with
yubico_yubikey_otp_extension_for_ez_publish Quoc-Huy NGUYEN DINH stable 1.1 4.x
qhyubikey source code repository is now on GitHub.

Latest source code is now available at https://github.com/quochuy/qhyubikey/. projects.ez.no repository will not be updated any more and all work will be commited to GitHub repository.

The purpose of this project is to provide support to YubiKey
authentication for eZ Publish.
This in order to make eZ Publish authentication more secure either
by:
- replacing the standard password by the use of the One Time Password
(OTP) generated by the YubiKey USB key. An OTP is a password that
becomes invalid on the first use and gets invalidate if another OTP
is generated from the same YubiKey.
- adding a 2nd factor to eZ Publish authentication. In order to login,
the user needs the both his password and the OTP from the authorized
YubiKey. This mode brings Multi-Factor Authentication (MFA) to eZ
Publish.
- unlimited number of yubikey recorded in profile

Update an existing installation:

1.0beta2 to 1.0:
================
1 - edit the "User class" and remove all your previous 'yubikey' and 'yubikey_backup' attributes
2 - add a new attribute of type 'matrix':
        Type=Matrix
        Name="YubiKey Keys (once set, you CANNOT login without your YubiKey!)"
        Description="If you have multiple keys, register each of them by recording a sample of generated code from each of them"
        Identifier="yubikeys"
        Not required, Not searchable, Not collection
        Columns:
                Name:name
                Key:key

1.0beta1 to 1.0beta2:
 =====================
 1 - add a new attribute to the "User" content class:
 Type="YubiKey OTP"
 Name="Backup YubiKey OTP"
 Identifier="yubikey_backup"
 Not required, Not searchable, Not collection
 2 - extract the archive in your extension/ folder

1st TIME INSTALLATION:
======================
 1 - edit your "User" content class
 2 - add a new attribute to the "User" content class:
 Type="YubiKey OTP"
 Name="YubiKey OTP (once set, you CANNOT login without your YubiKey!)"
 Identifier="yubikey"
 Not required, Not searchable, Not collection
 3 - add a new attribute to the "User" content class:
 Type="YubiKey OTP"
 Name="Backup YubiKey OTP"
 Identifier="yubikey_backup"
 Not required, Not searchable, Not collection
 4 - add a new attribute to the "User" content class:
 Type="Checkbox"
 Name="Use my YubiKey OTP for multi-factor. You will need both password and
 YubiKey to sign in"
 Identifier="multifactor"
 Not required, Not searchable, Not collection
 5 - extract the archive in your extension/ folder
 6 - activate the extension in your site.ini.append.php. Make sure that
 qhyubikey extension is activated before ezwebin/ezflow
 extension.
 7 - regenerate autoload and clear ini and template caches.
 8 - edit your user information and use your YubiKey to generate a OTP
 string to be recorded.

Screenshot

This project has no reviews yet. Be the first one to review it!

No forum messages yet.