I am fairly new into scripting and cut and paste tools to existing user
databases, so if it is a dumb question, sorry for it.
I want to add 2FA to my webmail service which has its own user database. I
was wondering if PrivacyIdea can easily being integrated into an existing
website?
Are there scripts which i can look in to to see how things can be
integrated?
Hello Alex,
you are running the software on your own server or are you using a
hosted service?
As you would need to adapt the software, this will not work, if you are
using a hosted service.
Anyhow, I do not now if it is per license allowed to modify this
software.
But as it is PHP: There are different examples of integrating the 2
factor authentication against privacyIDEA into a PHP application.
Since privacyIDEA provides a simple REST API:
Kind regards
CorneliusAm Montag, den 25.01.2016, 03:41 -0800 schrieb Alex Stuart:
Hi Cornelius,
It is b1gmail, an email provider service.
I don’t know very much about programming and such, but i would love to
try it.Regards Alex
On Monday, January 25, 2016 at 9:40:12 AM UTC+1, Cornelius Kölbel wrote:
Hi Alex,privacyIDEA can read the users from the SQL database. You need to configure a SQL Resolver and a Realm. Then you will be able to assign 2FA-Devices to the users within privacyIDEA. The integration for authentication depends on the Web application (webmail) you have and the programming language. For several applications there are already plugins. For others such a plugin would have to be written. Can you tell what it is? Kind regards Cornelius Am Sonntag, den 24.01.2016, 15:44 -0800 schrieb Alex Stuart: > I am fairly new into scripting and cut and paste tools to existing > user databases, so if it is a dumb question, sorry for it. > > I want to add 2FA to my webmail service which has its own user > database. I was wondering if PrivacyIdea can easily being integrated > into an existing website? > > Are there scripts which i can look in to to see how things can be > integrated? > > -- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/4cf38c49-9261-4152-9842-8396ae330b87%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/a8ac89ec-772f-44aa-88fb-172e1e9ec0ca%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Thank you very much…much appreciated!
I have a VPS which the hardware node is also mine 
so it should be ok.
Software is PHP so i think i can manage it. If not, can i get help here?
regards AlexOn Monday, January 25, 2016 at 12:55:20 PM UTC+1, Cornelius Kölbel wrote:
Hello Alex,
you are running the software on your own server or are you using a
hosted service?As you would need to adapt the software, this will not work, if you are
using a hosted service.Anyhow, I do not now if it is per license allowed to modify this
software.But as it is PHP: There are different examples of integrating the 2
factor authentication against privacyIDEA into a PHP application.
Since privacyIDEA provides a simple REST API:https://github.com/cornelinux/wordpress-strong-authentication/blob/master/strong-authentication.php
Kind regards
CorneliusAm Montag, den 25.01.2016, 03:41 -0800 schrieb Alex Stuart:
Hi Cornelius,
It is b1gmail, an email provider service.
I don’t know very much about programming and such, but i would love to
try it.Regards Alex
On Monday, January 25, 2016 at 9:40:12 AM UTC+1, Cornelius Kölbel wrote:
Hi Alex,privacyIDEA can read the users from the SQL database. You need to configure a SQL Resolver and a Realm. Then you will be able to assign 2FA-Devices to the users within privacyIDEA. The integration for authentication depends on the Web application (webmail) you have and the programming language. For several applications there are already plugins. For others such a plugin would have to be written. Can you tell what it is? Kind regards Cornelius Am Sonntag, den 24.01.2016, 15:44 -0800 schrieb Alex Stuart: > I am fairly new into scripting and cut and paste tools to existing > user databases, so if it is a dumb question, sorry for it. > > I want to add 2FA to my webmail service which has its own user > database. I was wondering if PrivacyIdea can easily being integrated > into an existing website? > > Are there scripts which i can look in to to see how things can be > integrated? > > -- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > To view this discussion on the web visit >> For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Hi Alex,
privacyIDEA can read the users from the SQL database.
You need to configure a SQL Resolver and a Realm.
Then you will be able to assign 2FA-Devices to the users within
privacyIDEA.
The integration for authentication depends on the Web application
(webmail) you have and the programming language.
For several applications there are already plugins. For others such a
plugin would have to be written.
Can you tell what it is?
Kind regards
CorneliusAm Sonntag, den 24.01.2016, 15:44 -0800 schrieb Alex Stuart:
I am fairly new into scripting and cut and paste tools to existing
user databases, so if it is a dumb question, sorry for it.I want to add 2FA to my webmail service which has its own user
database. I was wondering if PrivacyIdea can easily being integrated
into an existing website?Are there scripts which i can look in to to see how things can be
integrated?–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/4cf38c49-9261-4152-9842-8396ae330b87%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Hi Cornelius,
It is b1gmail, an email provider service.
I don’t know very much about programming and such, but i would love to try
it.
Regards AlexOn Monday, January 25, 2016 at 9:40:12 AM UTC+1, Cornelius Kölbel wrote:
Hi Alex,
privacyIDEA can read the users from the SQL database.
You need to configure a SQL Resolver and a Realm.
Then you will be able to assign 2FA-Devices to the users within
privacyIDEA.The integration for authentication depends on the Web application
(webmail) you have and the programming language.
For several applications there are already plugins. For others such a
plugin would have to be written.Can you tell what it is?
Kind regards
CorneliusAm Sonntag, den 24.01.2016, 15:44 -0800 schrieb Alex Stuart:
I am fairly new into scripting and cut and paste tools to existing
user databases, so if it is a dumb question, sorry for it.I want to add 2FA to my webmail service which has its own user
database. I was wondering if PrivacyIdea can easily being integrated
into an existing website?Are there scripts which i can look in to to see how things can be
integrated?–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
I think I already pointed to the REST API which is rather simple and
straightforward - also with the examples from the other plugins.
Just for your information: I also contacted the developer of b1gmail in
case he is interested in 2FA.
But you can of course also get development services here:
https://netknights.it/en/leistungen/development/
Kind regards
CorneliusAm Montag, den 25.01.2016, 09:29 -0800 schrieb Alex Stuart:
Thank you very much…much appreciated!
I have a VPS which the hardware node is also mine
ok. Software is PHP so i think i can manage it. If not, can i get help
here?regards Alex
On Monday, January 25, 2016 at 12:55:20 PM UTC+1, Cornelius Kölbel wrote:
Hello Alex,you are running the software on your own server or are you using a hosted service? As you would need to adapt the software, this will not work, if you are using a hosted service. Anyhow, I do not now if it is per license allowed to modify this software. But as it is PHP: There are different examples of integrating the 2 factor authentication against privacyIDEA into a PHP application. Since privacyIDEA provides a simple REST API: https://github.com/privacyidea/privacyidea/blob/master/authmodules/TYPO3/privacyidea/Classes/PrivacyideaAuth.php https://github.com/privacyidea/simplesamlphp-module-privacyidea/blob/master/lib/Auth/Source/privacyidea.php https://github.com/cornelinux/wordpress-strong-authentication/blob/master/strong-authentication.php Kind regards Cornelius Am Montag, den 25.01.2016, 03:41 -0800 schrieb Alex Stuart: > Hi Cornelius, > > It is b1gmail, an email provider service. > > I don't know very much about programming and such, but i would love to > try it. > > Regards Alex > > On Monday, January 25, 2016 at 9:40:12 AM UTC+1, Cornelius Kölbel wrote: > Hi Alex, > > privacyIDEA can read the users from the SQL database. > You need to configure a SQL Resolver and a Realm. > Then you will be able to assign 2FA-Devices to the users > within > privacyIDEA. > > The integration for authentication depends on the Web > application > (webmail) you have and the programming language. > For several applications there are already plugins. For others > such a > plugin would have to be written. > > Can you tell what it is? > > Kind regards > Cornelius > > Am Sonntag, den 24.01.2016, 15:44 -0800 schrieb Alex Stuart: > > I am fairly new into scripting and cut and paste tools to > existing > > user databases, so if it is a dumb question, sorry for it. > > > > I want to add 2FA to my webmail service which has its own > user > > database. I was wondering if PrivacyIdea can easily being > integrated > > into an existing website? > > > > Are there scripts which i can look in to to see how things > can be > > integrated? > > > > -- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/privacyidea/4cf38c49-9261-4152-9842-8396ae330b87%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/a8ac89ec-772f-44aa-88fb-172e1e9ec0ca%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/83373c71-2e46-4c40-b527-2b7ac2418194%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Hello,
sorry to write on an old thread, but b1gMail store the passwords as md5(md5(password)+salt). The SQL Resolver have currently no option to read MD5 + salt from separate column. So if i understand correctly, the only option to read users is build an api and using HTTP Resolver.
Yes, the support for a salt column (which is old style) was dropped a while ago.
privacyIDEA uses passlib.cryptcontext, which supports most standard password hashing schemes.
https://passlib.readthedocs.io/en/stable/lib/passlib.context.html
You do not need to use passwords from the SQL resolver, if you do not need them. E.g. if you use privacyIDEA to only authenticate the 2nd factor, then you do not need passwords.
If you use OTP pin (no policy otppin=userstore), then you do not need passwords in privacyIDEA.
Then you do not need to map passwords in the user attribute mapping in your SQL resolver.
However, if you need to use passwords from users in such database, then you would need to come up with something new (other way of accessing the userinformation, new resolver, new reorganized database table…) or update the way b1gMail hashes the passwords…