Implementation of two-factor authentication for Alfresco using a YubiKey.
License
sbuckle/Alfresco-Yubikey-Extension
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
master
Could not load branches
Nothing to show
Could not load tags
Nothing to show
{{ refName }}
default
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code
-
Clone
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more.
- Open with GitHub Desktop
- Download ZIP
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Latest commit
Git stats
Files
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Alfresco Yubikey Extension ============================================ Author: Simon Buckle Email: simon@webteq.eu This is an extension for Alfresco that implements two-factor authentication using a YubiKey. Configuration ------------- By default, Yubico's validation servers are used to validate the OTPs generated by the key. As such, you will need to get an API key (https://upgrade.yubico.com/getapikey/). Once you have signed up, you will need to update the 'YubicoClient' bean definition in the configuration file (verification-service-context.xml) with the client id and (optionally) the key. If you are using your own validation servers then the default validation server URLs will also need to be changed. For robustness, each username needs to be mapped to a key. The default implementation looks for a mapping file /etc/keydb. Each entry in the file should be on a separate line and fields should be separated by ":". Each entry should map the username to the device id, e.g. admin:abcdefghi. Installation ------------ This extension has been tested against Alfresco 3.4. Copy alfresco.war to the root directory of the extension and run: ant integrate-extension The alternative is to run: ant package-extension. This will produce a zip file. To deploy it, extract the contents of the zip file to the root directory of the deployed Alfresco instance, e.g. unzip bin/dist/yubikey-login.zip -d $TOMCAT_HOME/webapps/alfresco To build an AMP file run: ant package-amp To install it, run the following command: java -jar $ALF_HOME/bin/alfresco-mmt.jar install bin/dist/yubikey-login.amp $TOMCAT_HOME/webapps/alfresco.war -force You have to force it because it overrides faces-config-custom.xml in /WEB-INF/. Note ---- This extension comes bundled with a pre-built version of the Yubico Java client. This is a customised build of the client that can be found here: https://github.com/sbuckle/yubico-java-client License ------- The code is released under the Apache 2.0 license. Support ------- Keys can be reprogrammed if you want to host your own validation servers. If you want some help with this or to discuss the available options, then feel free to send me an email.
About
Implementation of two-factor authentication for Alfresco using a YubiKey.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published