Re: [SOGo] Integrate SOGo with a OTP Solution

2017-04-04 Thread mj 

Hi,

FYI: you could try keycloak as an SAML IdP, as it has support for FreeOTP.

MJ
--
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Integrate SOGo with a OTP Solution

2017-04-04 Thread Christoph Kreutzer 
Hello,

I am (mostly) successfully using the SAML authentication with SOGo. You can 
read about my experiences on the mailing ist ;-)

I also don’t know LinOTP, but would recommend privacyID3A 
(https://www.privacyidea.org/ ) and SimpleSAMLphp 
(https://simplesamlphp.org/ ) in combination as 
SAML IdP (Identity Provider). PrivacyID3A is under constant development and 
allows very flexible usage scenarios.

The simpler option would be SimpleSAMLphp alone with something like this: 
https://github.com/NIIF/simplesamlphp-module-authtfaga 
 (I currently use a 
forked version of it, but I’m in the process of migrating to privacyID3A). Or 
you can use every other IdP, like the Shibboleth IdP (but more complex to 
setup) or Keycloak (used by some other people out there I know).

Best regards,
Christoph

> Am 04.04.2017 um 17:33 schrieb Christian Mack 
> (christian.m...@uni-konstanz.de) :
> 
> Hello
> 
> Am 31.03.2017 um 00:28 schrieb Elias Pereira Silva (elias@dpf.gov.br):
>> Hi,
>> 
>> We have installed a linotp server (https://www.linotp.org/) to provide a
>> authentication with otp solution. it works like a radius server
>> integrated with a ldap directory that validates the password and otp
>> code on same input.
>> 
>> so, we are interesting to change the sogo authentication (on the
>> webserver) to include a radius auth (first) and in success case proceed
>> with the ldap authentication.
>> 
>> could you suggest to us a way to start this plan?
>> 
> 
> I do not know linotp myself.
> But I think you can use SAML2 authentication for it with SOGo.
> 
> Hope that gives a hint in the right direction.
> 
> 
> Kind regards,
> Christian Mack
> 
> -- 
> Christian Mack
> Universität Konstanz
> Kommunikations-, Informations-, Medienzentrum (KIM)
> Abteilung Basisdienste
> 78457 Konstanz
> +49 7531 88-4416
> 

-- 
users@sogo.nu
https://inverse.ca/sogo/lists

Re: [SOGo] Integrate SOGo with a OTP Solution

2017-04-04 Thread Christian Mack 
Hello

Am 31.03.2017 um 00:28 schrieb Elias Pereira Silva (elias@dpf.gov.br):
> Hi,
> 
> We have installed a linotp server (https://www.linotp.org/) to provide a
> authentication with otp solution. it works like a radius server
> integrated with a ldap directory that validates the password and otp
> code on same input.
> 
> so, we are interesting to change the sogo authentication (on the
> webserver) to include a radius auth (first) and in success case proceed
> with the ldap authentication.
> 
> could you suggest to us a way to start this plan?
> 

I do not know linotp myself.
But I think you can use SAML2 authentication for it with SOGo.

Hope that gives a hint in the right direction.


Kind regards,
Christian Mack

-- 
Christian Mack
Universität Konstanz
Kommunikations-, Informations-, Medienzentrum (KIM)
Abteilung Basisdienste
78457 Konstanz
+49 7531 88-4416



smime.p7s
Description: S/MIME Cryptographic Signature

[SOGo] Integrate SOGo with a OTP Solution

2017-03-30 Thread Elias Pereira Silva 

Hi,

We have installed a linotp server (https://www.linotp.org/) to provide a 
authentication with otp solution. it works like a radius server 
integrated with a ldap directory that validates the password and otp 
code on same input.


so, we are interesting to change the sogo authentication (on the 
webserver) to include a radius auth (first) and in success case proceed 
with the ldap authentication.


could you suggest to us a way to start this plan?

Best regards
Elias Silva

--
users@sogo.nu
https://inverse.ca/sogo/lists