shibboleth-dev - Re: [Shib-Dev] [PATCH] Multi-factor authentication
Subject: Shibboleth Developers
List archive
- From: Etienne Dysli <>
- To:
- Subject: Re: [Shib-Dev] [PATCH] Multi-factor authentication
- Date: Mon, 18 Apr 2011 14:53:24 +0200
On 15/04/11 21:26, Brent Putman wrote:
> This is discussed more extensively in the archives, but briefly: The
> jaasConfigurationLocation attribute on the login handler just sets the
> value of the JVM-wide system property java.security.auth.login.config,
> which is the JVM-wide config for the JAAS framework. In can only point
> to one place, so you can't have different login handlers setting it to
> different values. The last one that gets processed at configuration
> wiring time wins.
Thanks for the clarification.
In the meantime, I've found another possible explanation: the page
http://download.oracle.com/javase/1.5.0/docs/guide/security/jaas/tutorials/LoginConfigFile.html
(linked from
https://wiki.shibboleth.net/confluence/display/SHIB2/IdPAuthUserPass)
states (near the end) "If more than one login configuration file is
specified, then the files are read and concatenated into a single
configuration.". So config entry names should not be reused in other
files (MultiFactorAuth does use the same default jaasConfigName as
UsernamePasswordAuth). I've switched to another name and I can use both
login handlers in the same IdP.
Regards,
Etienne
Attachment:
signature.asc
Description: OpenPGP digital signature
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Etienne Dysli, 04/14/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Fredrik Thulin, 04/14/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Etienne Dysli, 04/15/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Fredrik Thulin, 04/15/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Brent Putman, 04/15/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Etienne Dysli, 04/18/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Brent Putman, 04/18/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Etienne Dysli, 04/18/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Brent Putman, 04/18/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Etienne Dysli, 04/18/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Etienne Dysli, 04/15/2011
- Re: [Shib-Dev] [PATCH] Multi-factor authentication, Fredrik Thulin, 04/14/2011
Archive powered by MHonArc 2.6.16.