[Openstack] Horizon with 2fa?
Andrew Bogott
abogott at wikimedia.org
Mon Mar 7 02:18:06 UTC 2016
For future googlers:
We wrote an hotp keystone plugin and I hacked up support for a third
field in the Horizon login screen.
Details and code for the keystone plugin are here:
http://bogott.net/unspecified/?p=2344
And, for the Horizon interface changes, here:
http://bogott.net/unspecified/?p=2356
All are welcome to reuse our code; I'm also happy to hear from anyone
about how I should have done it instead.
-Andrew
On 2/29/16 10:23 AM, Andrew Bogott wrote:
> I require two-factor authentication for users who have permissions
> to create and delete instances in Nova. Since we're in the process of
> migrating from our custom webUI to Horizon, I need to add an
> additional field (totp token) to the Horizon login screen and get that
> value passed to keystone.
>
> It should be a fairly straightforward hack -- but, before I dive
> in, I'm thinking that surely I'm not the first person to need this.
> Can anyone who has already implemented 2fa in Horizon give me a few
> pointers, or tell me what approach you took?
>
> Thanks!
>
> -Andrew
More information about the Openstack
mailing list