privacyIDEA will be at the OpenRheinRuhr conference in Oberhausen, Germany. The conference is fixed stop in our yearly conference world tour, so we are looking forward to be in Oberhausen again, on November 3rd and 4th. Come and visit us at our stand an learn first hand about new cool […]
End of April we will attend two conferences to present the interesting possibilities of privacyIDEA to the world. Grazer Linuxtage, Graz – Austria At the Grazer Linuxtage Friedrich will give a talk about how privacyIDEA can be an alternative for classical, proprietary two factor solutions like RSA SecurID, Vasco or […]
With privacyIDEA 2.22 we added the possibility to pass more useful userinformation to a RADIUS client like a VPN. The administrator can add a policy to include the resolver and the realm of a user who authenticated successfully. This response data can then be used in the FreeRADIUS plugin and modified by regular expressions to add any arbitrary RADIUS attribute in the RADIUS response, which then would be sent to the VPN. This additional information can be used by Cisco ASA, Citrix Netscaler or any other enterprise grade VPN to put the user into certain subnets or to assign resource to the user.
A bug in the WebUI can lead to disclosure of the credentials of previously logged in users. Under certain conditions a local, physical attacker can get access to passwords of previously logged in users from the WebUI. Details Preconditions This problem occurs, if the following conditions apply: A logged in […]