The Multi-Factor Authentication system privacyIDEA 2.23 comes with PRE event handling, recurring tasks, monitoring and statistics. The administrator thus has a lot of tools, to automate unforeseen scenarios and avoid manuel, tedious tasks and avoid errors.
End of April we will attend two conferences to present the interesting possibilities of privacyIDEA to the world. Grazer Linuxtage, Graz – Austria At the Grazer Linuxtage Friedrich will give a talk about how privacyIDEA can be an alternative for classical, proprietary two factor solutions like RSA SecurID, Vasco or […]
With privacyIDEA 2.22 we added the possibility to pass more useful userinformation to a RADIUS client like a VPN. The administrator can add a policy to include the resolver and the realm of a user who authenticated successfully. This response data can then be used in the FreeRADIUS plugin and modified by regular expressions to add any arbitrary RADIUS attribute in the RADIUS response, which then would be sent to the VPN. This additional information can be used by Cisco ASA, Citrix Netscaler or any other enterprise grade VPN to put the user into certain subnets or to assign resource to the user.
A bug in the WebUI can lead to disclosure of the credentials of previously logged in users. Under certain conditions a local, physical attacker can get access to passwords of previously logged in users from the WebUI. Details Preconditions This problem occurs, if the following conditions apply: A logged in […]