What is an authproc filter and why should I use it? An authentication processing filter is one step of the login process in simpleSAMLphp. For example it can be useful, if you want to authenticate the first factor against LDAP and the second one against privacyIDEA. If you enable privacyIDEA […]
privacyIDEA comes with a central tool “pi-manage”. pi-manage runs on the local privacyIDEA machine. The interesting thing is, that it operates directly on the database level. So you can use pi-manage, even if your webserver is not running. One important thing is, that you can use pi-manage to manage policies! […]
End of April we will attend two conferences to present the interesting possibilities of privacyIDEA to the world. Grazer Linuxtage, Graz – Austria At the Grazer Linuxtage Friedrich will give a talk about how privacyIDEA can be an alternative for classical, proprietary two factor solutions like RSA SecurID, Vasco or […]
With privacyIDEA 2.22 we added the possibility to pass more useful userinformation to a RADIUS client like a VPN. The administrator can add a policy to include the resolver and the realm of a user who authenticated successfully. This response data can then be used in the FreeRADIUS plugin and modified by regular expressions to add any arbitrary RADIUS attribute in the RADIUS response, which then would be sent to the VPN. This additional information can be used by Cisco ASA, Citrix Netscaler or any other enterprise grade VPN to put the user into certain subnets or to assign resource to the user.