Is it possible to have multiple authentication sources enabled in Redmine.
This is to say that I can login using both my google apps account and/or my existing redmine username and password.
Yes.
You can mix and use at the same time internal redmine accounts, OpenID and LDAP.
Related
Iam using Moodle 10+ and I have done a manual enrolment for an user and also try using 0365 integration (oidc ) for the same user. Integration is done successfully and also syncing as expected. Using Active Directory sync user is matched and 0365 record is created successfully.
Now the problem is that it appears that every user can have only one authentication enabled. I wish users can either use manual authentication or Oidc to log in to their account.
Anyone has successfully implemented two authentication for a same account?
It’s throwing error when logged in using oidc for a same user who’s auth field in mdl_usr is set to manual. If I change to oidc he can’t login using manual.
Is there any solution for this?
Thanks in advance
You can only have one authentication method per user.
https://docs.moodle.org/311/en/Authentication_FAQ#Can_a_user_have_more_than_one_authentication_method.3F
With manual authentication, the password is stored in Moodle.
With OAuth2, the password is stored on the remote server.
So you can't mix them.
We are currently working on an Angular node application which uses WSO2 Api Manager and Identity Server . The current mode of login is done through emails which gets saved as WSO2 Carbon users . We need to allow users to login using their google or facebook accounts using OAuth2. I have implemented the code for fetching access token,refresh token on login through google on click of a button from my app . But How can i link it to save this user as a user in our application's identity server . I found the below link which helps in the process: https://docs.wso2.com/display/IS570/Logging+in+to+an+Application+Using+Google#50629d9a6ddf4769ae2d8953c5a25645 .
Can anyone suggest me whether this one would help ?
I would like to know how the google account user details will be saved as a user in our identity manager ?
Is it possible ? If possible, what all data will i get from google ?
I assume that you have already done the configurations for the communication between your application and the WSO2 Identity Server according to the description in the question.
From the description, I'm not certain that you have done the configurations to federate the login to Google. Follow the below steps if you already haven't done so.
Generate OAuth client ID from the google developer console.
Configure a federated authenticator in WSO2 IS with google authenticator using the generated client id and secret values.
Add newly created IDP as an option to the first step of your application.
More information can be found in here. From Google, you can get email and default profile attributes of the user. Reference.
Follow the same steps for Facebook login as well. More information available here.
Now the federated login is configured. Now you need to enable JIT provisioning for the configured Identity Providers above to save the user in the Identity Server when the user is logged in with those social login options. More information available in here. You have a few modes to create the user in the Identity Server.
How do i implement unique alphanum auth in my ios mobile app using azure, i sort of did this by inserting a unique alphanum value in one of the SQLServer database user tables and when the user enters the unique code in the UI i check in the backend if the value is valid and let him in, but how can i really restrict the tables to only Authenticated users in the database? I am also not able to make my app build using username and password in Azure Auth since it only supports AD,Microsoft,FB and Twitter. Can anyone help me in this regard?
unique-code-screenshot
permissions_screenshot
Be able to make my app build using username and password in Azure Auth
By default, as you said above, it only supports AD, Microsoft, FireBase and Twitter. So we need to do this by ourselves. We need to add authentication feature via writing code in backend project. There are two type of backend we can use: .NET and Node.js, for more information about backend SDK, we can refer to:
.NET Backend SDK
Azure Mobile Apps - Node SDK
how can i really restrict the tables to only Authenticated users in the database
We need to do this at Backend: Restrict permissions to authenticated users
Lee Liu just provided some common tutorials about Azure Mobile Apps. Based on my experience, you could build your custom provider instead of the build-in identity providers to implement your requirement.
I am also not able to make my app build using username and password in Azure Auth since it only supports AD,Microsoft,FB and Twitter. Can anyone help me in this regard?
Based on your description, I assumed that you are using the Authentication and authorization in Azure App Service. If the build-in identity providers could not meet your requirement, you could also build your own custom identity provider (e.g. username/password against your database,etc) and you could also leverage the features provided by App Service Authentication /Authorization (Easy Auth).
For achieving this approach, you could follow How to: Use custom authentication for your application for .NET backend. Moreover, you could follow adrian hall's blog about Custom Authentication for detailed tutorial. For NodeJS backend, you could follow 30 DAYS OF AZURE MOBILE APPS.
Our company has a Rails application hosted on Heroku. It currently uses Devise for user authentication.
One of our clients wants to know if their users could access our application using their ADFS implementation.
Would we be able to use Heroku Integrated security with Identity
Federation?
Would we need a 3rd party like Auth0?
Can Devise use ADFS?
Should we use OmniAuth SAML?
Not sure where to start.
I work at Stormpath, we provide an addon service in the Heroku webstore: https://elements.heroku.com/addons/stormpath
Stormpath lets you store users and authenticate them against the typical username/password stuff, AD / LDAP, SAML providers, social login providers, etc.
It pretty much supports all of the stuff you'd want to do around authentication / authorization.
Now: the way the AD stuff works is pretty cool. You have to have your client install an AD agent on their network which will basically create a reverse tunnel between their network and Stormpath.
That agent will then copy over user data into Stormpath (usrenames, email, groups, etc.), but NOT password hashes.
When a user authenticates against your site, and you make the request to Stormpath -- we'll basically talk to your AD server over that tunnel, authenticate the user against your AD server, then return a 'standardized' Stormpath Account model to make it easier to work with.
All in all: it's a really nice solution that works really well in production.
I'm building a simple authentication system that will allow multiple providers for a single user. I'm using omniauth and devise. Is there a way to unlink a particular provider for a single user from my application?
By unlinking provider I mean removing the user from oauth application and removing data (uid and things like that) about this particular provider (Facebook, Twitter) from my database. That is, the user will not be able to sign in using Facebook, for example, anymore after unlinking.
I've already checked this and it does not helper too much. I've also checked out devise and omniauth docs. It seems that there's no built in way of achieving this. Do I have to make requests by myself to each provider in order to unlink an OAuth token?
No, OmniAuth and Devise do not have this "feature" built-in. You would have to implement it as a separate controller, that would manage user providers.