Cornelius Kölbel
Cornelius Kölbel
We could even add s.th. like "This was not me, please block my token. Block my account." "Block my token for 7 days, because I am on vacation and will...
Yes. There could be even more LDAP connections, if privacyIDEA is configured this way, that the user should use his LDAP password as OTP PIN.
Sounds nice and sensible. Like low hanging fruit. Currently this could be achieved using an event handler. A command could look like this: privacyidea -U https://my.pi --admin super token yubikey_mass_enroll...
We think this should be done in the policy checking, since this can be independent from user resolving. So a checkbox in the policy if it should be independent or...
At the beginning of the development phase we need to check, if we want to change a webauthn dependency.
@wwalker0307 if the plugins sends a correctly formatted authentication request to privacyIDEA, privacyIDEA will log this request in the audit log and in the log file.
To my understanding the username is passed as hidden field to the login form? https://github.com/sbidy/privacyIDEA-ADFSProvider/blob/master/privacyIDEAADFSProvider/AdapterPresentationForm.cs#L50 So the username should be available. Could it be, that someone manages to enter an...
So the username should be a hidden field in the login dialog. Did you check the source code of the otp login html page, if the username is actually contained?...
Maybe you can also log the User-Agent in the Big IP, so you can be sure, if this problem only occurs on certain clients.