totp-cgi icon indicating copy to clipboard operation
totp-cgi copied to clipboard

Published 20 hours ago verified publisher icon mricon

Support pincode backend failover

Open bgibson710 opened this issue 11 years ago • 3 comments

I have a setup where I want to allow multiple provisioning sources. I'm using the provided totpcgi-handler.pl file and I want to disable the ldap lookup stuff, and I'm running into difficulty. Is there an easy way to do this that I'm not seeing?

bgibson710 avatar Nov 20 '13 18:11 bgibson710

As in, you want to do multiple backends -- some account data coming from ldap, some coming from db, some coming from files?

mricon avatar Nov 20 '13 18:11 mricon

Correct. It works perfectly with my LDAP setup now, but I have a set of users that I don't want to have accounts there and I wanted to use the pincodes in a postgres database instead for those users, but still use the LDAP for the majority of my users.

bgibson710 avatar Nov 20 '13 18:11 bgibson710

Sorry, this is not currently possible -- there is no support for backend failover. Implementing it securely will be a challenge, which is why it wasn't done yet.

mricon avatar Nov 20 '13 18:11 mricon