Forum Discussion
Multiple authentication for resource group
I need to have Firepass REQUIRE authentication from multiple external sources. Eventually I need to have 1) Client side SSL cert and 2) Ad or web form authentication. By regulation I need two factor authentication and I can get through the audit by saying the client is required to install a cert and know their current AD login.
I'm evaluating firepass now and have setup a test. I have setup both a Web form login and AD login. Both work by themselves, but I can not seem to make the Firepass REQUIRE both. So here is what I need.. user submits a POST to the my_activation.php page with the username and password. I need Firepass to both authenticate AD and web form. If either fails.. login fails.
In the future I will need client cert against a CA, AD with submitted username and password, and possibly still the webform with passed cookies (SSO mechanism).
The manually really terse on this.
Help... smart people.
psilvasAltostratus
Hi~
currently (v6.0) you can do two-factor auth with AD and client cert. There should be a check box right under your AD settings (in Authentication tab) for Require client certificate for user logon and (if you want) Perform additional client certificate check against Active Directory attribute. Check one or both, issue certs and voila. You can also require client cert for Basic http auth to external server and Form-based auth. Currently, however two-factor with AD and http auth is not supported. You can (after logon) post users FP creds to web applications for SSO at that point.
make sense?
ps