Skip to content

itd/privacyidea

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

99 Commits

authmodules

authmodules

 
 

config

config

 
 

debian

debian

 
 

doc

doc

 
 

privacyidea

privacyidea

 
 

tools

tools

 
 

.coveralls.yml

.coveralls.yml

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

Changelog

Changelog

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

coveragerc

coveragerc

 
 

dependencies.dot

dependencies.dot

 
 

doxygen.conf

doxygen.conf

 
 

my-users

my-users

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

test.sh

test.sh

 
 

Repository files navigation

privacyIDEA

privacyIDEA is an open solution for strong two-factor authentication. privacyIDEA aims to not bind you to any decision of the authentication protocol or it does not dictate you where your user information should be stored. This is achieved by its totally modular architecture. privacyIDEA is not only open as far as its modular architecture is concerned. But privacyIDEA is completely licensed under the AGPLv3.

privacyIDEA is a fork of LinOTP.

Code test on travis-ci.org

Tests are running on travis-ci.org. See the test coverage at coveralls.io.

Build Status Coverage Status

Installation

Installing privacyIDEA can be performed easily by issuing the commands::

$ pip install privacyidea

privacyIDEA comes with its own user authentication for administrators and normal users. Thus you can start directly by creating the database. In the example configuration file the database is an SQLite database:: located at::

$ paster setup-app config/privacyidea.ini.example

In the config file privacyidea.ini.example the already shipped encryption key "dummy-encKey" is referenced. Of course, you should create an encryption key and change in in the privacyidea.ini.example:

$ dd if=/dev/random of=etc/privacyidea/encKey bs=1 count=96

Then start the webserver by issuing::

$ paster serve config/privacyidea.ini.example

Authentication

privacyIDEA has one login window at https://localhost:5001 to login for either as normal users or administrators. You need to create the first administrator to login. This administrator than can

  • create UserIdResolvers

  • a realm

  • and enroll tokens. To create an administrator do this:

    $ privacyidea-create-pwidresolver-user -u -p -i 1000 >> config/admin-users

You then can login with the user and the password . All the administrators are stored in the file defined in the privacyIDEA.ini entry "privacyideaSuperuserFile".

Options

You can adapt the file etc/privacyidea/privacyidea.ini.example. There you need to configure the database connection with an existing database and user:

sqlalchemy.url = mysql://user:password@localhost/privacyIDEA

Then you can create the database like above:

$ paster setup-app etc/privacyidea/privacyidea.ini.example

You can change the location of your log file:

$ mkdir /var/log/privacyidea

Authentication

You can use the web API to authenticate users. If you enrolled a token for a user, you can authenticate the user by calling the URL::

http://yourserver:5001/validate/check?user=you&pass=pin123456

Yubikeys

privacyIDEA supports Yubikeys. To enroll yubikeys you need to install the admin client::

$ pip install privacyideaadm

Tests

If you want to see, if everything works fine, you can run the functional tests. There are roughly 350 sometimes complex tests, running the tests will take about 30 minutes. Do it like this::

$ python setup.py build
$ ./test.sh

Questions

Take a look at http://privacyidea.org and join the google group https://groups.google.com/forum/#!forum/privacyidea.

About

authentication system for two factor authentication (2FA)

www.privacyidea.org

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

9 tags

Packages

No packages published