EPrints Technical Mailing List Archive

See the EPrints wiki for instructions on how to join this mailing list and related information.

Message: #09246

Re: [EP-tech] Multi-Factor Authentication (MFA) for EPrints Login

To: <eprints-tech@ecs.soton.ac.uk>, Martin Brändle <martin.braendle@uzh.ch>
Subject: Re: [EP-tech] Multi-Factor Authentication (MFA) for EPrints Login
From: David R Newman <drn@ecs.soton.ac.uk>
Date: Tue, 21 Mar 2023 10:36:50 +0000

Hi Martin,

The way that most repositories do this is to use institutional single sign on (SSO) that will now normally have MFA baked in. EPrints integrates with this using Shibboleth where it acts as a Service Provider:

https://wiki.eprints.org/w/Shibboleth

There are no plans to implement MFA directly into EPrints, as there are existing implementations that could be integrated into EPrints on a case-by-case basis. If you do not have institutional SSO that allows you to configure EPrints as a Shibboleth Service Provider, then an OAuth implementation may be possible. As I have not needed this, I have not had reason to implement it. I don't know if anyone else has tried implementing an OAuth user authentication implementation for EPrints.

Regards

David Newman

On 21/03/2023 10:23 am, Martin Brändle via Eprints-tech wrote:

CAUTION: This e-mail originated outside the University of Southampton.

Dear all,

IT security at our institution requires that all services that provide login to user accounts implement multi-factor authentication in some way (e.g. via Azure AD and Microsoft Authenticator or another authenticator). We must check our EPrints repository, too.

Has anybody done this and could provide us with some hints how to do? Currently we use LDAP .

https://wiki.eprints.org/w/Category:Authentication and sub-pages seem not to be up-to-date.

Thanks in advance and kind regards,

Martin

--

Dr. Martin Brändle
Zentrale Informatik
Universität Zürich
Stampfenbachstr. 73
CH-8006 Zürich

mail: martin.braendle@uzh.ch
phone: +41 44 63 56705
https://orcid.org/0000-0002-7752-6567
https://www.zi.uzh.ch
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/

References:
- [EP-tech] Multi-Factor Authentication (MFA) for EPrints Login
  - From: Martin Brändle <martin.braendle@uzh.ch>

Prev by Date: [EP-tech] Multi-Factor Authentication (MFA) for EPrints Login
Next by Date: Re: [EP-tech] Multi-Factor Authentication (MFA) for EPrints Login
Previous by thread: [EP-tech] EPrints/CRIS
Next by thread: [EP-tech] DOI handling in orcid_support_advance
Index(es):
- Date
- Thread