[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[EP-tech] Multi-Factor Authentication (MFA) for EPrints Login
Hi Martin,
The way that most repositories do this is to use institutional single
sign on (SSO) that will now normally have MFA baked in. EPrints
integrates with this using Shibboleth where it acts as a Service Provider:
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FShibboleth&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ldvwmnd%2BuMssugqpqjnDNEhGAeBqMSn3eou%2BvX7Q90c%3D&reserved=0
There are no plans to implement MFA directly into EPrints, as there are
existing implementations that could be integrated into EPrints on a
case-by-case basis.? If you do not have institutional SSO that allows
you to configure EPrints as a Shibboleth Service Provider, then an OAuth
implementation may be possible.? As I have not needed this, I have not
had reason to implement it.? I don't know if anyone else has tried
implementing an OAuth user authentication implementation for EPrints.
Regards
David Newman
On 21/03/2023 10:23 am, Martin Br?ndle via Eprints-tech wrote:
> *CAUTION:* This e-mail originated outside the University of Southampton.
>
> Dear all,
>
> IT security at our institution requires that all services that provide
> login to user accounts implement multi-factor authentication in some
> way (e.g. via Azure AD and Microsoft Authenticator or another
> authenticator). We must check our EPrints repository, too.
>
> Has anybody done this and could provide us with some hints how to do?
> Currently we use LDAP .
>
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FCategory%3AAuthentication&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=sY0v8OsSx9%2FECsCgLCuoRov7ubTKlwXdgN8zU3PYm4w%3D&reserved=0
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FCategory%3AAuthentication&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=sY0v8OsSx9%2FECsCgLCuoRov7ubTKlwXdgN8zU3PYm4w%3D&reserved=0>
> and sub-pages seem not to be up-to-date.
>
> Thanks in advance and kind regards,
>
> Martin
>
> --
>
> Dr. Martin Br?ndle
> Zentrale Informatik
> Universit?t Z?rich
> Stampfenbachstr. 73
> CH-8006 Z?rich
>
> mail: martin.braendle at uzh.ch <mailto:martin.braendle at uzh.ch>
> phone: +41 44 63 56705
> signature_2066573683https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Forcid.org%2F0000-0002-7752-6567&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=PKxsN3PdSbjTANdLj3XOk%2FH8Rz9cseOyQiXERgusKs4%3D&reserved=0
> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Forcid.org%2F0000-0002-7752-6567&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=PKxsN3PdSbjTANdLj3XOk%2FH8Rz9cseOyQiXERgusKs4%3D&reserved=0>
> https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.zi.uzh.ch%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=xZcTA9byl4vf5WeYzZC7j0DMqiliFWKN1ayXn4cMwzw%3D&reserved=0
> <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.zi.uzh.ch%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=HFvBIJkRqau528UyGK4g7cTHAnhZfQi8TExyYmYePKM%3D&reserved=0>
>
>
> *** Options:http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=sHn4J4zFURnZSZFRsoYdq7u%2BT9SBdwhaKAXXUW7J528%3D&reserved=0
> *** EPrints community wiki:https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=05%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Ce9d6ecfcf18a4671620708db29f82fa8%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C638149918140165207%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=C5nls4lO3PhRSSTthvLlxgeQLLegTylNAEMrmw2Xf40%3D&reserved=0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20230321/531144e6/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 173 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20230321/531144e6/attachment-0001.gif