#8001 Need default authentication indicators for SPAKE, PKINIT and encrypted challenge preauth
Closed: fixed 3 months ago by abbra. Opened 5 months ago by tengcm.

As of release 1.17, KDC can be configured to apply authentication indicator for SPAKE, PKINIT, and encrypted challenge preauth, which is not configured in current freeIPA.


master:

  • 9c0a35f Add new authentication indicators in kdc.conf.template
  • d057040 Extend the list of supported pre-auth mechanisms in IPA server API
  • c7b938a Enable krb5 snippet updates on client update
  • 39e3704 Move certauth configuration into a server krb5.conf template
  • 179c8f4 Add a skeleton kdcpolicy plugin
  • 15ff9c8 Implement user pre-authentication control with kdcpolicy plugin
  • b66e8a1 Modify webUI to adhere to new IPA server API
  • 952dd2a Add design document

ipa-4-8:

  • e1dad72 Add new authentication indicators in kdc.conf.template
  • 67467f4 Extend the list of supported pre-auth mechanisms in IPA server API
  • b2e540c Enable krb5 snippet updates on client update
  • 80be759 Move certauth configuration into a server krb5.conf template
  • 3a8980f Add a skeleton kdcpolicy plugin
  • 76d1f94 Implement user pre-authentication control with kdcpolicy plugin
  • 3e42d74 Modify webUI to adhere to new IPA server API
  • 027e30d Add design document

Metadata Update from @abbra:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

3 months ago

master:

  • 9db6f65 Allow presence of LDAP attribute options
  • c5f3216 Add Authentication Indicator Kerberos ticket policy options
  • c02cc93 Add integration test for Kerberos ticket policy

master:

  • 094cf62 Nightly definition: use right template for krbtpolicy

ipa-4-8:

  • 4dbd689 Allow presence of LDAP attribute options
  • 14ff82f Add Authentication Indicator Kerberos ticket policy options
  • bc007ec Add integration test for Kerberos ticket policy

ipa-4-8:

  • 04cfaa1 Nightly definition: use right template for krbtpolicy

Login to comment on this ticket.

Metadata