Two factor authentication for shibboleth

Cantor, Scott cantor.2 at
Fri Feb 15 21:06:24 EST 2013

On 2/15/13 3:04 PM, "Jared Hoffman" <hoffmanj at> wrote:

>Has anyone had any experience integrating Shibboleth with two factor
>authentication? The two vendors we are looking at, which claim they
>can work with shibboleth, are RSA and Safe-Net. If you have any
>experience with these and shibboleth, please let me know if you have
>been able to make it work.

I do SecurID via a JAAS login module I got from RSA. That part's basically
nothing, it's the same as standard user/pass with Kerberos or LDAP. I
wrapped it in more custom behavior to meet local needs, but that's not so
much anything to do with two-factor.

If you qualify your use case with more details about the impact of your
two-factor approach relative to other methods you offer, and how it will
be expected to interact with SPs, I can possibly provide more details.

-- Scott

More information about the users mailing list