using AWS or Office 365 logins
Submitted by Guest on Tue, 07/04/2020 - 21:22
Hi Guys,
Does anyone have any info on or know if it is even possible to:
1. add MFA (multi factor authentication) to openvpms logins
2. use some sort of single sign on or authenticator and use Office 365 or AWS etc to login to Openvpms.
I have a customer with a requirement to get rid of the VPN and I am looking to add SSL cert and increase security at the same time.
Any help would be great
Thankyou
Re: using AWS or Office 365 logins
Multi factor authentication isn't supported. That said, OpenVPMS uses Spring Security so it can potentially support anything that Spring Security supports (e.g OAuth 2.0, SAML, Kerberos).
With the existing basic authentication, you can strengthen password requirements, by configuring the security.user archetype to:
The security.user archetype is located in <OPENVPMS_HOME>/update/org/openvpms/archetype/system/security/security.user.adl in the installation.
You will need to ensure that all users are updated with new passwords if you change this archetype.
At this stage, there is no facility to expire passwords, or reset them via the UI.
Re: using AWS or Office 365 logins
Thanks for that.
Is there any documentation on using the spring security in this way?
i am unfamiliar with this feature/plugin.
Thankyou
Re: using AWS or Office 365 logins
You'll get a few hits googling "spring security 2 factor authentication".
E.g. https://www.baeldung.com/spring-security-two-factor-authentication-with-...
For OAuth, check out https://www.baeldung.com/spring-security-oauth
Note that OpenVPMS 2.1 uses Spring Security 4, while the unreleased OpenVPMS 2.2 uses Spring Security 5.
We integrate Spring Security via a confguration file: https://bitbucket.org/OpenVPMS/openvpms/src/master/openvpms-web/openvpms...