3.7.1. Defining Security Modules#
You can define several different security modules. At the moment LinOTP comes with the modules
Pkcs11SecurityModule
which is defined in the python module
linotp.lib.security.pkcs11
DefaultSecurityModule
which is defined in the python module
linotp.lib.security.default
.
But this can easily enhanced to write your own security module.
To define modules you follow this scheme in the /etc/linotp2/linotp.ini file:
linotpSecurity.some_name_1.module = linotp.lib.security.some_package_1.some_class_1
linotpSecurity.some_name_2.module = linotp.lib.security.some_package_2.some_class_2
linotpSecurity.some_name_3.module = linotp.lib.security.some_package_3.some_class_3
linotpSecurity.some_name_4.module = linotp.lib.security.some_package_4.some_class_4
You then define, which security module should be used by LinOTP. This is also done in the linotp.ini file:
linotpActiveSecurityModule = some_name_2
Note
If you define nothing in the linotp.ini LinOTP uses the default security module and will work as usual.