SecSign ID Plugin: Typo3

2016-11-22 5 minutes to read

Use SecSign ID Typo3 two-factor authentication on your Typo3 site with an easy and highly secure user login using iOS or Android mobile devices as well as for desktop use.

SecSign ID is an extension for real two-factor authentication (2FA) for Typo3 sites. 2FA adds another layer of security to your website by using a second token. In this case the physical token is your smartphone. If you need for more information about about two-factor authentication have a look at our Github site.

Integration

Integration of the plugin into your setup

SecSign ID Integration

Please configure your desired integration of the SecSign ID Two Factor Authentication

Choose a system, where you want to add the secure login

Do you need your own ID Server inside your protected network or prefer if we manage and maintain it for you

The location to save the assigned SecSign IDs to a user account or the IDM alltogether

System to protect
?
The System you want to protect - Choose a system, where you want to add the secure login
SecSign ID Server location
?
Do you need your own ID Server inside your protected network or prefer if we manage and maintain it for you
User account location
?
The system to save the assigned SecSign IDs to a user account or the IDM alltogether
edit the settings to change the integration
Authentication
2FA
2FA blind
2FA no AP
2SA
2SA no AP
2SA blind
OTP
Enrollment
Custom ID
Pattern
IDP Custom Website
Enrollment initiated by SP
Enrollment with IDM
Show Network
Hide Network
Fullscreen
Request Solution
x
The authentication was successful
Installation

Installation of the plugin

Prerequisites

  1. A working Typo3 8.x, 9.x or 10.x Installation
  2. Curl has to be activated (Open the Install-Tool and check the Parameter [SYS][curlUse] under the
    section “All Configuration”)
  3. The extension file secsign.zip

ty1

Installation

  1. Log into the Typo3 backend and click on “Admin Tools > Extension Manager” in the main menu.
  2. If you have the installation file, click on the “Upload Extension” button, select the downloaded zip archive in the opening form and hit “Upload!”.
  3. If you do not have the installation file, click “Get Extension”, update the extension list, search for “secsign” and click on the cloud logo to install the extension.
Configuration

Configuration of the plugin

The configuration panel lets you manage the extension behavior for the Frontend and Backend login process.

  1. Log into the Typo3 backend and click on “Admin Tools > Extension Manager” in the main menu
  2. Search for the SecSign ID Extension and click on the “Configure” icon in the “Actions” column
  3. You are going to find the following options:

ty2

General:
  • Service name: The service name will be shown in the SecSign App.
  • Frontend Activated: If this option is deactivated, only login with username and password is required for frontend. 2FA is deactivated, independent of any other settings.
  • Backend Activated:If this option is deactivated, only login with username and password is required for backend. 2FA is deactivated, independent of any other settings.
  • Automatic creation of SecSign IDs: You can choose how SecSign IDs should be created if a user not yet created one. (e.g. username as SecSign ID)
  • Pattern for new SecSign IDs (only for ‘Use Pattern’ as Automatic process): If you choose pattern for automatic SecSign IDs, you can define the pattern here.
  • Behaviour for already existing ID: If an automatic SecSign ID for a user already exists, what should be the solution for the user? (e.g. add an index)
  • Use Creation-Process with E-Mail confirmation code: By activating this option the creation process will contain a confirmation code that is sent to the mail address of the user. This increases the security, as the user also needs access to the mail address to create the SecSign ID and enter the system. If no mail address is saved, the ID is created without mail confirmation.
Layout:
  • FE-Login Logo: You can show a custom logo above the Login heading on the frontend login.
  • Login Heading Text: You can change the heading of the login.
  • Heading color: You can change the color of the login heading.
  • Label color: You can change the color of the labels for username and password.
  • Button color: You can change the color of the buttons on the login.
  • Button text color: You can change the color of the text on the buttons.
Server: (nur für on-premise-Setups)
  • Server URL: You can enter the url of your SecSign-ID server here.
  • PinAccount User: You need a PIN-Account to identify the plugin to the server. You can enter the username for that user here.
  • PinAccount Password:You can enter the PIN-Account Password here.
Support:
  • DEBUG logging: If you activate this option, the add-on loggs into the typo3 log.
Display the FE Login Form

Display the FE Login Form

In order to use the SecSign ID frontend login, you need to assign it to a page.

  1. Log into the Typo3 backend and click on a page in the page view
  2. Create a new content element by clicking on a “+Content” button or edit an existing one by using the pen-button
  3. Choose SecSign Login on the form-elements tab
  4. Save changes.

ty3

FE User Configuration

FE Configuration

To use the SecSign ID Typo3 two factor authentication on your website, you need to activate it for an existing user group or create a new one.

  1. Go to your Typo3 backend and open a website group page
  2. Activate ‘Needs 2FA Authentication’
  3. Save changes.
  4. Now a selection view appears, where you can choose the methods that should be allowed for the group.
  5. Save your changes again.

ty4

BE User Configuration

BE Configuration

To use the SecSign ID Typo3 two factor authentication on backend, you need to activate it for an existing user group or create a new one.

  1. Go to your Typo3 backend and open a backend group page
  2. Activate ‘Needs 2FA Authentication’
  3. Save changes.
  4. Now a selection view appears, where you can choose the methods that should be allowed for the group.
  5. Save your changes again.

ty5

Your own ID-Server

On premise installations of SecSign ID offer the flexibility to connect with your preferred servers, services, and devices. And you can customize the SecSign ID with your own organization’s branding.

Learn More
On Premise 2FA ID

Latest Blog Posts, Updates & Features

SecSign ID Server passed FIDO Certification

We are happy to announce that the SecSign ID server has passed the official FIDO certification program of the FIDO Alliance. This will allow you to use the complete FIDO2/WebAuthn standard for passwordless 2FA sign-ins in your exi ...

Mehr Lesen

Two-Factor Authentication with Fido2 / WebAuth

The FIDO2 Project is a set of standards developed by the FIDO Alliance and the World Wide Web Consortium (W3C) to create a strong authentication protocol for the web. It consist mainly of the WebAuth standard for the browser part ...

Mehr Lesen

Protecting the Home Office VPN with 2FA

In the recent weeks, home office work has increased potentially. And while employees are practicing social distancing from their home computer, attackers are working hard to exploit security issues in this situation that is unfami ...

Mehr Lesen
SecSign 2FA