SecSign ID Plugin: Typo3

2016-11-22 5 minutes to read

Use SecSign ID Typo3 two-factor authentication on your Typo3 site with an easy and highly secure user login using iOS or Android mobile devices as well as for desktop use.

SecSign ID is an extension for real two-factor authentication (2FA) for Typo3 sites. 2FA adds another layer of security to your website by using a second token. In this case the physical token is your smartphone. If you need for more information about about two-factor authentication have a look at our Github site.

Integration

Integration of the plugin into your setup

SecSign ID Integration

Please configure your desired integration of the SecSign ID Two Factor Authentication

Choose a system, where you want to add the secure login

Do you need your own ID Server inside your protected network or prefer if we manage and maintain it for you

The location to save the assigned SecSign IDs to a user account or the IDM alltogether

System to protect
?
The System you want to protect - Choose a system, where you want to add the secure login
SecSign ID Server location
?
Do you need your own ID Server inside your protected network or prefer if we manage and maintain it for you
User account location
?
The system to save the assigned SecSign IDs to a user account or the IDM alltogether
edit the settings to change the integration
Authentication
2FA
2FA blind
2FA no AP
2SA
2SA no AP
2SA blind
OTP
Enrollment
Custom ID
Pattern
IDP Custom Website
Enrollment initiated by SP
Enrollment with IDM
Show Network
Hide Network
Fullscreen
Request Solution
x
The authentication was successful
Installation

Installation of the plugin

Prerequisites

  1. A working Typo3 6.2 LTS Installation on PHP 5.3.7
    or higher
  2. Curl has to be activated (Open the Install-Tool and check the Parameter [SYS][curlUse] under the
    section “All Configuration”)
  3. The extension file secsign.zip

ty1

Installation

  1. Log into the Typo3 backend and click on “Admin Tools > Extension Manager” in the main menu.
  2. If you have the installation file, click on the “Upload Extension” button, select the downloaded zip archive in the opening form and hit “Upload!”.
  3. If you do not have the installation file, click “Get Extension”, update the extension list, search for “secsign” and click on the cloud logo to install the extension.
Configuration

Configuration of the plugin

The configuration panel lets you manage the extension behavior for the Frontend and Backend login process.

  1. Log into the Typo3 backend and click on “Admin Tools > Extension Manager” in the main menu
  2. Search for the SecSign ID Extension and click on the “Configure” icon in the “Actions” column
  3. Under the front- and backend tab you are going to find the following options

ty2

Frontend:

Service name: The name of this web site as it shall be displayed on the user’s smart phone.

Login Redirection Page: Select the page the user will be redirected to after a successful login. If empty, the user will return to the same page.

Logout Redirection Page: Select the page the user will be redirected to after successfully ending their current session by logging out. If empty, the user will return to the same page.

Enable Frontend Password Login: Enables the Typo3 password login for frontend users. To improve security, you should always use SSL if you enable this option.

Enable Frontend frame and box-shadow: Change the layout of the SecSign ID frontend login form.

Show Greeting: Show or hide the simple greeting text.

Show Name/Username: Displays the Typo3 name or SecSign ID after login.

Backend:

Enable Backend: Use SecSign ID for backend authentication. JavaScript needs to be enabled in your browser.

Disable Typo3 password login: If the SecSign ID backend authentication is enabled, you can disable the backend login with Typo3 credentials. Users without a valid SecSign ID are not able to login anymore.

Help: Displays the Help page under Admin Tools – Secsign ID. Reload backend after change.

Syslog: Writes all backend login errors to the syslog.

Display the FE Login Form

Display the FE Login Form

In order to use the SecSign ID frontend login, you need to assign it to a page.

  1. Log into the Typo3 backend and click on a page in the page view
  2. Create a new content element by clicking on a “Add a new record” icon and choose “Plugins > General Plugin” in the opening form
  3. Click on the plugin tab, choose “secsignFE” and save your changes

ty3

FE User Configuration

FE User Configuration

To use the SecSign ID Typo3 two factor authentication on your website, you need to assign a SecSign ID to a frontend user profile.

  1. Go to your Typo3 backend and open a website user profile
  2. Assign a SecSign ID to the profile to allow SecSign ID Typo3 two factor authentication

ty4

BE User Configuration

BE User Configuration

To use the SecSign ID Typo3 two factor authentication on your backend login, you need to assign a SecSign ID to a backend user profile.

  1. Go to your Typo3 backend and click on “System > Backend Users” at the main menu
  2. Assign a SecSign ID to the user profile to allow SecSign ID Typo3 two factor authentication

ty5

Troubleshooting

Troubleshooting

If you enabled the SecSign ID backend login and locked yourself out, do the following steps in order to disable the SecSign ID backend login

  1. Go to “typo3conf/localConfiguration.php” via ftp and search for “secsignEnableBE”
  2. Change s:15:”secsignEnableBE”;s:1:”1“; to s:15:”secsignEnableBE”;s:1:”0“;
  3. Save the changes and reload the backend login page

If you log into the typo3 backend with your SecSign ID and you always get back to the login screen, do the following:

  1. Make sure you assigned a SecSign ID to your Typo3 user (see 4).
  2. Make sure you enable the system_log in the SecSign configuration (see 2).
  3. Try to login again and then check “System > Log” for SecSign errors. If you can’t login use the method above or checkout the sys_log SQL table.

Your own ID-Server

On premise installations of SecSign ID offer the flexibility to connect with your preferred servers, services, and devices. And you can customize the SecSign ID with your own organization’s branding.

Learn More
On Premise 2FA ID

Latest Blog Posts, Updates & Features

Options for secure SSO for Atlassian products

Options for securing Atlassian SSO Your users and passwords and services are all over the place? You want to simplify your security and authentication setup but you don’t know where to start? Move beyond your authentication ...

Mehr Lesen

Multi-Factor Authentication powered IdM/IAM

Multi-Factor Authentication powered IdM/IAM with SecSign ID Your users and passwords and services are all over the place? You want to simplify your security and authentication setup but you don’t know where to start? Move bey ...

Mehr Lesen

Atlassian JIRA and Confluence Two-Step Authentication and IP-SafeZone

With SecSign ID you can protect all your logins with a secure Two-Factor Authentication based on a challenge response. The authentication offers the highest protection for the company data while being incredibly simple to us ...

Mehr Lesen