summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/system-login.xml.in108
1 files changed, 47 insertions, 61 deletions
diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in
index 7dd045e6c..def42544a 100644
--- a/interface-definitions/system-login.xml.in
+++ b/interface-definitions/system-login.xml.in
@@ -8,62 +8,6 @@
<priority>400</priority>
</properties>
<children>
- <node name="authentication">
- <properties>
- <help>Global authentication settings</help>
- </properties>
- <children>
- <node name="otp">
- <properties>
- <help>2FA OTP authentication parameters</help>
- </properties>
- <children>
- <leafNode name="rate-limit">
- <properties>
- <help>Number of attempts. Limit logins to N per every M seconds</help>
- <valueHelp>
- <format>u32:1-10</format>
- <description>Number of attempts. Limit logins to N per every M seconds</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-10"/>
- </constraint>
- <constraintErrorMessage>Number of login attempts must me between 1 and 10</constraintErrorMessage>
- </properties>
- <defaultValue>3</defaultValue>
- </leafNode>
- <leafNode name="rate-time">
- <properties>
- <help>Time interval. Limit logins to N per every M seconds</help>
- <valueHelp>
- <format>u32:15-600</format>
- <description>Time interval. Limit logins to N per every M seconds</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 15-600"/>
- </constraint>
- <constraintErrorMessage>Rate limit time interval must be between 15 and 600 seconds</constraintErrorMessage>
- </properties>
- <defaultValue>30</defaultValue>
- </leafNode>
- <leafNode name="window-size">
- <properties>
- <help>Set window of concurrently valid codes</help>
- <valueHelp>
- <format>u32:1-21</format>
- <description>Set window of concurrently valid codes</description>
- </valueHelp>
- <constraint>
- <validator name="numeric" argument="--range 1-21"/>
- </constraint>
- <constraintErrorMessage>Window of concurrently valid codes must be between 1 and 21</constraintErrorMessage>
- </properties>
- <defaultValue>3</defaultValue>
- </leafNode>
- </children>
- </node>
- </children>
- </node>
<tagNode name="user">
<properties>
<help>Local user account information</help>
@@ -75,7 +19,7 @@
<children>
<node name="authentication">
<properties>
- <help>Password authentication</help>
+ <help>Authentication settings</help>
</properties>
<children>
<leafNode name="encrypted-password">
@@ -94,18 +38,60 @@
</leafNode>
<node name="otp">
<properties>
- <help>2FA OTP authentication parameters</help>
+ <help>One-Time-Pad (two-factor) authentication parameters</help>
</properties>
<children>
+ <leafNode name="rate-limit">
+ <properties>
+ <help>Limit number of logins (rate-limit) per rate-time</help>
+ <valueHelp>
+ <format>u32:1-10</format>
+ <description>Number of attempts</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-10"/>
+ </constraint>
+ <constraintErrorMessage>Number of login attempts must me between 1 and 10</constraintErrorMessage>
+ </properties>
+ <defaultValue>3</defaultValue>
+ </leafNode>
+ <leafNode name="rate-time">
+ <properties>
+ <help>Limit number of logins (rate-limit) per rate-time</help>
+ <valueHelp>
+ <format>u32:15-600</format>
+ <description>Time interval</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 15-600"/>
+ </constraint>
+ <constraintErrorMessage>Rate limit time interval must be between 15 and 600 seconds</constraintErrorMessage>
+ </properties>
+ <defaultValue>30</defaultValue>
+ </leafNode>
+ <leafNode name="window-size">
+ <properties>
+ <help>Set window of concurrently valid codes</help>
+ <valueHelp>
+ <format>u32:1-21</format>
+ <description>Window size</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-21"/>
+ </constraint>
+ <constraintErrorMessage>Window of concurrently valid codes must be between 1 and 21</constraintErrorMessage>
+ </properties>
+ <defaultValue>3</defaultValue>
+ </leafNode>
<leafNode name="key">
<properties>
- <help>Token Key Secret key for the token algorithm (see RFC 4226)</help>
+ <help>Key/secret the token algorithm (see RFC4226)</help>
<valueHelp>
<format>txt</format>
- <description>OTP key (base32 encoded secret)</description>
+ <description>Base32 encoded key/token</description>
</valueHelp>
<constraint>
- <regex>[a-zA-Z2-7]{20,10000}</regex>
+ <regex>[a-zA-Z2-7]{26,10000}</regex>
</constraint>
<constraintErrorMessage>Key must only include base32 characters and be at least 26 characters long</constraintErrorMessage>
</properties>