Regarding webauthn2 integration project

@zopyx Apologies for the late doubt calls

I was understanding the PAS plugin behavior

  1. Does default authentication also happens via plugin?
  2. additional authentication plugin like authomatic and googleauthenticator doesn't account for registering/adding the user would the new plugin be the same?

if it does account for registering the user would that be with user of usermanagement plugin?

or registering and authentication would be handled by 2 different plugin?

A plugin that supports authentication will be asked by PAS (if installed and configured) "can you authenticate the given credentials":

Alright so it will ask each plugin one by one?

All plugins registered for a certain task (like authenticiation, authorization) are ordered (and can be ordered by the administrator) in terms of "first ask LDAP, then ask Plone" as a site-wide configuration.
So the Plone authentication part will ask all authentication plugins in their pre-defined order if they can authenticate given credentials. The first plugin that can authenticate a user, wins.

A default PAS configuration for the authentication part looks like this (with source_users being the Plone default user database).

1 Like

okay its for modularity I guess thanks a lot.

Thanks a lot for the doubt clarifications.
I have submitted the initial draft, would be adding more details by tomorrow and finishing it
meanwhile, any views over implementation details would be appreciated ( if you can ).
thanks again!