Revision history [back]

click to hide/show revision 1
initial version

Requiring Multiple Authentication Mechanisms

Hello all,

I am working on an AllJoyn service for a device, and I would like to require clients to authenticate via an exchange of PIN (representing a serial number on the physical unit) as well as a personally unique username/password.

Building off of the secure examples in the C++ SDK, I have been able to enable peer security on both ends with SRP_KEYX for the PIN exchange, as well as SRP_LOGON for the username/password authentication. However, the authentication interface only seems to require one, and will therefore allow consumer app access to the secured interface after just exchanging the PIN number.

Is there a way to force a request of all three (PIN, username, & password) and then compare them to the service keystore?