.. _defining_security_modules:

Defining Security Modules
-------------------------

You can define several different security modules. At the moment LinOTP comes with 
the modules 

``Pkcs11SecurityModule``
   which is defined in the python module ``linotpee.lib.security.pkcs11``

``DefaultSecurityModule``
   which is defined in the python module ``linotp.lib.security.default``.
   
But this can easily enhanced to write your own security module.

To define modules you follow this scheme in the `/etc/linotp2/linotp.ini` file::

   linotpSecurity.some_name_1.module = linotpee.lib.security.some_package_1.some_class_1
   linotpSecurity.some_name_2.module = linotpee.lib.security.some_package_2.some_class_2
   linotpSecurity.some_name_3.module = linotp.lib.security.some_package_3.some_class_3
   linotpSecurity.some_name_4.module = linotp.lib.security.some_package_4.some_class_4
   
You then define, which security module should be used by LinOTP. 
This is also done in the `linotp.ini` file::

   linotpActiveSecurityModule = some_name_2
   
   
.. note:: If you define nothing in the `linotp.ini` LinOTP uses the default security
   module and will work as usual.