Thanks. I understand the general picture now.
--- On Fri, 8/3/12, Maxim Solodovnik <[email protected]> wrote: > Actually you can do the following: > login as generic user to OM. > Query details of user, you would like to send hash to, from > LDAP > generate hash with above details > send it to the user > > I'm afraid LDAP login should be _before_ user can get hash > like LDAP login > to your CMS, then after user is login successfully he can > get his/her hash > generated. > > On Fri, Aug 3, 2012 at 5:57 PM, Vieri <[email protected]> > wrote: > > > So basically, I need to use a "generic" admin local > user to login and then > > generate hashes for room access. > > > > If I want to "impersonate" some other user, I would > need to call > > > > setUserObjectAndGenerateRoomHash > > > > as suggested by Maxim. > > > > No LDAP authentication at all. > > > > Thanks, > > > > Vieri > > > > --- On Fri, 8/3/12, [email protected] > <[email protected]> > wrote: > > > > > Hallo Vieri, > > > > > > login into the SOAP/REST API with an LDAP user is > a > > > conceptional > > > misunderstanding. > > > > > > You would _never_ login anybody using the > SOAP/REST api to > > > actually enter a > > > conference room. > > > Login via SOAP/REST makes only sense with an Admin > (or user > > > level > > > SOAP/REST). > > > After you've logged in using SOAP/REST you can > create > > > conference rooms or > > > HASHs to directly enter a conference room. > > > So the SOAP/REST API is to realize integration > into websites > > > or any other > > > 3th party system. > > > You will not actually "Login" via SOAP with any > user, only > > > with the admin > > > to simulate other users by for example create > HASHs > > > > > > Sebastian > > > > > > 2012/8/3 Vieri <[email protected]> > > > > > > > Hi, > > > > > > > > I configured an LDAP authentication module > in > > > OpenMeetings so that when a > > > > user logs in he/she must select a "domain" > (local or > > > LDAP). > > > > This works fine on the web UI. > > > > > > > > However, when accessing via SOAP I use the > UserService > > > method: loginUser ( > > > > String SID , String username , String > userpass ) but > > > the domain can't be > > > > specified. > > > > So LDAP user authentication via SOAP fails > while > > > "local" user > > > > authentication via SOAP succeeds. > > > > > > > > The information was taken from: > > > > http://incubator.apache.org/openmeetings/UserService.html#loginUser > > > > > > > > The older (obsolete) site contains more > information > > > (!): > > > > http://code.google.com/p/openmeetings/wiki/SoapMethods#loginUser > > > > > > > > It states "Username from OpenMeetings, the > user has to > > > have Admin-rights". > > > > That makes sense although I suppose that a > "moderator" > > > level should be > > > > enough. > > > > > > > > On a fresh OpenMeetings install, LDAP users > don't > > > appear in the "User > > > > management" tool in the web UI until they > have logged > > > in at least once. > > > > So I logged in once with an LDAP user and > then logged > > > in as a local admin > > > > and changed the LDAP user's level to > "admin". > > > > > > > > Still, the SOAP login request with the LDAP > user > > > fails. > > > > > > > > getErrorByCode yields "Invalid password" > (-11). > > > > > > > > Using OM 2.0 from ASF. > > > > > > > > Any suggestions? > > > > What debug info whould you require? > > > > Or is LDAP/AD authentication unsupported via > SOAP? > > > > > > > > Thanks, > > > > > > > > Vieri > > > > > > > > > > > > > > > > > -- > > > Sebastian Wagner > > > https://twitter.com/#!/dead_lock > > > http://www.openmeetings.de > > > http://www.webbase-design.de > > > http://www.wagner-sebastian.com > > > [email protected] > > > > > > > > > -- > WBR > Maxim aka solomax >
