from mobile (sorry for typos ;)
On Thu, Dec 29, 2022, 01:40 Ali Alhaidary <ali.alhaid...@the5stars.org> wrote: > Yes, I know that these lines were added, as you can see in my previous > post, however, I did not change it assuming that the application will > perform as usual until we set 2 factor authentication. > Yes, this was the plan :) Must be some misunderstanding, I was surprised to see you are asking foe values while they were in your mail :) Is there and keys I should add to the database on build#205 ? > You might add configuration value to the db if you would like to enable OTP It is disabled by default I can't help better without knowing actual error :( Please check the log (it always should be the first step :)) Ali > On 12/28/22 2:10 PM, Maxim Solodovnik wrote: > > The following section has been added :) > > > ################## Time-based One Time Password ################## > ## Please NOTE these values need to be changed BEFORE users will set-up > OTP for themselves > ## otherwise they can't login > > # NOTE Config->application.name will be used if blank > otp.issuer= > otp.ntp.server=pool.ntp.org > ## milliseconds > otp.ntp.timeout=3000 > > > > > > from mobile (sorry for typos ;) > > > On Wed, Dec 28, 2022, 16:25 Ali Alhaidary <ali.alhaid...@the5stars.org> > wrote: > >> Is it possible just to pint it out please? >> >> Ali >> On 12/27/22 6:53 PM, Maxim Solodovnik wrote: >> >> I would start with examine the logs >> >> and will add missing key-value part to openmeetings.properties :) >> >> On Tue, 27 Dec 2022 at 19:00, Ali Alhaidary <ali.alhaid...@the5stars.org> >> wrote: >> >>> Where and what ? :-) >>> >>> Ali >>> On 12/27/22 8:13 AM, Maxim Solodovnik wrote: >>> >>> you have to add new values to your config :) >>> >>> #206 is at demo-next >>> seems to work as expected :) >>> >>> On Tue, 27 Dec 2022 at 10:37, Ali Alhaidary <ali.alhaid...@the5stars.org> >>> wrote: >>> >>>> No, I did not change anything in openmeetings.properties as we want to >>>> use om as before initially... >>>> >>>> ################## Time-based One Time Password ################## >>>> ## Please NOTE these values need to be changed BEFORE users will set-up >>>> OTP for themselves >>>> ## otherwise they can't login >>>> >>>> # NOTE Config->application.name will be used if blank >>>> otp.issuer= >>>> otp.ntp.server=pool.ntp.org >>>> ## milliseconds >>>> otp.ntp.timeout=3000 >>>> >>>> >>>> On 12/27/22 4:44 AM, Maxim Solodovnik wrote: >>>> >>>> Anything suspicious in the log? >>>> Have you updated openmeetings.properties with "otp" specific values? >>>> >>>> from mobile (sorry for typos ;) >>>> >>>> >>>> On Mon, Dec 26, 2022, 22:54 Ali Alhaidary <ali.alhaid...@the5stars.org> >>>> wrote: >>>> >>>>> Could not login from moodle plugin, and (HTTP Status 404 – Not Found) >>>>> in stand alone app. >>>>> >>>>> Ali >>>>> On 12/26/22 5:18 PM, Ali Alhaidary wrote: >>>>> >>>>> Seems ok, and translated... >>>>> >>>>> Ali >>>>> On 12/26/22 8:37 AM, Maxim Solodovnik wrote: >>>>> >>>>> Seems to be implemented >>>>> I would appreciate if someone can test this new functionality >>>>> (And wording :))) >>>>> >>>>> On Thu, 22 Dec 2022 at 14:14, Maxim Solodovnik <solomax...@gmail.com> >>>>> wrote: >>>>> >>>>>> >>>>>> >>>>>> On Thu, 22 Dec 2022 at 14:01, seba.wag...@gmail.com < >>>>>> seba.wag...@gmail.com> wrote: >>>>>> >>>>>>> Sry I did not have enough time. But it would be a good feature to >>>>>>> add. >>>>>>> >>>>>>> Also a good message we can share around enhancing OpenMeetings >>>>>>> security. Relevant for many education/public environments. >>>>>>> >>>>>> >>>>>> I agree :)) >>>>>> Will update JIRA/demo-next when will have something working :) >>>>>> >>>>>> >>>>>>> >>>>>>> Thx >>>>>>> Seb >>>>>>> >>>>>>> Sebastian Wagner >>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>> Video-Conferencing OpenMeetings >>>>>>> >>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>> >>>>>>> >>>>>>> On Thu, 22 Dec 2022 at 18:37, Maxim Solodovnik <solomax...@gmail.com> >>>>>>> wrote: >>>>>>> >>>>>>>> https://issues.apache.org/jira/browse/OPENMEETINGS-2755 >>>>>>>> >>>>>>>> will try to implement it :) >>>>>>>> >>>>>>>> On Wed, 3 Aug 2022 at 13:45, Ali Alhaidary < >>>>>>>> ali.alhaid...@the5stars.org> wrote: >>>>>>>> >>>>>>>>> +1 >>>>>>>>> >>>>>>>>> Yes, why not... >>>>>>>>> >>>>>>>>> Ali >>>>>>>>> On 8/3/22 8:34 AM, Maxim Solodovnik wrote: >>>>>>>>> >>>>>>>>> we already have BSD 3-clause: >>>>>>>>> https://github.com/apache/openmeetings/blob/master/LICENSE#L2479 >>>>>>>>> will need to add one line only :) >>>>>>>>> >>>>>>>>> On Wed, 3 Aug 2022 at 12:25, seba.wag...@gmail.com < >>>>>>>>> seba.wag...@gmail.com> wrote: >>>>>>>>> >>>>>>>>>> There seem to be a few options for Google using Java >>>>>>>>>> E.g. https://github.com/wstrange/GoogleAuth >>>>>>>>>> >>>>>>>>>> I don't quite see in that lib how it generates the QR code for >>>>>>>>>> scanning but there should be a way :) >>>>>>>>>> >>>>>>>>>> The BSD license would require us to add a copy left into our >>>>>>>>>> License file, but in general it would be compatible imho. >>>>>>>>>> >>>>>>>>>> Thanks >>>>>>>>>> Seb >>>>>>>>>> >>>>>>>>>> Sebastian Wagner >>>>>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>>>>> Video-Conferencing OpenMeetings >>>>>>>>>> >>>>>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Wed, 3 Aug 2022 at 16:12, Maxim Solodovnik < >>>>>>>>>> solomax...@gmail.com> wrote: >>>>>>>>>> >>>>>>>>>>> Hello Seb, >>>>>>>>>>> >>>>>>>>>>> Sorry for a late response, I'm on vacation :) >>>>>>>>>>> >>>>>>>>>>> I would >>>>>>>>>>> +1 this feature :) >>>>>>>>>>> >>>>>>>>>>> The problems we'll need to solve >>>>>>>>>>> - add 2fa mechanisms other than email (not sure if apps like >>>>>>>>>>> "Google authenticator" has open source API :(, we can use telegram >>>>>>>>>>> API ....) >>>>>>>>>>> - we'll need to move this out of om_user db table (maybe with >>>>>>>>>>> activation_hash and *reset-password-hash* >>>>>>>>>>> >>>>>>>>>>> Need to be investigated and carefully refactored :) >>>>>>>>>>> >>>>>>>>>>> from mobile (sorry for typos ;) >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Wed, Aug 3, 2022, 10:15 seba.wag...@gmail.com < >>>>>>>>>>> seba.wag...@gmail.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> Not many pros or cons in this discussion. >>>>>>>>>>>> >>>>>>>>>>>> But I think it would be a good option to have available for >>>>>>>>>>>> users. As well as a good feature to advertise for. Especially in >>>>>>>>>>>> order to >>>>>>>>>>>> use OpenMeetings in a Gov/Education environment where compliance >>>>>>>>>>>> may >>>>>>>>>>>> require to have 2 factor auth for applications in order for using >>>>>>>>>>>> it. >>>>>>>>>>>> >>>>>>>>>>>> So I assume I can create some tickets and get this on the way. >>>>>>>>>>>> >>>>>>>>>>>> Thanks >>>>>>>>>>>> Seb >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Sebastian Wagner >>>>>>>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>>>>>>> Video-Conferencing OpenMeetings >>>>>>>>>>>> >>>>>>>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Mon, 1 Aug 2022 at 09:31, seba.wag...@gmail.com < >>>>>>>>>>>> seba.wag...@gmail.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> I would like to add a ticket to investigate and look into >>>>>>>>>>>>> adding 2 factor authentication to OpenMeetings. As an optional >>>>>>>>>>>>> feature, >>>>>>>>>>>>> default would be turned off. >>>>>>>>>>>>> >>>>>>>>>>>>> There are various libraries to achieve 2 factor auth. I would >>>>>>>>>>>>> probably prefer using the Google Authenticator as a method since >>>>>>>>>>>>> it seems >>>>>>>>>>>>> the most widely adopted authenticator. >>>>>>>>>>>>> >>>>>>>>>>>>> In terms of turning it on/off I would add 2 flags: >>>>>>>>>>>>> - On a per server basis a flag to generally turn 2 factor >>>>>>>>>>>>> auth on or off >>>>>>>>>>>>> - On a per individual account basis so you can turn 2 factor >>>>>>>>>>>>> auth on/off for an individual user >>>>>>>>>>>>> >>>>>>>>>>>>> This would not affect past installations. >>>>>>>>>>>>> This would not affect logging in via Soap/Rest. >>>>>>>>>>>>> >>>>>>>>>>>>> I think this would be a good feature to improve security. >>>>>>>>>>>>> >>>>>>>>>>>>> Let me know what you think, and I will add a ticket and look >>>>>>>>>>>>> into adding this over the next few weeks. >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks >>>>>>>>>>>>> Seb >>>>>>>>>>>>> >>>>>>>>>>>>> Sebastian Wagner >>>>>>>>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>>>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>>>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>>>>>>>> Video-Conferencing OpenMeetings >>>>>>>>>>>>> >>>>>>>>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>>>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Best regards, >>>>>>>>> Maxim >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Best regards, >>>>>>>> Maxim >>>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> Best regards, >>>>>> Maxim >>>>>> >>>>> >>>>> >>>>> -- >>>>> Best regards, >>>>> Maxim >>>>> >>>>> >>> >>> -- >>> Best regards, >>> Maxim >>> >>> >> >> -- >> Best regards, >> Maxim >> >>
