Good to know :) Thanks for testing :) WBR, Maxim (from mobile, sorry for the typos)
On Jun 19, 2017 18:51, "Peter Dähn" <[email protected]> wrote: > Hi Maxim, > > I was a bit late for helping to figure this out... Lunch break... > > But here it comes.. > > DEBUG 06-19 13:45:32.625 UserDao.java 79903 642 > org.apache.openmeetings.db.dao.user.UserDao > [http-nio-0.0.0.0-5080-exec-6] - login:: 1 users were found > DEBUG 06-19 13:45:32.669 CryptProvider.java 79947 36 > org.apache.openmeetings.util.crypt.CryptProvider > [http-nio-0.0.0.0-5080-exec-6] - getInstanceOfCrypt:: > configKeyCryptClassName: org.apache.openmeetings.util.c > rypt.SCryptImplementation > WARN 06-19 13:45:32.708 UserDao.java 79986 478 > org.apache.openmeetings.db.dao.user.UserDao > [http-nio-0.0.0.0-5080-exec-6] - Password for user with ID 1 crypted with > outdated Crypt, updating ... > WARN 06-19 13:45:35.013 UserDao.java 82291 481 > org.apache.openmeetings.db.dao.user.UserDao > [http-nio-0.0.0.0-5080-exec-6] - Password for user User [id=1, > firstname=xxx, lastname=xxx, login=xxx, pictureuri=xxx.jpg, deleted=false, > languageId=2, address=Address [id=1, country=DE, street=street, town=town, > zip=zip, deleted=false, email=xxx@xxx, phone=phone], externalId=null, > externalType=null, type=user] updated successfully > DEBUG 06-19 13:45:35.016 AuthLevelUtil.java 82294 40 > org.apache.openmeetings.db.util.AuthLevelUtil > [http-nio-0.0.0.0-5080-exec-6] - Level Login :: [GRANTED] > > Worked for me, and the best way to handle this, I think, > > Thanks for quick fixing! > > Greetings Peter > > > Am 19.06.2017 um 12:42 schrieb Maxim Solodovnik: > >> Build 44+ from here: >> https://builds.apache.org/view/M-R/view/OpenMeetings/job/ >> Openmeetings%203.3.x/ >> >> On Mon, Jun 19, 2017 at 5:40 PM, Maxim Solodovnik <[email protected]> >> wrote: >> >> Found the issue, sorry for the noise >>> >>> On Mon, Jun 19, 2017 at 5:38 PM, Maxim Solodovnik <[email protected]> >>> wrote: >>> >>> Weird .... >>>> my tests shows crypt class can't be MD5Implementation after import .... >>>> Maybe you did any manual manipulations with DB? >>>> >>>> On Mon, Jun 19, 2017 at 5:30 PM, Maxim Solodovnik <[email protected] >>>> > >>>> wrote: >>>> >>>> Additional fix is required :( >>>>> Could you please manually change crypt class name in configuration DB >>>>> table to be org.apache.openmeetings.util.crypt.SCryptImplementation >>>>> and >>>>> restart OM? >>>>> >>>>> will try to commit changes ASAP >>>>> >>>>> On Mon, Jun 19, 2017 at 5:06 PM, Peter Dähn <[email protected]> wrote: >>>>> >>>>> Hello Maxim, >>>>>> >>>>>> checked out fresh 3.3.x code and compiled it. >>>>>> >>>>>> ######################################################## >>>>>> # Openmeetings is up # >>>>>> # 3.3.0-SNAPSHOT 5889b5beda3299418cf80ee68846ea5ce54ee9ed >>>>>> 2017/06/19 09:33 # >>>>>> # and ready to use # >>>>>> ######################################################## >>>>>> >>>>>> Import backup works so far, Login ended up in "Internal Error Page". >>>>>> Belonging Error in the log underneath. >>>>>> >>>>>> >>>>>> DEBUG 06-19 12:00:03.155 UserDao.java 162929 642 >>>>>> org.apache.openmeetings.db.dao.user.UserDao >>>>>> [http-nio-0.0.0.0-5080-exec-7] - login:: 1 users were found >>>>>> DEBUG 06-19 12:00:03.169 CryptProvider.java 162943 36 >>>>>> org.apache.openmeetings.util.crypt.CryptProvider >>>>>> [http-nio-0.0.0.0-5080-exec-7] - getInstanceOfCrypt:: >>>>>> configKeyCryptClassName: org.apache.openmeetings.util.c >>>>>> rypt.MD5Implementation >>>>>> ERROR 06-19 12:00:03.174 CryptProvider.java 162948 40 >>>>>> org.apache.openmeetings.util.crypt.CryptProvider >>>>>> [http-nio-0.0.0.0-5080-exec-7] - [getInstanceOfCrypt] >>>>>> java.lang.ClassCastException: org.apache.openmeetings.util.c >>>>>> rypt.MD5Implementation >>>>>> cannot be cast to org.apache.openmeetings.util.crypt.ICrypt >>>>>> at org.apache.openmeetings.util.crypt.CryptProvider.get(CryptPr >>>>>> ovider.java:38) >>>>>> at org.apache.openmeetings.db.dao.user.UserDao.verifyPassword(U >>>>>> serDao.java:473) >>>>>> at org.apache.openmeetings.db.dao.user.UserDao.login(UserDao.ja >>>>>> va:650) >>>>>> at org.apache.openmeetings.db.dao.user.UserDao$$FastClassBySpri >>>>>> ngCGLIB$$1492ba5a.invoke(<generated>) >>>>>> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodPro >>>>>> xy.java:204) >>>>>> at org.springframework.aop.framework.CglibAopProxy$CglibMethodI >>>>>> nvocation.invokeJoinpoint(CglibAopProxy.java:721) >>>>>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>>>>> .proceed(ReflectiveMethodInvocation.java:157) >>>>>> at org.springframework.transaction.interceptor.TransactionInter >>>>>> ceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) >>>>>> at org.springframework.transaction.interceptor.TransactionAspec >>>>>> tSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) >>>>>> at org.springframework.transaction.interceptor.TransactionInter >>>>>> ceptor.invoke(TransactionInterceptor.java:96) >>>>>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>>>>> .proceed(ReflectiveMethodInvocation.java:179) >>>>>> at org.springframework.aop.framework.CglibAopProxy$DynamicAdvis >>>>>> edInterceptor.intercept(CglibAopProxy.java:656) >>>>>> at org.apache.openmeetings.db.dao.user.UserDao$$EnhancerBySprin >>>>>> gCGLIB$$ae5af194.login(<generated>) >>>>>> at org.apache.openmeetings.web.app.WebSession.signIn(WebSession >>>>>> .java:336) >>>>>> at org.apache.openmeetings.web.pages.auth.SignInDialog.onSubmit >>>>>> (SignInDialog.java:188) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>>>>> alog$DialogFormSubmitter.onSubmit(AbstractFormDialog.java:294) >>>>>> at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form. >>>>>> java:1248) >>>>>> at org.apache.wicket.markup.html.form.Form.process(Form.java:94 >>>>>> 6) >>>>>> at org.apache.wicket.markup.html.form.StatelessForm.process(Sta >>>>>> telessForm.java:100) >>>>>> at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form >>>>>> .java:770) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>>>>> alog.internalOnClick(AbstractFormDialog.java:215) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractDialog >>>>>> $1.onClick(AbstractDialog.java:413) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.DialogBehavior >>>>>> .onAjax(DialogBehavior.java:188) >>>>>> at com.googlecode.wicket.jquery.core.ajax.JQueryAjaxBehavior.re >>>>>> spond(JQueryAjaxBehavior.java:173) >>>>>> at org.apache.wicket.ajax.AbstractDefaultAjaxBehavior.onRequest >>>>>> (AbstractDefaultAjaxBehavior.java:598) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.internalInvoke(ListenerRequestHandler.java:308) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.invoke(ListenerRequestHandler.java:282) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.invokeListener(ListenerRequestHandler.java:224) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.respond(ListenerRequestHandler.java:210) >>>>>> at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor >>>>>> .respond(RequestCycle.java:912) >>>>>> at org.apache.wicket.request.RequestHandlerExecutor.execute(Req >>>>>> uestHandlerExecutor.java:65) >>>>>> at org.apache.wicket.request.cycle.RequestCycle.execute(Request >>>>>> Cycle.java:283) >>>>>> at org.apache.wicket.request.cycle.RequestCycle.processRequest( >>>>>> RequestCycle.java:253) >>>>>> at org.apache.wicket.request.cycle.RequestCycle.processRequestA >>>>>> ndDetach(RequestCycle.java:221) >>>>>> at org.apache.wicket.protocol.ws.AbstractUpgradeFilter.processR >>>>>> equestCycle(AbstractUpgradeFilter.java:70) >>>>>> at org.apache.wicket.protocol.http.WicketFilter.processRequest( >>>>>> WicketFilter.java:204) >>>>>> at org.apache.wicket.protocol.http.WicketFilter.doFilter(Wicket >>>>>> Filter.java:286) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>>>> lter(ApplicationFilterChain.java:192) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>>>> licationFilterChain.java:165) >>>>>> at org.red5.logging.LoggerContextFilter.doFilter(LoggerContextF >>>>>> ilter.java:84) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>>>> lter(ApplicationFilterChain.java:192) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>>>> licationFilterChain.java:165) >>>>>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar >>>>>> dWrapperValve.java:198) >>>>>> at org.apache.catalina.core.StandardContextValve.invoke(Standar >>>>>> dContextValve.java:96) >>>>>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A >>>>>> uthenticatorBase.java:478) >>>>>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo >>>>>> stValve.java:140) >>>>>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo >>>>>> rtValve.java:80) >>>>>> at org.apache.catalina.valves.AbstractAccessLogValve.invoke(Abs >>>>>> tractAccessLogValve.java:624) >>>>>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard >>>>>> EngineValve.java:87) >>>>>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd >>>>>> apter.java:341) >>>>>> at org.apache.coyote.http11.Http11Processor.service(Http11Proce >>>>>> ssor.java:783) >>>>>> at org.apache.coyote.AbstractProcessorLight.process(AbstractPro >>>>>> cessorLight.java:66) >>>>>> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process >>>>>> (AbstractProtocol.java:798) >>>>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun >>>>>> (NioEndpoint.java:1441) >>>>>> at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketPro >>>>>> cessorBase.java:49) >>>>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >>>>>> Executor.java:1142) >>>>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >>>>>> lExecutor.java:617) >>>>>> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.r >>>>>> un(TaskThread.java:61) >>>>>> at java.lang.Thread.run(Thread.java:745) >>>>>> ERROR 06-19 12:00:03.191 DefaultExceptionMapper.java 162965 170 >>>>>> org.apache.wicket.DefaultExceptionMapper >>>>>> [http-nio-0.0.0.0-5080-exec-7] - Unexpected error occurred >>>>>> java.lang.NullPointerException: null >>>>>> at org.apache.openmeetings.db.dao.user.UserDao.verifyPassword(U >>>>>> serDao.java:474) >>>>>> at org.apache.openmeetings.db.dao.user.UserDao.login(UserDao.ja >>>>>> va:650) >>>>>> at org.apache.openmeetings.db.dao.user.UserDao$$FastClassBySpri >>>>>> ngCGLIB$$1492ba5a.invoke(<generated>) >>>>>> at org.springframework.cglib.proxy.MethodProxy.invoke(MethodPro >>>>>> xy.java:204) >>>>>> at org.springframework.aop.framework.CglibAopProxy$CglibMethodI >>>>>> nvocation.invokeJoinpoint(CglibAopProxy.java:721) >>>>>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>>>>> .proceed(ReflectiveMethodInvocation.java:157) >>>>>> at org.springframework.transaction.interceptor.TransactionInter >>>>>> ceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) >>>>>> at org.springframework.transaction.interceptor.TransactionAspec >>>>>> tSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) >>>>>> at org.springframework.transaction.interceptor.TransactionInter >>>>>> ceptor.invoke(TransactionInterceptor.java:96) >>>>>> at org.springframework.aop.framework.ReflectiveMethodInvocation >>>>>> .proceed(ReflectiveMethodInvocation.java:179) >>>>>> at org.springframework.aop.framework.CglibAopProxy$DynamicAdvis >>>>>> edInterceptor.intercept(CglibAopProxy.java:656) >>>>>> at org.apache.openmeetings.db.dao.user.UserDao$$EnhancerBySprin >>>>>> gCGLIB$$ae5af194.login(<generated>) >>>>>> at org.apache.openmeetings.web.app.WebSession.signIn(WebSession >>>>>> .java:336) >>>>>> at org.apache.openmeetings.web.pages.auth.SignInDialog.onSubmit >>>>>> (SignInDialog.java:188) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>>>>> alog$DialogFormSubmitter.onSubmit(AbstractFormDialog.java:294) >>>>>> at org.apache.wicket.markup.html.form.Form.delegateSubmit(Form. >>>>>> java:1248) >>>>>> at org.apache.wicket.markup.html.form.Form.process(Form.java:94 >>>>>> 6) >>>>>> at org.apache.wicket.markup.html.form.StatelessForm.process(Sta >>>>>> telessForm.java:100) >>>>>> at org.apache.wicket.markup.html.form.Form.onFormSubmitted(Form >>>>>> .java:770) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractFormDi >>>>>> alog.internalOnClick(AbstractFormDialog.java:215) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.AbstractDialog >>>>>> $1.onClick(AbstractDialog.java:413) >>>>>> at com.googlecode.wicket.jquery.ui.widget.dialog.DialogBehavior >>>>>> .onAjax(DialogBehavior.java:188) >>>>>> at com.googlecode.wicket.jquery.core.ajax.JQueryAjaxBehavior.re >>>>>> spond(JQueryAjaxBehavior.java:173) >>>>>> at org.apache.wicket.ajax.AbstractDefaultAjaxBehavior.onRequest >>>>>> (AbstractDefaultAjaxBehavior.java:598) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.internalInvoke(ListenerRequestHandler.java:308) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.invoke(ListenerRequestHandler.java:282) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.invokeListener(ListenerRequestHandler.java:224) >>>>>> at org.apache.wicket.core.request.handler.ListenerRequestHandle >>>>>> r.respond(ListenerRequestHandler.java:210) >>>>>> at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor >>>>>> .respond(RequestCycle.java:912) >>>>>> at org.apache.wicket.request.RequestHandlerExecutor.execute(Req >>>>>> uestHandlerExecutor.java:65) >>>>>> at org.apache.wicket.request.cycle.RequestCycle.execute(Request >>>>>> Cycle.java:283) >>>>>> at org.apache.wicket.request.cycle.RequestCycle.processRequest( >>>>>> RequestCycle.java:253) >>>>>> at org.apache.wicket.request.cycle.RequestCycle.processRequestA >>>>>> ndDetach(RequestCycle.java:221) >>>>>> at org.apache.wicket.protocol.ws.AbstractUpgradeFilter.processR >>>>>> equestCycle(AbstractUpgradeFilter.java:70) >>>>>> at org.apache.wicket.protocol.http.WicketFilter.processRequest( >>>>>> WicketFilter.java:204) >>>>>> at org.apache.wicket.protocol.http.WicketFilter.doFilter(Wicket >>>>>> Filter.java:286) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>>>> lter(ApplicationFilterChain.java:192) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>>>> licationFilterChain.java:165) >>>>>> at org.red5.logging.LoggerContextFilter.doFilter(LoggerContextF >>>>>> ilter.java:84) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >>>>>> lter(ApplicationFilterChain.java:192) >>>>>> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >>>>>> licationFilterChain.java:165) >>>>>> at org.apache.catalina.core.StandardWrapperValve.invoke(Standar >>>>>> dWrapperValve.java:198) >>>>>> at org.apache.catalina.core.StandardContextValve.invoke(Standar >>>>>> dContextValve.java:96) >>>>>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(A >>>>>> uthenticatorBase.java:478) >>>>>> at org.apache.catalina.core.StandardHostValve.invoke(StandardHo >>>>>> stValve.java:140) >>>>>> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorRepo >>>>>> rtValve.java:80) >>>>>> at org.apache.catalina.valves.AbstractAccessLogValve.invoke(Abs >>>>>> tractAccessLogValve.java:624) >>>>>> at org.apache.catalina.core.StandardEngineValve.invoke(Standard >>>>>> EngineValve.java:87) >>>>>> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAd >>>>>> apter.java:341) >>>>>> at org.apache.coyote.http11.Http11Processor.service(Http11Proce >>>>>> ssor.java:783) >>>>>> at org.apache.coyote.AbstractProcessorLight.process(AbstractPro >>>>>> cessorLight.java:66) >>>>>> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process >>>>>> (AbstractProtocol.java:798) >>>>>> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun >>>>>> (NioEndpoint.java:1441) >>>>>> at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketPro >>>>>> cessorBase.java:49) >>>>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >>>>>> Executor.java:1142) >>>>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >>>>>> lExecutor.java:617) >>>>>> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.r >>>>>> un(TaskThread.java:61) >>>>>> at java.lang.Thread.run(Thread.java:745) >>>>>> >>>>>> Any Ideas? >>>>>> >>>>>> Greetings Peter >>>>>> >>>>>> >>>>>> Am 17.06.2017 um 08:15 schrieb Maxim Solodovnik: >>>>>> >>>>>> Hello Peter, >>>>>>> >>>>>>> I have implemented #3 >>>>>>> http://git-wip-us.apache.org/repos/asf/openmeetings/diff/156bcc79 >>>>>>> The only difference: Password re-hashing is not being emailed but >>>>>>> logged >>>>>>> with WARN level >>>>>>> >>>>>>> Would appreciate if you can test it and let me know your thoughts :) >>>>>>> >>>>>>> Build 36+ from here: >>>>>>> https://builds.apache.org/view/M-R/view/OpenMeetings/job/Ope >>>>>>> nmeetings%203.3.x/ >>>>>>> >>>>>>> >>>>>>> On Fri, Jun 16, 2017 at 2:43 PM, Maxim Solodovnik < >>>>>>> [email protected]> >>>>>>> wrote: >>>>>>> >>>>>>> Both external and LDAP users would not be affected >>>>>>> >>>>>>>> Will try to implement 3) as you have described, looks doable :) >>>>>>>> Thanks! >>>>>>>> >>>>>>>> On Fri, Jun 16, 2017 at 2:34 PM, Peter Dähn <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>> Hi Maxim, >>>>>>>> >>>>>>>>> We have a lot external user in our system and just a few "real" >>>>>>>>> user. Am >>>>>>>>> I right that this doesn't apply to external user or does this case >>>>>>>>> also be >>>>>>>>> handled? >>>>>>>>> >>>>>>>>> 1 and 2 wouldn't be my favorites. >>>>>>>>> >>>>>>>>> I would prefer 3 and has an alternative if 3 isn't possible. >>>>>>>>> >>>>>>>>> 3) We hat a similar change in our system. They did it in the >>>>>>>>> following >>>>>>>>> way. >>>>>>>>> >>>>>>>>> - user login -> check password with sha256 >>>>>>>>> - if this doesn't match check password against md5 >>>>>>>>> - if this match store sha256-hash for further logins and >>>>>>>>> send an >>>>>>>>> e-mail to that user "Rewrote password for security-reasons. If you >>>>>>>>> didin't >>>>>>>>> login right now, inform your system-admin" or something like that. >>>>>>>>> - if both hashes doesn't match deny login. >>>>>>>>> >>>>>>>>> This would be the most user-friendly way I think. >>>>>>>>> >>>>>>>>> 4) Alternatively one could reset all passwords and if a user try to >>>>>>>>> login >>>>>>>>> with empty password one get a popup "Your password need to renewed. >>>>>>>>> You got >>>>>>>>> an e-mail". The system sends an e-mail with a link to create a new >>>>>>>>> password. >>>>>>>>> >>>>>>>>> This are out ideas so far. >>>>>>>>> >>>>>>>>> Greetings Peter >>>>>>>>> >>>>>>>>> >>>>>>>>> Am 14.06.2017 um 09:07 schrieb Maxim Solodovnik: >>>>>>>>> >>>>>>>>> Sure, have to fix some issues >>>>>>>>> >>>>>>>>>> Will try to finish everything until next week-end :) >>>>>>>>>> So no rush right now :) >>>>>>>>>> >>>>>>>>>> My ideas were: >>>>>>>>>> 1) Add Admin function "reset all passwords" (not sure how users >>>>>>>>>> should be >>>>>>>>>> notified on new password in this case) >>>>>>>>>> 2) Add Admin function: "Email all users" general email "Please >>>>>>>>>> reset your >>>>>>>>>> passwords" will be sent to all users >>>>>>>>>> 3) Allow login with old password and require user to change it, >>>>>>>>>> possible >>>>>>>>>> but seems to be tricky >>>>>>>>>> >>>>>>>>>> Will wait for the results of your discussion :) >>>>>>>>>> >>>>>>>>>> On Wed, Jun 14, 2017 at 2:00 PM, Peter Dähn <[email protected]> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> Hi Maxim, >>>>>>>>>> >>>>>>>>>> you are right, this point is left.... >>>>>>>>>>> I think I try to discuss this with a colleague of mine. Maybe we >>>>>>>>>>> get an >>>>>>>>>>> idea... >>>>>>>>>>> >>>>>>>>>>> Back later the or most likely on Friday. I hope this is on time. >>>>>>>>>>> >>>>>>>>>>> Greetings Peter >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Am 14.06.2017 um 07:43 schrieb Maxim Solodovnik: >>>>>>>>>>> >>>>>>>>>>> Thanks a lot Peter, >>>>>>>>>>> >>>>>>>>>>> Now I'm back and ready to help :) >>>>>>>>>>> >>>>>>>>>>> Would appreciate to hear any thought regarding "soft" changing of >>>>>>>>>>> password >>>>>>>>>>> hash function >>>>>>>>>>> >>>>>>>>>>> On Mon, Jun 12, 2017 at 6:40 PM, Peter Dähn <[email protected]> < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> so.. now it is time I think... >>>>>>>>>>> >>>>>>>>>>> Congratulations! I hope you had a nice wedding and a few relaxing >>>>>>>>>>> days... >>>>>>>>>>> >>>>>>>>>>> Greetings Peter >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Am 24.05.2017 um 12:03 schrieb Peter Dähn: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> ok.. then good luck... >>>>>>>>>>> >>>>>>>>>>> and best wishes when you are back... ;-) >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Am 24.05.2017 um 11:57 schrieb Maxim Solodovnik: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Thanks :) >>>>>>>>>>> >>>>>>>>>>> I'll be on vacation for the next 2 weeks, with rare access to the >>>>>>>>>>> email >>>>>>>>>>> from my phone, so no rush :) >>>>>>>>>>> >>>>>>>>>>> On Wed, May 24, 2017 at 4:55 PM, Peter Dähn <[email protected]> < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>> ok.. need to think about it... ;-) >>>>>>>>>>> >>>>>>>>>>> I will be back in office next week... maybe with "THE IDEA".. or >>>>>>>>>>> maybe >>>>>>>>>>> not... ;-) >>>>>>>>>>> >>>>>>>>>>> Greetings Peter >>>>>>>>>>> >>>>>>>>>>> Am 24.05.2017 um 11:21 schrieb Maxim Solodovnik: >>>>>>>>>>> >>>>>>>>>>> It is all discussible :) >>>>>>>>>>> >>>>>>>>>>> 3.0.7 still uses MD5CryptImplementation<https:/ >>>>>>>>>>> /github.com/apache/openmeetings/blob/3.0.x/src/util/ >>>>>>>>>>> java/org/apache/openmeetings/util/crypt/MD5CryptImplementati >>>>>>>>>>> on.java> >>>>>>>>>>> < >>>>>>>>>>> https://github.com/apache/openmeetings/blob/3.0.x/src/util/ >>>>>>>>>>> java/org/apache/openmeetings/util/crypt/MD5CryptImplementati >>>>>>>>>>> on.java> >>>>>>>>>>> which >>>>>>>>>>> is not secure at all :((( >>>>>>>>>>> We can add back SHA256Implementation<https://g >>>>>>>>>>> ithub.com/apache/openmeetings/blob/3.1.x/openmeeti >>>>>>>>>>> ngs-util/src/main/java/org/apache/openmeetings/util/ >>>>>>>>>>> crypt/SHA256Implementation.java> <https://github.com/apache/ope >>>>>>>>>>> nmeetings/blob/3.1.x/openmeetings-util/src/main/java/org/apa >>>>>>>>>>> che/openmeetings/util/crypt/SHA256Implementation.java> >>>>>>>>>>> >>>>>>>>>>> ( >>>>>>>>>>> available since 3.1.x) for compatibility reasons, but I'm afraid >>>>>>>>>>> there >>>>>>>>>>> is >>>>>>>>>>> no clean way to perform backup and preserve passwords ..... >>>>>>>>>>> >>>>>>>>>>> I thought maybe we can add "Reset All passwords" admin function, >>>>>>>>>>> but >>>>>>>>>>> it is >>>>>>>>>>> totally insecure :( >>>>>>>>>>> Any ideas are appreciated :) >>>>>>>>>>> >>>>>>>>>>> On Wed, May 24, 2017 at 4:15 PM, Peter Dähn <[email protected]> < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>> Hi, >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> I think further investigation is not needed. I just didn't see it >>>>>>>>>>> before... >>>>>>>>>>> >>>>>>>>>>> Is this behavior the final state? Then it will be difficult to >>>>>>>>>>> update my >>>>>>>>>>> installation (3.0.7). This also should the problem with any >>>>>>>>>>> installation >>>>>>>>>>> before 3.3.0. Isn't it? >>>>>>>>>>> >>>>>>>>>>> Greetings Peter >>>>>>>>>>> >>>>>>>>>>> Am 24.05.2017 um 11:07 schrieb Maxim Solodovnik: >>>>>>>>>>> >>>>>>>>>>> Hello Peter, >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> these debug messages are OK during import (I can perform further >>>>>>>>>>> investigation, but I believe this is not an issue) >>>>>>>>>>> >>>>>>>>>>> Current 4.0.0 contains backported code from 3.3.0 which has >>>>>>>>>>> stronger >>>>>>>>>>> Password rules ... >>>>>>>>>>> You were unable to login after restore from backup since Password >>>>>>>>>>> Crypt >>>>>>>>>>> was >>>>>>>>>>> changed to the SCrypt, which is stronger than SHA512 used before >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Wed, May 24, 2017 at 3:50 PM, Peter Dähn <[email protected]> < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>> I tried to reset the password. I got following message: >>>>>>>>>>> >>>>>>>>>>> "Weak' password: at least 1 special symbol '!@#$%^&*][' is >>>>>>>>>>> required" >>>>>>>>>>> >>>>>>>>>>> Could this be the Problem? I think this shouldn't be like that, >>>>>>>>>>> because >>>>>>>>>>> there wasn't such restriction before. >>>>>>>>>>> >>>>>>>>>>> Greetings Peter >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Am 24.05.2017 um 10:21 schrieb Peter Dähn: >>>>>>>>>>> >>>>>>>>>>> Hi Maxim, >>>>>>>>>>> >>>>>>>>>>> I wanted to try out html5 video components... >>>>>>>>>>> >>>>>>>>>>> While importing my backup (worked before) I got a lot of these >>>>>>>>>>> messages >>>>>>>>>>> below. >>>>>>>>>>> >>>>>>>>>>> DEBUG 05-24 10:06:49.592 AuthLevelUtil.java 56867 40 >>>>>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>>>>> Login :: >>>>>>>>>>> [GRANTED] >>>>>>>>>>> DEBUG 05-24 10:06:49.601 AuthLevelUtil.java 56876 40 >>>>>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>>>>> Login :: >>>>>>>>>>> [DENIED] >>>>>>>>>>> DEBUG 05-24 10:06:49.609 AuthLevelUtil.java 56884 40 >>>>>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>>>>> Login :: >>>>>>>>>>> [DENIED] >>>>>>>>>>> DEBUG 05-24 10:06:49.615 AuthLevelUtil.java 56890 40 >>>>>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>>>>> Login :: >>>>>>>>>>> [DENIED] >>>>>>>>>>> DEBUG 05-24 10:06:49.622 AuthLevelUtil.java 56897 40 >>>>>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>>>>> Login :: >>>>>>>>>>> [DENIED] >>>>>>>>>>> DEBUG 05-24 10:06:49.629 AuthLevelUtil.java 56904 40 >>>>>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>>>>> Login :: >>>>>>>>>>> [DENIED] >>>>>>>>>>> DEBUG 05-24 10:06:49.636 AuthLevelUtil.java 56911 40 >>>>>>>>>>> org.apache.openmeetings.db.util.AuthLevelUtil [main] - Level >>>>>>>>>>> Login :: >>>>>>>>>>> [DENIED] >>>>>>>>>>> >>>>>>>>>>> I never noticed these ones before. After starting the server, I >>>>>>>>>>> couldn't >>>>>>>>>>> login with my admin user. "Username/email and/or password are >>>>>>>>>>> incorrect." >>>>>>>>>>> >>>>>>>>>>> Any Ideas? >>>>>>>>>>> >>>>>>>>>>> Greetings Peter >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> B.Sc. Peter Dähn >>>>>>>>>>> Virtueller Campus Rheinland-Pfalz <http://www.vcrp.de/> >>>>>>>>>>> Postfach 3049 >>>>>>>>>>> 67653 Kaiserslautern >>>>>>>>>>> Tel: 0631/205-4944 >>>>>>>>>>> Olat <https://olat.vcrp.de/> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>> >>>>>>>>> B.Sc. Peter Dähn >>>>>>>>> Virtueller Campus Rheinland-Pfalz <http://www.vcrp.de/> >>>>>>>>> Postfach 3049 >>>>>>>>> 67653 Kaiserslautern >>>>>>>>> Tel: 0631/205-4944 >>>>>>>>> Olat <https://olat.vcrp.de/> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>> WBR >>>>>>>> Maxim aka solomax >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>> -- >>>>> WBR >>>>> Maxim aka solomax >>>>> >>>>> >>>> >>>> -- >>>> WBR >>>> Maxim aka solomax >>>> >>>> >>> >>> -- >>> WBR >>> Maxim aka solomax >>> >>> >> >>
