Yes, I know that these lines were added, as you can see in my previous
post, however, I did not change it assuming that the application will
perform as usual until we set 2 factor authentication.
Is there and keys I should add to the database on build#205 ?
Ali
On 12/28/22 2:10 PM, Maxim Solodovnik wrote:
The following section has been added :)
################## Time-based One Time Password ##################
## Please NOTE these values need to be changed BEFORE users will
set-up OTP for themselves
## otherwise they can't login
# NOTE Config->application.name <http://application.name> will be used
if blank
otp.issuer=
otp.ntp.server=pool.ntp.org <http://pool.ntp.org>
## milliseconds
otp.ntp.timeout=3000
from mobile (sorry for typos ;)
On Wed, Dec 28, 2022, 16:25 Ali Alhaidary
<ali.alhaid...@the5stars.org> wrote:
Is it possible just to pint it out please?
Ali
On 12/27/22 6:53 PM, Maxim Solodovnik wrote:
I would start with examine the logs
and will add missing key-value part to openmeetings.properties :)
On Tue, 27 Dec 2022 at 19:00, Ali Alhaidary
<ali.alhaid...@the5stars.org> wrote:
Where and what ? :-)
Ali
On 12/27/22 8:13 AM, Maxim Solodovnik wrote:
you have to add new values to your config :)
#206 is at demo-next
seems to work as expected :)
On Tue, 27 Dec 2022 at 10:37, Ali Alhaidary
<ali.alhaid...@the5stars.org> wrote:
No, I did not change anything in openmeetings.properties
as we want to use om as before initially...
################## Time-based One Time Password
##################
## Please NOTE these values need to be changed BEFORE
users will set-up OTP for themselves
## otherwise they can't login
# NOTE Config->application.name
<http://application.name> will be used if blank
otp.issuer=
otp.ntp.server=pool.ntp.org <http://pool.ntp.org>
## milliseconds
otp.ntp.timeout=3000
On 12/27/22 4:44 AM, Maxim Solodovnik wrote:
Anything suspicious in the log?
Have you updated openmeetings.properties with "otp"
specific values?
from mobile (sorry for typos ;)
On Mon, Dec 26, 2022, 22:54 Ali Alhaidary
<ali.alhaid...@the5stars.org> wrote:
Could not login from moodle plugin, and (HTTP
Status 404 – Not Found) in stand alone app.
Ali
On 12/26/22 5:18 PM, Ali Alhaidary wrote:
Seems ok, and translated...
Ali
On 12/26/22 8:37 AM, Maxim Solodovnik wrote:
Seems to be implemented
I would appreciate if someone can test this new
functionality
(And wording :)))
On Thu, 22 Dec 2022 at 14:14, Maxim Solodovnik
<solomax...@gmail.com> wrote:
On Thu, 22 Dec 2022 at 14:01,
seba.wag...@gmail.com <seba.wag...@gmail.com>
wrote:
Sry I did not have enough time. But it
would be a good feature to add.
Also a good message we can share around
enhancing OpenMeetings security. Relevant
for many education/public environments.
I agree :))
Will update JIRA/demo-next when will have
something working :)
Thx
Seb
Sebastian Wagner
Director Arrakeen Solutions, OM-Hosting.com
http://arrakeen-solutions.co.nz/
https://om-hosting.com - Cloud & Server
Hosting for HTML5 Video-Conferencing
OpenMeetings
<https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url><https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
On Thu, 22 Dec 2022 at 18:37, Maxim
Solodovnik <solomax...@gmail.com> wrote:
https://issues.apache.org/jira/browse/OPENMEETINGS-2755
will try to implement it :)
On Wed, 3 Aug 2022 at 13:45, Ali
Alhaidary
<ali.alhaid...@the5stars.org> wrote:
+1
Yes, why not...
Ali
On 8/3/22 8:34 AM, Maxim
Solodovnik wrote:
we already have BSD 3-clause:
https://github.com/apache/openmeetings/blob/master/LICENSE#L2479
will need to add one line only :)
On Wed, 3 Aug 2022 at 12:25,
seba.wag...@gmail.com
<seba.wag...@gmail.com> wrote:
There seem to be a few
options for Google using Java
E.g.
https://github.com/wstrange/GoogleAuth
I don't quite see in that
lib how it generates the QR
code for scanning but there
should be a way :)
The BSD license would
require us to add a copy
left into our License file,
but in general it would be
compatible imho.
Thanks
Seb
Sebastian Wagner
Director Arrakeen Solutions,
OM-Hosting.com
http://arrakeen-solutions.co.nz/
https://om-hosting.com -
Cloud & Server Hosting for
HTML5 Video-Conferencing
OpenMeetings
<https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url><https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
On Wed, 3 Aug 2022 at 16:12,
Maxim Solodovnik
<solomax...@gmail.com> wrote:
Hello Seb,
Sorry for a late
response, I'm on vacation :)
I would
+1 this feature :)
The problems we'll need
to solve
- add 2fa mechanisms
other than email (not
sure if apps like
"Google authenticator"
has open source API :(,
we can use telegram API
....)
- we'll need to move
this out of om_user db
table (maybe with
activation_hash and
*reset-password-hash*
Need to be investigated
and carefully refactored :)
from mobile (sorry for
typos ;)
On Wed, Aug 3, 2022,
10:15
seba.wag...@gmail.com
<seba.wag...@gmail.com>
wrote:
Not many pros or
cons in this
discussion.
But I think it would
be a good option to
have available for
users. As well as a
good feature to
advertise for.
Especially in order
to use OpenMeetings
in a Gov/Education
environment where
compliance may
require to have 2
factor auth for
applications in
order for using it.
So I assume I can
create some tickets
and get this on the way.
Thanks
Seb
Sebastian Wagner
Director Arrakeen
Solutions,
OM-Hosting.com
http://arrakeen-solutions.co.nz/
https://om-hosting.com
- Cloud & Server
Hosting for HTML5
Video-Conferencing
OpenMeetings
<https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url><https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
On Mon, 1 Aug 2022
at 09:31,
seba.wag...@gmail.com
<seba.wag...@gmail.com>
wrote:
I would like to
add a ticket to
investigate and
look into adding
2 factor
authentication
to OpenMeetings.
As an
optional feature,
default would be
turned off.
There are
various
libraries to
achieve 2
factor auth. I
would
probably prefer
using the Google
Authenticator as
a method since
it seems the
most
widely adopted
authenticator.
In terms of
turning it
on/off I would
add 2 flags:
- On a per
server basis a
flag to
generally turn 2
factor auth on
or off
- On a per
individual
account basis so
you can turn 2
factor
auth on/off for
an individual user
This would not
affect past
installations.
This would not
affect logging
in via Soap/Rest.
I think this
would be a good
feature to
improve security.
Let me know what
you think, and I
will add a
ticket and look
into adding this
over the next
few weeks.
Thanks
Seb
Sebastian Wagner
Director
Arrakeen
Solutions,
OM-Hosting.com
http://arrakeen-solutions.co.nz/
https://om-hosting.com
- Cloud & Server
Hosting for
HTML5
Video-Conferencing
OpenMeetings
<https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url><https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
--
Best regards,
Maxim
--
Best regards,
Maxim
--
Best regards,
Maxim
--
Best regards,
Maxim
--
Best regards,
Maxim
--
Best regards,
Maxim
