I would start with examine the logs and will add missing key-value part to openmeetings.properties :)
On Tue, 27 Dec 2022 at 19:00, Ali Alhaidary <ali.alhaid...@the5stars.org> wrote: > Where and what ? :-) > > Ali > On 12/27/22 8:13 AM, Maxim Solodovnik wrote: > > you have to add new values to your config :) > > #206 is at demo-next > seems to work as expected :) > > On Tue, 27 Dec 2022 at 10:37, Ali Alhaidary <ali.alhaid...@the5stars.org> > wrote: > >> No, I did not change anything in openmeetings.properties as we want to >> use om as before initially... >> >> ################## Time-based One Time Password ################## >> ## Please NOTE these values need to be changed BEFORE users will set-up >> OTP for themselves >> ## otherwise they can't login >> >> # NOTE Config->application.name will be used if blank >> otp.issuer= >> otp.ntp.server=pool.ntp.org >> ## milliseconds >> otp.ntp.timeout=3000 >> >> >> On 12/27/22 4:44 AM, Maxim Solodovnik wrote: >> >> Anything suspicious in the log? >> Have you updated openmeetings.properties with "otp" specific values? >> >> from mobile (sorry for typos ;) >> >> >> On Mon, Dec 26, 2022, 22:54 Ali Alhaidary <ali.alhaid...@the5stars.org> >> wrote: >> >>> Could not login from moodle plugin, and (HTTP Status 404 – Not Found) in >>> stand alone app. >>> >>> Ali >>> On 12/26/22 5:18 PM, Ali Alhaidary wrote: >>> >>> Seems ok, and translated... >>> >>> Ali >>> On 12/26/22 8:37 AM, Maxim Solodovnik wrote: >>> >>> Seems to be implemented >>> I would appreciate if someone can test this new functionality >>> (And wording :))) >>> >>> On Thu, 22 Dec 2022 at 14:14, Maxim Solodovnik <solomax...@gmail.com> >>> wrote: >>> >>>> >>>> >>>> On Thu, 22 Dec 2022 at 14:01, seba.wag...@gmail.com < >>>> seba.wag...@gmail.com> wrote: >>>> >>>>> Sry I did not have enough time. But it would be a good feature to add. >>>>> >>>>> Also a good message we can share around enhancing OpenMeetings >>>>> security. Relevant for many education/public environments. >>>>> >>>> >>>> I agree :)) >>>> Will update JIRA/demo-next when will have something working :) >>>> >>>> >>>>> >>>>> Thx >>>>> Seb >>>>> >>>>> Sebastian Wagner >>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>> http://arrakeen-solutions.co.nz/ >>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>> Video-Conferencing OpenMeetings >>>>> >>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>> >>>>> >>>>> On Thu, 22 Dec 2022 at 18:37, Maxim Solodovnik <solomax...@gmail.com> >>>>> wrote: >>>>> >>>>>> https://issues.apache.org/jira/browse/OPENMEETINGS-2755 >>>>>> >>>>>> will try to implement it :) >>>>>> >>>>>> On Wed, 3 Aug 2022 at 13:45, Ali Alhaidary < >>>>>> ali.alhaid...@the5stars.org> wrote: >>>>>> >>>>>>> +1 >>>>>>> >>>>>>> Yes, why not... >>>>>>> >>>>>>> Ali >>>>>>> On 8/3/22 8:34 AM, Maxim Solodovnik wrote: >>>>>>> >>>>>>> we already have BSD 3-clause: >>>>>>> https://github.com/apache/openmeetings/blob/master/LICENSE#L2479 >>>>>>> will need to add one line only :) >>>>>>> >>>>>>> On Wed, 3 Aug 2022 at 12:25, seba.wag...@gmail.com < >>>>>>> seba.wag...@gmail.com> wrote: >>>>>>> >>>>>>>> There seem to be a few options for Google using Java >>>>>>>> E.g. https://github.com/wstrange/GoogleAuth >>>>>>>> >>>>>>>> I don't quite see in that lib how it generates the QR code for >>>>>>>> scanning but there should be a way :) >>>>>>>> >>>>>>>> The BSD license would require us to add a copy left into our >>>>>>>> License file, but in general it would be compatible imho. >>>>>>>> >>>>>>>> Thanks >>>>>>>> Seb >>>>>>>> >>>>>>>> Sebastian Wagner >>>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>>> Video-Conferencing OpenMeetings >>>>>>>> >>>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>>> >>>>>>>> >>>>>>>> On Wed, 3 Aug 2022 at 16:12, Maxim Solodovnik <solomax...@gmail.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hello Seb, >>>>>>>>> >>>>>>>>> Sorry for a late response, I'm on vacation :) >>>>>>>>> >>>>>>>>> I would >>>>>>>>> +1 this feature :) >>>>>>>>> >>>>>>>>> The problems we'll need to solve >>>>>>>>> - add 2fa mechanisms other than email (not sure if apps like >>>>>>>>> "Google authenticator" has open source API :(, we can use telegram >>>>>>>>> API ....) >>>>>>>>> - we'll need to move this out of om_user db table (maybe with >>>>>>>>> activation_hash and *reset-password-hash* >>>>>>>>> >>>>>>>>> Need to be investigated and carefully refactored :) >>>>>>>>> >>>>>>>>> from mobile (sorry for typos ;) >>>>>>>>> >>>>>>>>> >>>>>>>>> On Wed, Aug 3, 2022, 10:15 seba.wag...@gmail.com < >>>>>>>>> seba.wag...@gmail.com> wrote: >>>>>>>>> >>>>>>>>>> Not many pros or cons in this discussion. >>>>>>>>>> >>>>>>>>>> But I think it would be a good option to have available for >>>>>>>>>> users. As well as a good feature to advertise for. Especially in >>>>>>>>>> order to >>>>>>>>>> use OpenMeetings in a Gov/Education environment where compliance may >>>>>>>>>> require to have 2 factor auth for applications in order for using it. >>>>>>>>>> >>>>>>>>>> So I assume I can create some tickets and get this on the way. >>>>>>>>>> >>>>>>>>>> Thanks >>>>>>>>>> Seb >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Sebastian Wagner >>>>>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>>>>> Video-Conferencing OpenMeetings >>>>>>>>>> >>>>>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Mon, 1 Aug 2022 at 09:31, seba.wag...@gmail.com < >>>>>>>>>> seba.wag...@gmail.com> wrote: >>>>>>>>>> >>>>>>>>>>> I would like to add a ticket to investigate and look into adding >>>>>>>>>>> 2 factor authentication to OpenMeetings. As an optional feature, >>>>>>>>>>> default >>>>>>>>>>> would be turned off. >>>>>>>>>>> >>>>>>>>>>> There are various libraries to achieve 2 factor auth. I would >>>>>>>>>>> probably prefer using the Google Authenticator as a method since it >>>>>>>>>>> seems >>>>>>>>>>> the most widely adopted authenticator. >>>>>>>>>>> >>>>>>>>>>> In terms of turning it on/off I would add 2 flags: >>>>>>>>>>> - On a per server basis a flag to generally turn 2 factor auth >>>>>>>>>>> on or off >>>>>>>>>>> - On a per individual account basis so you can turn 2 factor >>>>>>>>>>> auth on/off for an individual user >>>>>>>>>>> >>>>>>>>>>> This would not affect past installations. >>>>>>>>>>> This would not affect logging in via Soap/Rest. >>>>>>>>>>> >>>>>>>>>>> I think this would be a good feature to improve security. >>>>>>>>>>> >>>>>>>>>>> Let me know what you think, and I will add a ticket and look >>>>>>>>>>> into adding this over the next few weeks. >>>>>>>>>>> >>>>>>>>>>> Thanks >>>>>>>>>>> Seb >>>>>>>>>>> >>>>>>>>>>> Sebastian Wagner >>>>>>>>>>> Director Arrakeen Solutions, OM-Hosting.com >>>>>>>>>>> http://arrakeen-solutions.co.nz/ >>>>>>>>>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>>>>>>>>> Video-Conferencing OpenMeetings >>>>>>>>>>> >>>>>>>>>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>>>>>>>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>>>>>>>>> >>>>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Best regards, >>>>>>> Maxim >>>>>>> >>>>>>> >>>>>> >>>>>> -- >>>>>> Best regards, >>>>>> Maxim >>>>>> >>>>> >>>> >>>> -- >>>> Best regards, >>>> Maxim >>>> >>> >>> >>> -- >>> Best regards, >>> Maxim >>> >>> > > -- > Best regards, > Maxim > > -- Best regards, Maxim
