openmeetings-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Maxim Solodovnik <solomax...@gmail.com>
Subject Re: SOAP and LDAP authentication
Date Fri, 03 Aug 2012 11:43:30 GMT
Actually you can do the following:
login as generic user to OM.
Query details of user, you would like to send hash to, from LDAP
generate hash with above details
send it to the user

I'm afraid LDAP login should be _before_ user can get hash like LDAP login
to your CMS, then after user is login successfully he can get his/her hash
generated.

On Fri, Aug 3, 2012 at 5:57 PM, Vieri <rentorbuy@yahoo.com> wrote:

> So basically, I need to use a "generic" admin local user to login and then
> generate hashes for room access.
>
> If I want to "impersonate" some other user, I would need to call
>
> setUserObjectAndGenerateRoomHash
>
> as suggested by Maxim.
>
> No LDAP authentication at all.
>
> Thanks,
>
> Vieri
>
> --- On Fri, 8/3/12, seba.wagner@gmail.com <seba.wagner@gmail.com> wrote:
>
> > Hallo Vieri,
> >
> > login into the SOAP/REST API with an LDAP user is a
> > conceptional
> > misunderstanding.
> >
> > You would _never_ login anybody using the SOAP/REST api to
> > actually enter a
> > conference room.
> > Login via SOAP/REST makes only sense with an Admin (or user
> > level
> > SOAP/REST).
> > After you've logged in using SOAP/REST you can create
> > conference rooms or
> > HASHs to directly enter a conference room.
> > So the SOAP/REST API is to realize integration into websites
> > or any other
> > 3th party system.
> > You will not actually "Login" via SOAP with any user, only
> > with the admin
> > to simulate other users by for example create HASHs
> >
> > Sebastian
> >
> > 2012/8/3 Vieri <rentorbuy@yahoo.com>
> >
> > > Hi,
> > >
> > > I configured an LDAP authentication module in
> > OpenMeetings so that when a
> > > user logs in he/she must select a "domain" (local or
> > LDAP).
> > > This works fine on the web UI.
> > >
> > > However, when accessing via SOAP I use the UserService
> > method: loginUser (
> > > String SID , String username , String userpass ) but
> > the domain can't be
> > > specified.
> > > So LDAP user authentication via SOAP fails while
> > "local" user
> > > authentication via SOAP succeeds.
> > >
> > > The information was taken from:
> > > http://incubator.apache.org/openmeetings/UserService.html#loginUser
> > >
> > > The older (obsolete) site contains more information
> > (!):
> > > http://code.google.com/p/openmeetings/wiki/SoapMethods#loginUser
> > >
> > > It states "Username from OpenMeetings, the user has to
> > have Admin-rights".
> > > That makes sense although I suppose that a "moderator"
> > level should be
> > > enough.
> > >
> > > On a fresh OpenMeetings install, LDAP users don't
> > appear in the "User
> > > management" tool in the web UI until they have logged
> > in at least once.
> > > So I logged in once with an LDAP user and then logged
> > in as a local admin
> > > and changed the LDAP user's level to "admin".
> > >
> > > Still, the SOAP login request with the LDAP user
> > fails.
> > >
> > > getErrorByCode yields "Invalid password" (-11).
> > >
> > > Using OM 2.0 from ASF.
> > >
> > > Any suggestions?
> > > What debug info whould you require?
> > > Or is LDAP/AD authentication unsupported via SOAP?
> > >
> > > Thanks,
> > >
> > > Vieri
> > >
> > >
> >
> >
> > --
> > Sebastian Wagner
> > https://twitter.com/#!/dead_lock
> > http://www.openmeetings.de
> > http://www.webbase-design.de
> > http://www.wagner-sebastian.com
> > seba.wagner@gmail.com
> >
>



-- 
WBR
Maxim aka solomax

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message