You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@openmeetings.apache.org by Filip Žák <fi...@gmail.com> on 2020/12/25 13:31:27 UTC
Restrict access for login
Hello,
could it be possible to restrict access in OM login to specific users in
specific time?
Thanks
Re: Restrict access for login
Posted by Filip Žák <fi...@gmail.com>.
I see. Okay thank you very much for help.
pi 25. 12. 2020 o 22:35 seba.wagner@gmail.com <se...@gmail.com>
napísal(a):
> Sry but this kind of problem should be solved in LDAP:
> - Essentially you want to create a certain group or identifier in LDAP to
> mark a sub-set of your users to have OpenMeetings access.
> - Once you have done that, you can customise the LDAP path to the users
> in the OpenMeetings config to point to the right sub-set of users. And
> limit the amount of people with access rights by doing that.
>
> Another - very hacky way:
> - You could disable users in OpenMeetings. But that is a really hacky
> solution. Cause you can only do that AFTER they have logged in via LDAP.
> - You would require those users - the ones that you do NOT want to have
> access to OpenMeetings - to login into OpenMeetings. OpenMeetings will
> create a profile based on their LDAP profile on the 1st successful login
> into OpenMeetings, and then you (as admin) can go to OpenMeetings > Admin >
> Users and then try to screw up that profile, by disabling it or something,
> so that the next time their login will fail.
>
> The only other way I can think of requires source code changes to
> OpenMeetings. Blacklisting some emails or something.
>
> Like I say, I wouldn't recommend the latter. It's a hack. And a lot of
> manual work. This problem should be solved in LDAP. If you integrate via
> LDAP you move the rights and access management from OpenMeetings to your
> LDAP. So doing any permission hacks in OpenMeetings would be simply the
> wrong place.
>
> Thanks,
> Seb
>
> Sebastian Wagner
> Director Arrakeen Solutions
> http://arrakeen-solutions.co.nz/
>
> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
>
>
> On Sat, 26 Dec 2020 at 09:25, Filip Žák <fi...@gmail.com> wrote:
>
>> Well, thank you. My problem is that I am using OM in school I have school
>> LDAP server but there are thousands users on that server and I only need
>> around hundred users can login to OM. Is there any solution that only
>> students that I want could login into OM? I don't have administrator rights
>> on school LDAP server.
>>
>> Thanks
>> Filip
>>
>> pi 25. 12. 2020 o 20:23 seba.wagner@gmail.com <se...@gmail.com>
>> napísal(a):
>>
>>> "specific time?"
>>> => the only way to do this would be using the invitation functionality
>>> and create the invitations with limited time access.
>>>
>>> Or otherwise using the Soap/Rest API to build a custom login/invitation.
>>>
>>> Thanks
>>> Seb
>>>
>>> Sebastian Wagner
>>> Director Arrakeen Solutions
>>> http://arrakeen-solutions.co.nz/
>>>
>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
>>>
>>>
>>> On Sat, 26 Dec 2020 at 02:31, Filip Žák <fi...@gmail.com> wrote:
>>>
>>>> Hello,
>>>> could it be possible to restrict access in OM login to specific users
>>>> in specific time?
>>>>
>>>> Thanks
>>>>
>>>
>>
>> --
>> S pozdravom
>> Filip Žák
>>
>
--
S pozdravom
Filip Žák
Re: Restrict access for login
Posted by "seba.wagner@gmail.com" <se...@gmail.com>.
Sry but this kind of problem should be solved in LDAP:
- Essentially you want to create a certain group or identifier in LDAP to
mark a sub-set of your users to have OpenMeetings access.
- Once you have done that, you can customise the LDAP path to the users in
the OpenMeetings config to point to the right sub-set of users. And limit
the amount of people with access rights by doing that.
Another - very hacky way:
- You could disable users in OpenMeetings. But that is a really hacky
solution. Cause you can only do that AFTER they have logged in via LDAP.
- You would require those users - the ones that you do NOT want to have
access to OpenMeetings - to login into OpenMeetings. OpenMeetings will
create a profile based on their LDAP profile on the 1st successful login
into OpenMeetings, and then you (as admin) can go to OpenMeetings > Admin >
Users and then try to screw up that profile, by disabling it or something,
so that the next time their login will fail.
The only other way I can think of requires source code changes to
OpenMeetings. Blacklisting some emails or something.
Like I say, I wouldn't recommend the latter. It's a hack. And a lot of
manual work. This problem should be solved in LDAP. If you integrate via
LDAP you move the rights and access management from OpenMeetings to your
LDAP. So doing any permission hacks in OpenMeetings would be simply the
wrong place.
Thanks,
Seb
Sebastian Wagner
Director Arrakeen Solutions
http://arrakeen-solutions.co.nz/
<https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
<https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
On Sat, 26 Dec 2020 at 09:25, Filip Žák <fi...@gmail.com> wrote:
> Well, thank you. My problem is that I am using OM in school I have school
> LDAP server but there are thousands users on that server and I only need
> around hundred users can login to OM. Is there any solution that only
> students that I want could login into OM? I don't have administrator rights
> on school LDAP server.
>
> Thanks
> Filip
>
> pi 25. 12. 2020 o 20:23 seba.wagner@gmail.com <se...@gmail.com>
> napísal(a):
>
>> "specific time?"
>> => the only way to do this would be using the invitation functionality
>> and create the invitations with limited time access.
>>
>> Or otherwise using the Soap/Rest API to build a custom login/invitation.
>>
>> Thanks
>> Seb
>>
>> Sebastian Wagner
>> Director Arrakeen Solutions
>> http://arrakeen-solutions.co.nz/
>>
>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
>>
>>
>> On Sat, 26 Dec 2020 at 02:31, Filip Žák <fi...@gmail.com> wrote:
>>
>>> Hello,
>>> could it be possible to restrict access in OM login to specific users in
>>> specific time?
>>>
>>> Thanks
>>>
>>
>
> --
> S pozdravom
> Filip Žák
>
Re: Restrict access for login
Posted by Filip Žák <fi...@gmail.com>.
Well, thank you. My problem is that I am using OM in school I have school
LDAP server but there are thousands users on that server and I only need
around hundred users can login to OM. Is there any solution that only
students that I want could login into OM? I don't have administrator rights
on school LDAP server.
Thanks
Filip
pi 25. 12. 2020 o 20:23 seba.wagner@gmail.com <se...@gmail.com>
napísal(a):
> "specific time?"
> => the only way to do this would be using the invitation functionality and
> create the invitations with limited time access.
>
> Or otherwise using the Soap/Rest API to build a custom login/invitation.
>
> Thanks
> Seb
>
> Sebastian Wagner
> Director Arrakeen Solutions
> http://arrakeen-solutions.co.nz/
>
> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
>
>
> On Sat, 26 Dec 2020 at 02:31, Filip Žák <fi...@gmail.com> wrote:
>
>> Hello,
>> could it be possible to restrict access in OM login to specific users in
>> specific time?
>>
>> Thanks
>>
>
--
S pozdravom
Filip Žák
Re: Restrict access for login
Posted by "seba.wagner@gmail.com" <se...@gmail.com>.
"specific time?"
=> the only way to do this would be using the invitation functionality and
create the invitations with limited time access.
Or otherwise using the Soap/Rest API to build a custom login/invitation.
Thanks
Seb
Sebastian Wagner
Director Arrakeen Solutions
http://arrakeen-solutions.co.nz/
<https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url>
<https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url>
On Sat, 26 Dec 2020 at 02:31, Filip Žák <fi...@gmail.com> wrote:
> Hello,
> could it be possible to restrict access in OM login to specific users in
> specific time?
>
> Thanks
>