Galène videoconferencing server discussion list archives
 help / color / mirror / Atom feed
* [Galene] Additional infos about the WP Plugin
       [not found] <1533526394.8685685.1680708673432.ref@mail.yahoo.com>
@ 2023-04-05 15:31 ` printpagestopdf
  2023-04-10 14:10   ` [Galene] " Juliusz Chroboczek
  0 siblings, 1 reply; 4+ messages in thread
From: printpagestopdf @ 2023-04-05 15:31 UTC (permalink / raw)
  To: galene

[-- Attachment #1: Type: text/plain, Size: 1729 bytes --]

 Oh, yes access code is a bit missleading.
The groups that are created in galene server always using a JWT Token hidden from the user. 

The plugin generates links for every group and every role (presenter, ...) but this link points to the plugin host. The plugin checks the request for authentication details, that are store in the plugins database. These authentication details are configured by the administration UI of the plugin. For ervery Galene role the following auth mechanism can be configured:
- dedicated username/password from the plugins users database
- logged in in Wordpress with an allowed role- needs to know a 6 digit number that is generated randomly from the plugin- nothing at all - free access for everyone
If this is checked by the plugin (e.g. for the first case it asks for a username/password) then the request is redirected to the configured Galene Server including the immediately generated JWT token.
As an example a room/group can be configured following:- others: free access- presenters: 3 users from the plugins users database- op: Wordpress administratorsThats an example for an free audience, where 3 people are active speakers and the Wordpress administrator is op. Or as an alternative others have to know a 6 digit number than its a bit more limited. But all need to know the url's. In this example there are three urls (others,presenter,op) that are all pointing to the plugins host (and will be checked there). 

Hopefully that explains it a bit more? For sure one of the tasks on my list is to write some (more) documentation. 

P.S.: on Github in the subfolder docker there is a docker-compos.yml that should run a demoinstallation with some preconfigured rooms/groups

Best Regards,

[-- Attachment #2: Type: text/html, Size: 2680 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Galene] Re: Additional infos about the WP Plugin
  2023-04-05 15:31 ` [Galene] Additional infos about the WP Plugin printpagestopdf
@ 2023-04-10 14:10   ` Juliusz Chroboczek
  2023-04-11 19:48     ` printpagestopdf
  0 siblings, 1 reply; 4+ messages in thread
From: Juliusz Chroboczek @ 2023-04-10 14:10 UTC (permalink / raw)
  To: printpagestopdf; +Cc: galene

> If this is checked by the plugin (e.g. for the first case it asks for a
> username/password) then the request is redirected to the configured Galene
> Server including the immediately generated JWT token.

Ok, so you're ignoring Galene's built-in authentication mechanisms, and
just using short-lived JWTs for everything.  That makes sense.

I'm wondering what I could do on the Galene side to simplify your usage.
In particular, would it be useful if you could just do an HTTPS PUT
(properly authentified) in order to update a group definition in order to
avoid sftp?  Or perhaps we could have a mode of operation where groups
automagically come into existence if they are required by a properly
authentified token?

-- Juliusz



^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Galene] Re: Additional infos about the WP Plugin
  2023-04-10 14:10   ` [Galene] " Juliusz Chroboczek
@ 2023-04-11 19:48     ` printpagestopdf
  2023-04-11 20:34       ` Juliusz Chroboczek
  0 siblings, 1 reply; 4+ messages in thread
From: printpagestopdf @ 2023-04-11 19:48 UTC (permalink / raw)
  To: Juliusz Chroboczek; +Cc: galene

[-- Attachment #1: Type: text/plain, Size: 1536 bytes --]

Oh, that sounds great. Both enhancements would be great (but one of them would be sufficiant from the point of my plugin)! Because for some of the "administrators" it is a barrier to set up sftp access or filesharing. So if such an easier alternative way would be available to manage the server groups would enhance the usability of the plugin.
P.S.: As I read Version 0.7.0 of Galene will have exactly one of the ideas the plugin does (invitation links) as a native implementation - very nice.
Reinhold

   Am Montag, 10. April 2023 um 16:11:01 MESZ hat Juliusz Chroboczek <jch@irif.fr> Folgendes geschrieben:  
 
 > If this is checked by the plugin (e.g. for the first case it asks for a
> username/password) then the request is redirected to the configured Galene
> Server including the immediately generated JWT token.

Ok, so you're ignoring Galene's built-in authentication mechanisms, and
just using short-lived JWTs for everything.  That makes sense.

I'm wondering what I could do on the Galene side to simplify your usage.
In particular, would it be useful if you could just do an HTTPS PUT
(properly authentified) in order to update a group definition in order to
avoid sftp?  Or perhaps we could have a mode of operation where groups
automagically come into existence if they are required by a properly
authentified token?

-- Juliusz


_______________________________________________
Galene mailing list -- galene@lists.galene.org
To unsubscribe send an email to galene-leave@lists.galene.org
  

[-- Attachment #2: Type: text/html, Size: 3039 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Galene] Re: Additional infos about the WP Plugin
  2023-04-11 19:48     ` printpagestopdf
@ 2023-04-11 20:34       ` Juliusz Chroboczek
  0 siblings, 0 replies; 4+ messages in thread
From: Juliusz Chroboczek @ 2023-04-11 20:34 UTC (permalink / raw)
  To: printpagestopdf; +Cc: galene

>> I'm wondering what I could do on the Galene side to simplify your
>> usage.  In particular, would it be useful if you could just do an HTTPS
>> PUT (properly authentified) in order to update a group definition in
>> order to avoid sftp?

> Because for some of the "administrators" it is a barrier to set up sftp
> access or filesharing. So if such an easier alternative way would be
> available to manage the server groups would enhance the usability of the
> plugin.

It's also not atomic.  With HTTP, we could use ETags to avoid the
lost-update problem.  Definitely something to look into.

> P.S.: As I read Version 0.7.0 of Galene will have exactly one of the ideas the
> plugin does (invitation links) as a native implementation - very nice.

Hehe.  You released your code just as I was working on native tokens, so
that's why I was asking how you implement them.

-- Juliusz

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2023-04-11 20:34 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <1533526394.8685685.1680708673432.ref@mail.yahoo.com>
2023-04-05 15:31 ` [Galene] Additional infos about the WP Plugin printpagestopdf
2023-04-10 14:10   ` [Galene] " Juliusz Chroboczek
2023-04-11 19:48     ` printpagestopdf
2023-04-11 20:34       ` Juliusz Chroboczek

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox