Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
BigBlueButton-dev
Home
About this group
Apply for group membership
different instances / salts
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   11 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Reimar Bauer  
View profile  
 More options Aug 7 2012, 4:32 am
From: Reimar Bauer <rb.p...@googlemail.com>
Date: Tue, 7 Aug 2012 10:32:58 +0200
Local: Tues, Aug 7 2012 4:32 am
Subject: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author
Hi

I there a way to have different instances of the server software or
different salts in one installation?

The problem is that I need the salt in any of my wiki installations.
The wikis have different users. Each moderator
of a wiki can get the bbb salt from the config and therefore access to
all rooms of my bbb server.

Any idea how that can be solved?

Reimar


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Fred Dixon  
View profile  
 More options Aug 7 2012, 8:41 am
From: Fred Dixon <ffdi...@gmail.com>
Date: Tue, 7 Aug 2012 08:41:57 -0400
Local: Tues, Aug 7 2012 8:41 am
Subject: Re: [bigbluebutton-dev] different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author

Hi Reimar,

Each BigBlueButton server has a single URL and salt (shared secret).

Not knowing the wiki you are using, or whether you have created your own
integration with BigBlueButton or are using an existing one, one possible
solution would be to modify the Wiki interface provided to the wiki
administrators so that the URL and salt are not visible. This assumes that
access to the BigBlueButton configuration is provided through a plugin of
sorts in the wiki.

 In other words, remove the UI to access the URL and salt from the plugin.

The URL and salt would still be stored in a database, so you could use SQL
queries to set the URL and salt.  This gives you access to the settings as
you have access to the server, but not the administrators who only have
access to the Wiki interface.

Regards,... Fred
--
BigBlueButton Developer
http://bigbluebutton.org/
http://code.google.com/p/bigbluebutton
BigBlueButton on twitter: @bigbluebutton


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
HostBBB.com  
View profile  
 More options Aug 7 2012, 12:15 pm
From: "HostBBB.com" <207t...@gmail.com>
Date: Tue, 7 Aug 2012 09:15:35 -0700 (PDT)
Local: Tues, Aug 7 2012 12:15 pm
Subject: Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author
Reimer,  we have made some custom changes to api controller to handle
multiple salts and client directorys for our shared hosting platform,
If this is what you a looking for i can share more detials on what we
did.

Basically we delimit salts with a pipe |  and just add them to the
standard properties file like normal.   the controller validates multi
salts, and then returns custom directory path for client based on a
range of digits in the salt. this way you can serve multiple branded
clients if needed from single server.

Ideally the api will allow passing a custom client url long tern,  but
this works for us now, and we can easily turn on/off a hosting
account,  by just disabling salt.

This is really a service proviser enhancement and not really needed
for main stream installs.

Regards,
Stephen
hostbbb.com

On Aug 7, 8:41 am, Fred Dixon <ffdi...@gmail.com> wrote:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
JarrodJay  
View profile  
 More options Aug 7 2012, 7:46 pm
From: JarrodJay <shad...@gmail.com>
Date: Tue, 7 Aug 2012 16:46:07 -0700 (PDT)
Local: Tues, Aug 7 2012 7:46 pm
Subject: Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author

Hello Stephen,

I'm interested in further details of what you altered to achieve this.

I wasn't sure how to go about this- so created a mini-authorisation layer
in between BBB, on another server. The client has their own salt and sets
the server URL to http://bbb.mydomain.com. This server checks in a database
if their salt is valid, and if so- passes the API call on to the actual bbb
server at http://b*.mydomain.com. Doing so provides an easy administration
management to disable / enable accounts (it also monitors storage, usage in
hours, which bbb server they are on, log their API calls, etc). The
downside is that it is an extra call / step for each API call (which isn't
a huge deal as we don't have too much traffic).

Thanks,
Jarrod.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
HostBBB.com  
View profile  
 More options Aug 7 2012, 8:15 pm
From: "HostBBB.com" <207t...@gmail.com>
Date: Tue, 7 Aug 2012 17:15:07 -0700 (PDT)
Local: Tues, Aug 7 2012 8:15 pm
Subject: Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author
Jarrod,

Much easiier i just added 10 lines of code to api controller to look
for delimited salt string, and then reform the redirect link....
Nothing stops a salt from being ALPHA NUMERIC  so part of it can be
readable text which is used to form the directory path.

So if youi had  234as4d4a23dHOSTBBB   for a salt it would serve up
client from HOSTBBB directory in /var/www/bigbluebutton/

If you only have 1 salt,  still works fine and uses standard path.

You need to compile bbb-web and redeplo changes on the server.

Also every call iterates thru salts looking for match,   but
realistically your not going to have more then 6-12 cms tied a server,
so checksum validation is still instant.

This isnt the long term solution,  but works for now.

Regards,
Stephen

On Aug 7, 7:46 pm, JarrodJay <shad...@gmail.com> wrote:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
JarrodJay  
View profile  
 More options Aug 13 2012, 8:36 pm
From: JarrodJay <shad...@gmail.com>
Date: Mon, 13 Aug 2012 17:36:28 -0700 (PDT)
Local: Mon, Aug 13 2012 8:36 pm
Subject: Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author

Hey Stephen,

Thanks for your reply. That seems quite logical and efficient!
I'll look into it when I get the time.

Jarrod.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
gmr  
View profile  
 More options Mar 15, 11:07 am
From: gmr <madhukargre...@gmail.com>
Date: Fri, 15 Mar 2013 08:07:09 -0700 (PDT)
Local: Fri, Mar 15 2013 11:07 am
Subject: Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author

Hi,
How to Create Multiple salts for Bigbluebutton, can BBB supports
Multi-tenancy, Because i want to run Multiple session on single instance
and i want to create different login's for different users, is it possible,
if possible please guide me..

Thanks,
Madhukar


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Fu Jiantao  
View profile  
 More options Mar 15, 12:02 pm
From: Fu Jiantao <fuji...@gmail.com>
Date: Sat, 16 Mar 2013 00:02:39 +0800
Local: Fri, Mar 15 2013 12:02 pm
Subject: Re: [bigbluebutton-dev] Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author
Hi Madhukar,

  I think you should create your own user management rather than relay
on multiple salt support

Regards,
Jeromy

2013/3/15 gmr <madhukargre...@gmail.com>:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
HostBBB.com  
View profile  
 More options Mar 16, 6:59 am
From: "HostBBB.com" <207t...@gmail.com>
Date: Sat, 16 Mar 2013 03:59:11 -0700 (PDT)
Local: Sat, Mar 16 2013 6:59 am
Subject: Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author
gmr,

If you are technical this .80 code modification in paramsprocesserutil
allows you enter in multiple SALTs "|" delimited into
bigbluebutton.properties and it serves up different client directories
for each SALT where directory is just 5-9char of salt.  For example
048f5GMBBBd9640ba57e91122288ef38 would serve client from /GMBBB.

Quick and "dirty" way to provision multi salts and serve different
clients.  Requires a restart of BBB any time changes are made.

Regards;
Stephen
hostbbb.com

public boolean isChecksumSame(String apiCall, String checksum, String
queryString) {
                log.debug("checksum: [{}] ; query string: [{}]", checksum,
queryString);

                if (StringUtils.isEmpty(securitySalt)) {
                        log.warn("Security is disabled in this service. Make sure this is
intentional.");
                        return true;
                }

                // handle either checksum as first or middle / end parameter
                // TODO: this is hackish - should be done better
                queryString = queryString.replace("&checksum=" + checksum, "");
                queryString = queryString.replace("checksum=" + checksum + "&", "");
                queryString = queryString.replace("checksum=" + checksum, "");

               log.debug("query string after checksum removed: [{}]",
queryString);
               log.debug("Security Salt: [{}]", securitySalt);
               String delims = "[|]+";
               String[] tokens = securitySalt.split(delims);
               for (int i = 0; i < tokens.length; i++){
                   String cs = DigestUtils.shaHex(apiCall +
queryString + tokens[i]);
                   String temp = tokens[i] + " " + cs + " " +
checksum;
                   log.debug("Check [{}]:[{}]", i, temp );
                   if ( cs.equals(checksum) == true ) {
                        log.info("checksumGood: request did pass the checksum security
check");
                        return true;
                        }
              }
                log.debug("checksumError: Failed");
                return false;
        }

public String getUrlPath(String apiCall, String checksum, String
queryString) {

         String urltemp = "/client/BigBlueButton.html";

          if (StringUtils.isEmpty(securitySalt)) {
                    log.warn("urlPath No salt, return default.");
                    return urltemp;
                }

          queryString = queryString.replace("&checksum=" + checksum,
"");
                queryString = queryString.replace("checksum=" + checksum + "&", "");
                queryString = queryString.replace("checksum=" + checksum, "");

               String delims = "[|]+";
               String[] tokens = securitySalt.split(delims);
               for (int i = 0; i < tokens.length; i++){
                   String cs = DigestUtils.shaHex(apiCall +
queryString + tokens[i]);
                   String temp = tokens[i] + " " + cs + " " +
checksum;
                   log.debug("Check [{}]:[{}]", i, temp );
                   if ( cs.equals(checksum) == true ) {
                        log.info("checksumGood: urlPath");
                String urlpath = "/client/" + tokens[i].substring(5,9)
+ "/" ;
                        return urlpath;
                        }
              }

On Mar 15, 11:07 am, gmr <madhukargre...@gmail.com> wrote:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Madhukar Reddy  
View profile  
 More options Mar 16, 1:08 pm
From: Madhukar Reddy <madhukargre...@gmail.com>
Date: Sat, 16 Mar 2013 22:38:26 +0530
Local: Sat, Mar 16 2013 1:08 pm
Subject: Re: [bigbluebutton-dev] Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author

Hi  Stephen,
thank for ur mail.
actually i have installed BBB 0.81-dev version,so is it supports
multi-tenancy, second thing already i have integrated BBB in my moodle
portal, so with single saltkey and url cna we integrate multiple moodle
portals.

Thanks,
Madhukar

...

read more »


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
HostBBB.com  
View profile  
 More options Mar 16, 1:38 pm
From: "HostBBB.com" <207t...@gmail.com>
Date: Sat, 16 Mar 2013 10:38:47 -0700 (PDT)
Local: Sat, Mar 16 2013 1:38 pm
Subject: Re: different instances / salts
Print | Individual message | Show original | Report this message | Find messages by this author
Madhukar,

This should work the same with .81, your just modifying 2 functions
but you would need to debug. I have tested it with 100 salts and their
is no real performance issues, you add couple hundred milliseconds to
the create and join command which is un-noticeable to user.

Any existing integration will work with this change.  You can add
moodle, wordpress, tiki users all to the same BBB system.   We are
working on some other changes in our service provider controller to
ensure distinct meeting-id/recordings are returned to prevent users
from retrieving recordings when they use a similar meeting id.

regards,
Stephen

On Mar 16, 1:08 pm, Madhukar Reddy <madhukargre...@gmail.com> wrote:

...

read more »


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google