SMS Delivery Gateways and authentication via QS parameter
46 views
Skip to first unread message
Salvo Rapisarda
Aug 5, 2016, 7:06:01 AM8/5/16
to privacyidea
Hi,
today I do an update of my privacyIDEA installation and I see a new section for configuration of SMS gateway.
I've tried to setup a new SMS gateway starting from old config. This is my config:
{ "URL" : "http://mysmshost:9501/api",
"PARAMETER" : {
"action":"sendmessage",
"username":"myusername",
"password":"mypassword",
"messagetype":"SMS:TEXT"
},
"SMS_TEXT_KEY":"messagedata",
"SMS_PHONENUMBER_KEY":"recipient",
"HTTP_Method":"GET",
"RETURN_SUCCESS" : "Message accepted for delivery"
}
My SMS gateway need authentication parameters passed URI query string.
If I try to add username and password field on Options section the values are copies on username & password of basic authentication fields
How can I pass these parameters in query string mode ?
Thank you.
Salvo.
Cornelius Kölbel
Aug 8, 2016, 6:45:52 AM8/8/16
to priva...@googlegroups.com
Hi Salvo,
I can not reproduce this with lowercase "password".
You should not use uppercase PASSWORD as parameter, since this is the
key for the basic authentication.
I am using chrome.
Kind regards
Cornelius
> --
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/8ecef326-705f-482b-9169-6d1d5c5e32f2%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
I can not reproduce this with lowercase "password".
You should not use uppercase PASSWORD as parameter, since this is the
key for the basic authentication.
I am using chrome.
Kind regards
Cornelius
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/8ecef326-705f-482b-9169-6d1d5c5e32f2%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Salvo Rapisarda
Aug 10, 2016, 4:08:53 AM8/10/16
to privacyidea
Hi Cornelius,
my version of privacyidea is 2.13.
I tried following your instructions but did not work (never uppercase or lowercase).
If can be helpful for troubleshooting, I set the options after creation of new sms gateway.
If you want I can send to you a screenshot of what I do.
Thank you.
Salvo.
Cornelius Kölbel
Aug 11, 2016, 2:31:33 AM8/11/16
to priva...@googlegroups.com
Hi Salvo,
The UI holds a javascript parameter object. The credentials of the basic
authentication are the keys "PASSWORD" and "USERNAME".
All individual key-value-pairs you are adding at "options" will be added
with their keys to this parameter object. So if you add a key-value-pair
"username": "salvo",
then the object will contain
obj.USERNAME
obj.username
My suspecion is, that your browser/OS combination does not distinguish
upper and lower case and only knows obj.username.
Which browser and OS are you using.
Admitted, the key "PASSWORD" and "USERNAME" might have been choosen
badly in the first place.
Kind regards
Cornelius
Which browser and which operating system are you using.
> https://groups.google.com/d/msgid/privacyidea/818f1f74-c33b-4dcb-90d1-a8fcd5b316fa%40googlegroups.com.
The UI holds a javascript parameter object. The credentials of the basic
authentication are the keys "PASSWORD" and "USERNAME".
All individual key-value-pairs you are adding at "options" will be added
with their keys to this parameter object. So if you add a key-value-pair
"username": "salvo",
then the object will contain
obj.USERNAME
obj.username
My suspecion is, that your browser/OS combination does not distinguish
upper and lower case and only knows obj.username.
Which browser and OS are you using.
Admitted, the key "PASSWORD" and "USERNAME" might have been choosen
badly in the first place.
Kind regards
Cornelius
Which browser and which operating system are you using.
Salvo Rapisarda
Aug 11, 2016, 5:42:35 AM8/11/16
to privacyidea
I try with Firefox and Chrome but I got the same result.
First I put "username" & "password" on options field and press "Save SMS gateway".
Then Password and Username are copied on username and password fields for Basic Authentication.
Thank you.
Salvo.
Cornelius Kölbel
Aug 11, 2016, 5:52:18 AM8/11/16
to priva...@googlegroups.com
OS?
Am Donnerstag, den 11.08.2016, 02:42 -0700 schrieb Salvo Rapisarda:
> I try with Firefox and Chrome but I got the same result.
>
> First I put "username" & "password" on options field and press "Save
> SMS gateway".
>
>
>
>
>
>
>
> https://groups.google.com/d/msgid/privacyidea/8076f41b-5b0a-41f4-a9b9-272e3655c281%40googlegroups.com.
Am Donnerstag, den 11.08.2016, 02:42 -0700 schrieb Salvo Rapisarda:
> I try with Firefox and Chrome but I got the same result.
>
> First I put "username" & "password" on options field and press "Save
> SMS gateway".
>
>
>
>
>
>
>
> Then Password and Username are copied on username and password fields
> for Basic Authentication.
>
>
>
>
>
>
>
>
>
> for Basic Authentication.
>
>
>
>
>
>
>
>
>
Salvo Rapisarda
Aug 11, 2016, 12:13:59 PM8/11/16
to privacyidea
Ubuntu
Cornelius Kölbel
Aug 11, 2016, 12:19:08 PM8/11/16
to priva...@googlegroups.com
This is your client OS, the browser is running on?
This is really strange, since I have the same setup.
Kind regards
Cornelius
> https://groups.google.com/d/msgid/privacyidea/564c3723-dfb1-4726-b7cc-386a69e07f60%40googlegroups.com.
This is really strange, since I have the same setup.
Kind regards
Cornelius
Salvo Rapisarda
Aug 12, 2016, 3:36:17 AM8/12/16
to privacyidea
Oh, sorry! My client OS is Windows 10.
Salvo Rapisarda
Aug 12, 2016, 4:01:32 AM8/12/16
to privacyidea
I try to debug the javascript code with Chrome.
USERNAME and username appear to be different in the model.
This is the result:
Cornelius Kölbel
Aug 15, 2016, 3:04:18 AM8/15/16
to priva...@googlegroups.com
So the next question would be, what gets sent to the privacyIDEA server
and what gets saved in the database.
Somewhere the case sensitivity gets lost.
In the end I think the best solution would be to change PASSWORD and
USERNAME tags of the basic authentication in the first place.
But I am a bit hesitant about this, because there already might be
configurations using those tags.
Kind regards
Cornelius
Am Freitag, den 12.08.2016, 01:01 -0700 schrieb Salvo Rapisarda:
> I try to debug the javascript code with Chrome.
> USERNAME and username appear to be different in the model.
> This is the result:
>
>
>
>
>
>
>
>
>
and what gets saved in the database.
Somewhere the case sensitivity gets lost.
In the end I think the best solution would be to change PASSWORD and
USERNAME tags of the basic authentication in the first place.
But I am a bit hesitant about this, because there already might be
configurations using those tags.
Kind regards
Cornelius
Am Freitag, den 12.08.2016, 01:01 -0700 schrieb Salvo Rapisarda:
> I try to debug the javascript code with Chrome.
> USERNAME and username appear to be different in the model.
> This is the result:
>
>
>
>
>
>
>
>
>
> Il giorno venerdì 12 agosto 2016 09:36:17 UTC+2, Salvo Rapisarda ha
> scritto:
> Oh, sorry! My client OS is Windows 10.
>
>
> scritto:
> Oh, sorry! My client OS is Windows 10.
>
>
> --
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/privacyidea/44646da1-22a6-4f47-8fe9-d1b23d19dee3%40googlegroups.com.
> Please read the blog post about getting help
> https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
> https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
> https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to priva...@googlegroups.com.
> Visit this group at https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
Reply all
Reply to author
Forward
0 new messages