Details
Description
I have installed openmeeting on ubuntu 16.04lts. Created a admin user, and a group too. Now I have been trying to
1.login as admin
2.create a room
3.get the room hash and enter the room with a url using SOAP api.
I am using boomerang google plugin to learn to use the soap services first.
Step1:The soap request sent to login using user service as follows:
#also i will use () to show values that I think are secret.
Request:
<x:Envelope xmlns:x="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice.openmeetings.apache.org/">
<x:Header/>
<x:Body>
<web:login>
<user>seemap</user>
<pass>(my password)</pass>
</web:login>
</x:Body>
</x:Envelope>
Response:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:loginResponse xmlns:ns2="http://webservice.openmeetings.apache.org/">
<return>
<code>1</code>
<message>f4ae3421-7c57-4197-b6c5-bb79094e3d83</message>
<type>SUCCESS</type>
</return>
</ns2:loginResponse>
</soap:Body>
</soap:Envelope>
Step 2:I create a room as follows:
Request:
<x:Envelope xmlns:x="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice.openmeetings.apache.org/">
<x:Header/>
<x:Body>
<web:add>
<sid>f4ae3421-7c57-4197-b6c5-bb79094e3d83</sid>
<room>
<name>gettingstarted</name>
<comment>chill</comment>
<type>conference</type>
<numberOfPartizipants>2</numberOfPartizipants>
<appointment>false</appointment>
<isPublic>false</isPublic>
<demo>false</demo>
<closed>false</closed>
<demoTime>0</demoTime>
<externalId>12324567</externalId>
<externalType>myapp</externalType>
<moderated>true</moderated>
<allowUserQuestions>true</allowUserQuestions>
<allowRecording>true</allowRecording>
<waitForRecording>true</waitForRecording>
<audioOnly>false</audioOnly>
<topBarHidden>false</topBarHidden>
<chatHidden>false</chatHidden>
<activitiesHidden>false</activitiesHidden>
<filesExplorerHidden>false</filesExplorerHidden>
<actionsMenuHidden>false</actionsMenuHidden>
<screenSharingHidden>false</screenSharingHidden>
<whiteboardHidden>false</whiteboardHidden>
</room>
</web:add>
</x:Body>
</x:Envelope>
Response:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:addResponse xmlns:ns2="http://webservice.openmeetings.apache.org/">
<return>
<id>18</id>
<name>gettingstarted</name>
<comment>chill</comment>
<type>conference</type>
<numberOfPartizipants>2</numberOfPartizipants>
<appointment>false</appointment>
<isPublic>false</isPublic>
<demo>false</demo>
<closed>false</closed>
<demoTime>0</demoTime>
<externalId>12324567</externalId>
<externalType>myapp</externalType>
<moderated>true</moderated>
<allowUserQuestions>true</allowUserQuestions>
<allowRecording>true</allowRecording>
<waitForRecording>true</waitForRecording>
<audioOnly>false</audioOnly>
<topBarHidden>false</topBarHidden>
<chatHidden>false</chatHidden>
<activitiesHidden>false</activitiesHidden>
<filesExplorerHidden>false</filesExplorerHidden>
<actionsMenuHidden>false</actionsMenuHidden>
<screenSharingHidden>false</screenSharingHidden>
<whiteboardHidden>false</whiteboardHidden>
</return>
</ns2:addResponse>
</soap:Body>
</soap:Envelope>
Step 3: I get the room hash as follows
Request:
<x:Envelope xmlns:x="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice.openmeetings.apache.org/">
<x:Header/>
<x:Body>
<web:getRoomHash>
<sid>f4ae3421-7c57-4197-b6c5-bb79094e3d83</sid>
<user>
<login>jira1</login>
<firstname>jira1</firstname>
<lastname>jira1</lastname>
<email>jira12@gmail.com</email>
<externalId>234767</externalId>
<externalType>myapp</externalType>
</user>
<options>
<roomId>18</roomId>
<moderator>true</moderator>
<showAudioVideoTest>false</showAudioVideoTest>
<showNickNameDialog>false</showNickNameDialog>
<allowSameURLMultipleTimes>true</allowSameURLMultipleTimes>
<allowRecording>true</allowRecording>
</options>
</web:getRoomHash>
</x:Body>
</x:Envelope>
Response:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:getRoomHashResponse xmlns:ns2="http://webservice.openmeetings.apache.org/">
<return>
<code>0</code>
<message>95645618-0a85-4b57-983f-00b896820520</message>
<type>SUCCESS</type>
</return>
</ns2:getRoomHashResponse>
</soap:Body>
</soap:Envelope>
Now as you can see the conference is moderated and the user in getroomhash is the moderator. When I tried to get the room hash for another user as shown in the request below:
Request:
<x:Envelope xmlns:x="http://schemas.xmlsoap.org/soap/envelope/" xmlns:web="http://webservice.openmeetings.apache.org/">
<x:Header/>
<x:Body>
<web:getRoomHash>
<sid>?</sid>
<user>
<login>jira</login>
<firstname>jira</firstname>
<lastname>jira</lastname>
<email>jira@gmail.com</email>
<externalId>2345665767</externalId>
<externalType>myapp</externalType>
</user>
<options>
<roomId>18</roomId>
<moderator>false</moderator>
<showAudioVideoTest>false</showAudioVideoTest>
<showNickNameDialog>false</showNickNameDialog>
<allowSameURLMultipleTimes>true</allowSameURLMultipleTimes>
<allowRecording>true</allowRecording>
</options>
</web:getRoomHash>
</x:Body>
</x:Envelope>
I got a success response:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:getRoomHashResponse xmlns:ns2="http://webservice.openmeetings.apache.org/">
<return>
<code>0</code>
<message>d7dcc0ed-4a5b-4920-8058-3fb6130417f4</message>
<type>SUCCESS</type>
</return>
</ns2:getRoomHashResponse>
</soap:Body>
</soap:Envelope>
So I have the two urls as follows:
(for user not the moderator)http://localhost:5080/openmeetings/swf?secureHash=d7dcc0ed-4a5b-4920-8058-3fb6130417f4&language=1
(for the user who is moderator)http://localhost:5080/openmeetings/swf?secureHash=95645618-0a85-4b57-983f-00b896820520&language=1
Now when i login with one url through google chrome and one through mozzilla i get access denied in both.
But when I repeat the steps mentioned above and just create a moderator user and login i see the room with the whiteboards and chat.
I dont understand how or why this is happening. BUt I really need to know how to correctly send soap requests so that both users can login at the same time in the same room.
Attachments
Issue Links
- duplicates
-
OPENMEETINGS-1530 Secure Hash is broken
- Closed