Where to get authenticator code and what happen with flash player?

jess,

I have installed the ce on vmbox. I have encountered problems:

  1. when i tried to get on http://localhost.localdomain/admin_console/ , it request authenticator code. I don’t know where i can get it

  2. when i tried to get on http://localhost.localdomain/kmc, it keeps saying that i need to install flash player which i have installed already. I have noticed that the flash player is not working properly in vmbox.

You have and idea?
Thank you

Wu Yong

Hi @tianjinwuyong,

RE #1: you don’t need to input the authenticator code, only the username [email] and passwd you provided during the installation process. The 2 factor auth module is optional and is not activated by default
RE #2: you provided localhost.localdomain as service URL, however, this is a VM and so, localhost.localdomain will point to your hosting machine, which is not good. You need to provide the VM’s hostname/IP address, one that is accessible from both the VM itself and from any machine you intend to make requests to the web I/F/player from.

You should rerun the configure scripts to fix that.

@jess I have the same issue but I am still not able to login via admin console. I have attempted to reset the password and still was not allowed to login without the authentication code.

@hiphopservers,

Please run:
# kaltlog
while trying to login and look at the errors. Like I said, the 2 factor auth is not enabled by default and I am unable to reproduce the issue…

Thanks,

@jess

Here is the error I got when I ran ‘kaltlog’’

--
]' in /opt/kaltura/app/infra/log/KalturaLog.php:83
Stack trace:
#0 /opt/kaltura/app/ui_infra/InfraBootstrapper.php(111): KalturaLog::err('Class [EventNot...')
--
#6 {main}
2016-11-15 14:09:32 [0.000118] [139435934] [18] [%context%] [InfraBootstrapper->_initNavigation] ERR: exception 'Exception' with message 'Class [EventNotificationTemplateUpdateStatusAction] requires permissions [Array
(
--
]' in /opt/kaltura/app/infra/log/KalturaLog.php:83
Stack trace:
#0 /opt/kaltura/app/ui_infra/InfraBootstrapper.php(111): KalturaLog::err('Class [EventNot...')
--
2016-11-15 14:09:32 [0.000197] [24.49.36.237] [1637095336] [19] [API] [KalturaStatement->execute] DEBUG: Sql took - 0.00011014938354492 seconds
2016-11-15 14:09:32 [0.000736] [24.49.36.237] [1637095336] [20] [API] [kCoreException->__construct] ERR: exception 'kUserException' in /opt/kaltura/app/alpha/lib/model/UserLoginDataPeer.php:445
Stack trace:
#0 /opt/kaltura/app/alpha/lib/model/UserLoginDataPeer.php(354): UserLoginDataPeer::userLogin(Object(UserLoginData), '##MyPSWDHere##', -2, true, '')

Hi! Same problem here with fresh install, “login error” using email and password. Any suggestions?

HI, I deleted all related about authenticator on /opt/kaltura/app/alpha/lib/model/UserLoginDataPeer.php an UserLoginData.php and now I can login OK, but I found that the player studio doesn’t work so I have to get a copy of V2.44 and pasted an rename to V2.0.7, I think not good because I use a older and outdated studio versión but at least I can use a new player. IMPORTANT, to get work the studio, you have to open in new window the HTML version.

@jess

We need a less drastic method to disable the authentication. Since it appears to be enable by default in some installations.

@jess

I tried running reconfiguration from scratch and that did not resolve this issue. I am able to login and reset passwords in KMC without issue. Right now my only issue with login is when trying to access admin_console which is the only page that has this new authentication option. Although, it is said to be disable by default, it appears to be enable on my installation.

I have not updated the other installations of Kaltura CE until this issue is fixed as it would likely break the administration login for those sites too.

I start from fresh and I installed the Lynx 12.5.0, has fixed the admin login problem with 2 way autenticator and to make the studio player work have to set “/html5/html5lib/v2.49/mwEmbedLoader.php” because was not loading, and have to open in new tab to appear, same bug for me since Kaltura 11 versión.

Do you have another thread explaining this issue and your work around?

Hello all,

I’m afraid I am unable to reproduce the failure to login to Admin Console. Tried both an upgrade and a clean install, both RPM and deb and also upgrades from multiple earlier versions - worked just fine in all cases.

Therefore, in order to debug further, I will need an ENV where I can see the issue.
If you are able to provide SSH and HTTP access to such an ENV, please create a user for me and provide me with the access details so I can take a look.

Please email me at jess.portnoy kaltura.com. Also, do not provide me with root credentials but rather with a user that has full sudo privileges which you can delete once I’m done looking.

Just to make sure - when trying to login to Admin Console, you’re only inputting the email address and password, leaving the “Authenticator Code” textbox empty, correct?

Thanks,

@jess

I will forward you sudo user information via email shortly. Once I have created the use and confirm the login works as expected. Since I only have one administrator on my system having the issue is limited on this system.

OK, awaiting your email.

Thanks,

I just sent the email. If you don’t see it then please check your spam folder.

Thanks

did not get the email… didn’t go to my spam dir either… jess.portnoy@kaltura.com?

Yes. that is the email I sent the information to from my admin at hiphopservers.com email. Did you check your SPAM folder or make sure my IP and domain are not blacklisted by your host. Alternately, you send me a email and I will reply to it with the information. You may need to add my address to your address book or white list.

@hiphopservers,

Please see my reply here: Authenticator code on admin console + An error occurred
and make sure you don’t have the same issue. If the issue is the same, then I do not need access to your ENV, otherwise, please provide me with access info so I can debug further.

@jess

This is not the same issue. My values are the same in those files. So that is not the same issue I am having. I will attempt to forward you the credentials again but I have already email them and nothing bounced back at the address previously provided.

Thanks,

@Jess:

I made changes to the code prior to you updating the password. That and changing the password update resolved the issue. Specifically, I editted the following file.

nano /opt/kaltura/app/alpha/lib/model/UserLoginDataPeer.php

then I change this line of code from ‘true’ to ‘false’

                $otpRequired = true;

Here is a full caption the block of code I changed.

   {
                $otpRequired = false;
                $ipRanges = explode(',', kConf::get('partner_otp_internal_ips'));
                foreach ($ipRanges as $curRange)
                {
                        if (kIpAddressUtils::isIpInRange(infraRequestUtils::getRemoteAddress(), $curRange$
                        {
                                $otpRequired = false;
                                break;
                        }
                }

                if ($otpRequired)
                {
                        // add google authenticator library to include path
                        require_once KALTURA_ROOT_PATH . '/vendor/phpGangsta/GoogleAuthenticator.php';

                        $result = GoogleAuthenticator::verifyCode ($loginData->getSeedFor2FactorAuth(), $$
                        if (!$result)
                        {
                                throw new kUserException ('', kUserException::INVALID_OTP);
                        }
                }
        }

My other host with the same issue is still using the original code with the value set a ‘true’ and the password for that host does not work ask expected to login the admin_console and I am not able to login. You can reduplicate the same error by change the value back to ‘true’ on the EVN host I provided you, which I am able to login now with the described changes to the specific file mention. There should be a token that we can define some where else in the console to enable and properly setup that feature.