Forum


Notice to all users

We are migrating towards a new forum system located at community.teamspeak.com, as such this forum will become read-only on January 29, 2020

Page 2 of 7 FirstFirst 1234 ... LastLast
Results 16 to 30 of 96
  1. #16
    Join Date
    December 2002
    Location
    The Netherlands
    Posts
    14
    Dont have a wife.... have a bf though

    and don't like the fact that people have to connect to the server and actually be in it to be authenticated... so having slots taken in by users you don't know. (en there is no way of stopping this or you will have to ban them all).

    Whats wrong with user logins and passwords. as of now just a simple 1 shot server password would make the server more secure then 100 user accounts + passwords...? i can think of LOTS of reasons why a 1 shot server password is not good enough for clans

    Let the systems exist next to each other hence only the login would change a bit... the user accounts don't have to be linked to privileges just making sure people can connect and letting admins decide who can and cannot connect to the ts3 server.

  2. #17
    Join Date
    May 2006
    Location
    Europe/Czech Rep.
    Posts
    1,616
    make another variable in your pre-existing system and allow users to change it.
    call it ts3UniqueID, and when they change it and it would be my code, if I put aside fact about changeing servergroup, then propably would add info in describtion.

  3. #18
    Join Date
    December 2009
    Location
    London
    Posts
    32
    Quote Originally Posted by Tomas View Post
    make another variable in your pre-existing system and allow users to change it.
    call it ts3UniqueID, and when they change it and it would be my code, if I put aside fact about changeing servergroup, then propably would add info in describtion.
    Thats not feasible - Understand This : "Users are stupid"

    Sounds bad, but it is a fact, its our duty as the software engineers to remove as much input as possible, you cannot trust users to do anything right.

  4. #19
    Join Date
    February 2009
    Location
    The Netherlands
    Posts
    17
    As I see it, the biggest problem with this new tokenized authentication system, is that the TS3 server only gives the person connecting the possibility to create a new passport (identity) for himself, but does not allow other organisations (read server admins) to automatically create/remove passports (read identities for other persons) and assigning priviliges to these passports before any users identifies himself with that passport...

    Without that possibility it is impossible for third parties to synchronise their user databases with users in TS3, where their databases are LEADING... And that is a major mistake/design flaw in TS3!

  5. #20
    Join Date
    October 2007
    Location
    Romania
    Posts
    35
    The current token system defeats the purpose of having an unique automated auth system used by different "content" providers.
    The solutions proposed earlier are like a monkey who scratch his left ear with his left arm wrapped behind his neck. Very hard to implement not to mention it is in an undesirable way (having a bot running on a server ?! is that possible? bear in mind that that server do not have a graphical interface for example it's plain runlevel 3)

    From my point of view as an "administrator", the token system doesn't make my life easier, I cannot use TS3 with existing auth systems (which are user/password based ofc). Hence there is no security, everyone can join my corp TS3, and I have to do the dirty work of providing them the right token if applicable. But, what about user deletion ?! How the hell should I know what user to delete and what user not to, since it will never ever be possible to keep a live bot online as suggested previously and even if the token is generated by the 3rd party "software" there is no way to know the "cid".

    PS: Bold/underlined = major "flaw" within TS3 auth system.

    The token system is nice, very secure, but hey, it's useless.

  6. #21
    Join Date
    December 2009
    Location
    Switzerland
    Posts
    439
    Quote Originally Posted by LuckyWS View Post
    Thats not feasible - Understand This : "Users are stupid"

    Sounds bad, but it is a fact, its our duty as the software engineers to remove as much input as possible, you cannot trust users to do anything right.
    That's absolutely correct!

    I really don't understand why the TS developers are so fixated on the new authentication system. If I browse through the forums I see it's one of the top ten requests to have an additional username/password system.

    Again: Just an additional system. The key authentication may be perfect for many uses, but you scare off many long-time users because the new system is just much more complicated for admins and users in their environment

    And about the tokens: This topic is completely separated from the authentication system. The permission system is just great, you can customize almost anything to your needs

  7. #22
    Join Date
    December 2009
    Location
    London
    Posts
    32
    I am confident that they will understand this and have probably already began or penciled in the solution we require, afterall, programatically its not going to be a big job.

    I must also add that I have been using TS3 on a daily basis, I love the program - it has affirmed friendships, brought the community closer and deserves to be scaled.

    It is also nice to see that I am not alone in the desire for a 'ye old fashioned standard auth system.

  8. #23
    Join Date
    June 2002
    Location
    Krün / Germany
    Posts
    1,638
    to fully understand the concerns, i will ask some simple questions, please only answer this questions.

    given is:
    • forum, where users are identified by username/password
    • ts2 server, where you can create an entry with forum username/password to create an account for that client

    question:
    • how does the "user" get this information into his ts2 client? i mean,
      he needs to create a new bookmark and copy paste server ip, port,
      username, password ?

  9. #24
    Join Date
    December 2009
    Location
    Switzerland
    Posts
    439
    The user knows his login data valid for all systems in the environment.
    He also gets a manual with some screenshots how to install and connect. That's how he get's in.

  10. #25
    Join Date
    October 2007
    Location
    Romania
    Posts
    35
    The solution might be very simple to implement.
    server side
    using the following columns from "clients" table -> client_login_name and client_login_password

    client side
    using current connect form, if the user supplies a password in that form then on server side we will have 2 possible cases.
    1. the user supplied the server password
    2. the user supplied his own password for his account identified by submitted nickname.


    a short pseudo code at auth time server side

    // client_submitted_username / client_submitted_password -> provided by the client when connecting to ts3 server.

    if (client_submitted_password == NULL && SERVER_PASSWORD == NULL) {
    client_nickname=client_submitted_username;
    return AUTHED;
    }
    if (client_submitted_password == SERVER_PASSWORD) {
    client_nickname=client_submitted_username;
    return AUTHED;
    }
    else {
    client_password= querydb("select client_login_password from clients where client_login_name=client_submitted_username");
    if(client_password == client_submitted_password) {
    return AUTHED;
    }
    else return NOT_AUTHED;
    }


    This method does not change a thing in TS3 client , only in the server by adding an extra check at auth time.

    Example:
    User X connects using password Y
    server side auth , if password Y = server password then we let him in, if not
    we check if there is a user X in clients table, if true check the password Y against the password from the table, if true then we let him in, if not we finally disconnect the user with a nice error message.
    Last edited by Hiigara; January 6th, 2010 at 10:45 AM.

  11. #26
    Join Date
    December 2009
    Location
    London
    Posts
    32
    There is no way for the client to specify a password on TS3 (apart from Global, for the VS) - and for the purposes of neatness I would prefer to do my authentication in SQL as with TS2.

  12. #27
    Join Date
    October 2007
    Location
    Romania
    Posts
    35
    Quote Originally Posted by LuckyWS View Post
    There is no way for the client to specify a password on TS3 (apart from Global, for the VS) - and for the purposes of neatness I would prefer to do my authentication in SQL as with TS2.
    Read again and you will get it

    If the client specify a password, that password can be the global password for that specific virtual server, or it can be in conjunction with the nickname exactly what we want. (It's a step forward without changing too many things in server code)

    Now, to get a better picture of what you want, how did you implemented the auth in ts2 using SQL?

  13. #28
    Join Date
    June 2002
    Location
    Krün / Germany
    Posts
    1,638
    i am sorry guys but we wont add username/password authentication to ts3.

    so assume the following:

    you could create a token which does the following on usage:
    • give the client the needed permissions
    • set (for example) client_description to something you could work with (username? user_id? customer_id?)


    server:
    • accepts tokens while initiating a new connection
    • provide command to find clients via (for example) client_description


    the client connect dialog/boomark dialog:
    • gets an extra field where you could put a token


    ts3 url link:
    • can accept a token


    new ts3 url link:
    • for creating a ts3 bookmark (with token)


    that should cover all your problems, it would even make it obsolete
    to write some sort of manual for your users and shoud solve alot of
    problems at general.

  14. #29
    Join Date
    October 2007
    Location
    Romania
    Posts
    35
    If I get it right, basically we have to wait till those features are implemented?

  15. #30
    Join Date
    June 2002
    Location
    Krün / Germany
    Posts
    1,638
    Quote Originally Posted by Hiigara View Post
    If I get it right, basically we have to wait till those features are implemented?
    yes ofcourse... the question is, if that would solve your needs.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [Need help] Simple user support system.
    By Karol1814 in forum Server Support
    Replies: 3
    Last Post: September 18th, 2014, 10:48 PM
  2. last user login data & preexisting user table
    By Valsimot in forum Server Support
    Replies: 1
    Last Post: January 30th, 2012, 11:44 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •