INTERACT FORUM

Please login or register.

Login with username, password and session length
Advanced search  
Pages: [1]   Go Down

Author Topic: MCWS: Authenticate uses read-only "Everyone" by default  (Read 4290 times)

cncb

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 3106
MCWS: Authenticate uses read-only "Everyone" by default
« on: September 05, 2019, 08:27:44 am »

It seems that the Authenticate function uses the read-only "Everyone" by default even if the normal authentication is enabled and the credentials are supplied.  Could this behavior be changed to try normal authentication first if credentials are supplied?  Thanks.
Logged
-Craig    MO 4Media remote and player:  Android/TV/Auto | iOS | Windows 10/UWP

RoderickGI

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 8186
Re: MCWS: Authenticate uses read-only "Everyone" by default
« Reply #1 on: September 05, 2019, 09:03:51 pm »

There was a long discussion about this some time back. Basically, if read-only authentication was set to everyone, that is what all clients got, and there was no way to make specific Clients use read-write authentication. Maybe that only happened if they hadn't been logged in with read-write authentication before read-only for everyone was turned on. I don't remember the details. I haven't found that thread in a quick search.

This:

23.0.95 (1/19/2018)
4. NEW: Added the option to allow any user to get read-only access (you can also require a username and password).
6. NEW: Panel - Panel will automatically attempt to get a read-only token without requiring the user to log in. If this fails, it will bring up the login screen.
7. NEW: Panel - Full authentication can be enabled or disabled from the Settings page.

Also this: https://yabb.jriver.com/interact/index.php/topic,115960.msg801403.html#msg801403

Logged
What specific version of MC you are running:MC27.0.27 @ Oct 27, 2020 and updating regularly Jim!                        MC Release Notes: https://wiki.jriver.com/index.php/Release_Notes
What OS(s) and Version you are running:     Windows 10 Pro 64bit Version 2004 (OS Build 19041.572).
The JRMark score of the PC with an issue:    JRMark (version 26.0.52 64 bit): 3419
Important relevant info about your environment:     
  Using the HTPC as a MC Server & a Workstation as a MC Client plus some DLNA clients.
  Running JRiver for Android, JRemote2, Gizmo, & MO 4Media on a Sony Xperia XZ Premium Android 9.
  Playing video out to a Sony 65" TV connected via HDMI, playing digital audio out via motherboard sound card, PCIe TV tuner

BradATIMA

  • Citizen of the Universe
  • *****
  • Posts: 1641
Re: MCWS: Authenticate uses read-only "Everyone" by default
« Reply #2 on: September 06, 2019, 08:33:16 am »

The intent with the option to have read-only set to everyone was so someone could obtain a token without a password prompt. Could you use an option to force full authentication by rejecting the token if it's read-only?
Logged

cncb

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 3106
Re: MCWS: Authenticate uses read-only "Everyone" by default
« Reply #3 on: September 06, 2019, 10:54:20 am »

Could you use an option to force full authentication by rejecting the token if it's read-only?

Yes, if you could add an option to MCWS to force full authentication that would be great (assuming it is not feasible to just try full authentication with any supplied credentials first).  Thanks.
Logged
-Craig    MO 4Media remote and player:  Android/TV/Auto | iOS | Windows 10/UWP

BradATIMA

  • Citizen of the Universe
  • *****
  • Posts: 1641
Re: MCWS: Authenticate uses read-only "Everyone" by default
« Reply #4 on: September 06, 2019, 11:20:06 am »

When I make a call to authenticate, if I provide full authentication credentials, it returns a fully authenticated token, even with read-only set to Everyone.

Is it possible the user has the full authentication credentials set incorrectly? That would return a read-only token.
Logged

cncb

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 3106
Re: MCWS: Authenticate uses read-only "Everyone" by default
« Reply #5 on: September 06, 2019, 01:02:46 pm »

When I make a call to authenticate, if I provide full authentication credentials, it returns a fully authenticated token, even with read-only set to Everyone.

For some reason, it's not working that way for me.  The credentials are correct, because if I disable "Everyone" then it returns a fully authenticated token.  But when I enable "Everyone" still providing the same credentials, it always returns the read-only token.
Logged
-Craig    MO 4Media remote and player:  Android/TV/Auto | iOS | Windows 10/UWP

Matt

  • Administrator
  • Citizen of the Universe
  • *****
  • Posts: 42385
  • Shoes gone again!
Re: MCWS: Authenticate uses read-only "Everyone" by default
« Reply #6 on: September 06, 2019, 01:19:37 pm »

For some reason, it's not working that way for me.  The credentials are correct, because if I disable "Everyone" then it returns a fully authenticated token.  But when I enable "Everyone" still providing the same credentials, it always returns the read-only token.

I'm riddled.

I just tried using Postman.

If I login without credentials, I'm given a read-only token.

As soon as I add credentials, it's a full token.

Maybe double-check that your credentials are valid?
Logged
Matt Ashland, JRiver Media Center

cncb

  • MC Beta Team
  • Citizen of the Universe
  • *****
  • Posts: 3106
Re: MCWS: Authenticate uses read-only "Everyone" by default
« Reply #7 on: September 06, 2019, 01:33:24 pm »

I'm riddled.

Me too :).  I will have to investigate more to try to figure out why I am getting different behavior.  Thanks to you both for checking.
Logged
-Craig    MO 4Media remote and player:  Android/TV/Auto | iOS | Windows 10/UWP
Pages: [1]   Go Up