View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
15265 | Bug reports | Plugins | public | 2019-09-10 23:46 | 2019-10-18 10:08 |
Reporter | PPRI | Assigned To | LimeBot | ||
Priority | none | Severity | minor | ||
Status | closed | Resolution | fixed | ||
Product Version | 3.17.x | ||||
Summary | 15265: 2FA is not working on Limesurvey CE with a downloaded plug-in | ||||
Description | I am using both Limesurvey Professional(Hosted Service by Limesurvey) and Limesurvey CE( installed on our server). 2FA is working fine on Limesurvey Professional but it's not working as expected on Limesurvery CE after installing 2FA plug-in download version 1.0.1, which was released on 2019-05-22. | ||||
Steps To Reproduce | After downloading a 2FA plug-in, I coped a whole upzipped folder under the plugins folder on my instance. 2FA Personal settings --> Register 2FA now --> barcode scanned --> confirmationKey typed in -> Click 'Create 2FA binding. After this, no responding at all. I tried Google Authenticator and Duo but same, both no response after clicking Create 2FA binding. | ||||
Tags | No tags attached. | ||||
Attached Files | |||||
Bug heat | 14 | ||||
Complete LimeSurvey version number (& build) | Version 3.17.16+190906 | ||||
I will donate to the project if issue is resolved | No | ||||
Browser | Google Chrome | ||||
Database type & version | 359 | ||||
Server OS (if known) | Windows Server 2016 | ||||
Webserver software & version (if known) | IIS 10 | ||||
PHP Version | 7.3.9 | ||||
Using master now + Ubuntu 18.04 . Could not reproduce it. Did you do it for superadmin? or another user? Perhaps someone with a Windows server can also try it. I will ping |
|
I tried it as a superadmin. |
|
I've tested it on Limesurvey version 3.17.13+190824 (ubuntu 16.04, Apache & MariaDB) with plugin version 1.0.1. "Register 2FA Now" gives the layover. Both tested with google authenticator en authy in combination with the qr code. If I enter the codes (generated by the apps) it's posted to Happy to help you further test this but no idea how to further debug. |
|
In my case, after clicking 'Create 2FA binding', the circling icon shows up in a second and stop then nothing happens. It doesn't matter with a correct or wrong key value. It seems like not communicating at all with the App to verify the conformation key. |
|
@PPRI |
|
It seems like 2FA is not working with Limesurvey Version 3.17.16. 2FA was working on Limesurvey Professional hosting service when it had a previous version. Now it has been upgraded to 3.1.7.16 and it is NOT working on it either. |
|
Actually the QRCode can't be create. No response from the http Request. I will take a look !! |
|
@PPRI after installing the GD library for php it seems to work. I can log in without problem . Authy & Google Auth work well . |
|
Then 2FA must check GD library in https://manual.limesurvey.org/BeforeActivate :) |
|
@DenisChenu Yes!! sure ! But i want @PPRI to confirm me that gd Library was the issue !! @PPRI can you please check if the library is installed ? :) |
|
For me the GD is not the problem. I can see QR code. |
|
@jljansen I try it with LS Version 3.17.13 and 3.17.16 and its seems to work fine. Maybe cleanup / uninstall the plugin and reinstall it !! |
|
@jljansen did you test it? |
|
@eddylackmann thx for the reminder. So algorithm setting with SHA256 gives the problems described by me above! |
|
@eddylackmann I have GD library installed already and I don't see any problem to see/have a GR code. @jljansen I tried all three algorithm settings but unfortunately no luck to me at all. :-( |
|
@jljansen Google Authentificator doen't support SHA256 now. |
|
@eddylackmann My result is exactly same with jljansen described above. 2FA didn't work at the Limesurvey hosting service either on Sept. 18 when it had Version 3.17.16 before as I mentioned above and I saw it has been upgraded to 3.18.0 now and it's working again on me. Now mine has 3.18.0 also but it is still not working. I have been using ComfortUpdate and didn't have any problem with my installation setting until this issue. Do you have any suggestion I can check it out what' wrong with my installation? 2FA become required in my organization so I really need to make it works. Any suggestion will be appreciated. Thanks |
|
@PPRI can you please send me the configuration page of your 2FA plugin ? |
|
@eddylackmann My configuration setting is exactly same with your screenshot. |
|
@PPRI can you please write me an email at eddy.lackmann@limesurvey.org? |
|
Unfortunately for me it only works with an admin account. I'm not sure if this is an different issue since it might be related to rights. |
|
@jljansen I will check the permissions ! |
|
@PPRI & @jljansen we found some issues in the plugin and fixed it . We will release a new version of the plugin next week !!
Thank you :) |
|
Latest version of the plugin is now available https://www.limesurvey.org/limestore/extensiondetails/49/plugin/two-factor-administration-login |
|
Thank you @edylackmann When I set the algorithm to sha256 it does not work with the json response that confirmationKey is not correct. |
|
@jljansen google auth and authy still not support sha256.. Did you really need the sha256 encryption ? |
|
@eddylackmann no I don't need it but I tested it since the encryption problems are fixed. Thanks a lot :) |
|
@PPRI did the new plugin fixed your issue ? |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2019-09-10 23:46 | PPRI | New Issue | |
2019-09-11 18:02 | cdorin | Assigned To | => cdorin |
2019-09-11 18:02 | cdorin | Status | new => assigned |
2019-09-12 12:05 | cdorin | Note Added: 53560 | |
2019-09-12 23:11 | PPRI | Note Added: 53562 | |
2019-09-13 15:10 | jljansen | Note Added: 53567 | |
2019-09-13 17:18 | PPRI | Note Added: 53568 | |
2019-09-14 11:11 | DenisChenu | Issue Monitored: DenisChenu | |
2019-09-15 20:54 | jljansen | Note Added: 53574 | |
2019-09-18 18:00 | PPRI | Note Added: 53644 | |
2019-09-23 13:03 | LimeBot | Assigned To | cdorin => LimeBot |
2019-09-23 15:01 | LimeBot | Status | assigned => confirmed |
2019-09-23 15:02 | LimeBot | File Added: Error.JPG | |
2019-09-23 15:03 | LimeBot | Note Added: 53685 | |
2019-09-23 15:28 | LimeBot | Status | confirmed => feedback |
2019-09-23 15:28 | LimeBot | Note Added: 53686 | |
2019-09-23 15:57 | DenisChenu | Note Added: 53687 | |
2019-09-24 12:12 | LimeBot | Note Added: 53696 | |
2019-09-24 12:21 | jljansen | Note Added: 53697 | |
2019-09-24 12:35 | LimeBot | Note Added: 53698 | |
2019-09-30 17:05 | LimeBot | Note Added: 53787 | |
2019-09-30 21:40 | jljansen | Note Added: 53791 | |
2019-09-30 22:44 | PPRI | Note Added: 53793 | |
2019-09-30 22:44 | PPRI | Status | feedback => assigned |
2019-09-30 23:25 | PPRI | Issue Monitored: PPRI | |
2019-10-01 18:01 | LimeBot | Note Added: 53812 | |
2019-10-01 21:14 | PPRI | Note Added: 53817 | |
2019-10-02 17:47 | LimeBot | Status | assigned => feedback |
2019-10-02 17:48 | LimeBot | File Added: 2FA.JPG | |
2019-10-02 17:48 | LimeBot | Note Added: 53859 | |
2019-10-02 17:50 | PPRI | Note Added: 53860 | |
2019-10-02 17:50 | PPRI | Status | feedback => assigned |
2019-10-04 09:32 | LimeBot | Note Added: 53875 | |
2019-10-10 12:38 | jljansen | Note Added: 53983 | |
2019-10-10 12:50 | LimeBot | Note Added: 53984 | |
2019-10-10 15:12 | LimeBot | Note Added: 53987 | |
2019-10-10 15:15 | LimeBot | Note Edited: 53987 | |
2019-10-10 15:36 | LimeBot | Note Added: 53988 | |
2019-10-10 15:37 | LimeBot | Status | assigned => ready for testing |
2019-10-10 21:30 | jljansen | Note Added: 53995 | |
2019-10-10 21:35 | LimeBot | Note Added: 53996 | |
2019-10-10 21:38 | jljansen | Note Added: 53997 | |
2019-10-17 11:05 | LimeBot | Note Added: 54075 | |
2019-10-18 10:08 | LimeBot | Status | ready for testing => resolved |
2019-10-18 10:08 | LimeBot | Resolution | open => fixed |
2019-10-18 10:08 | LimeBot | Status | resolved => closed |
2021-08-03 09:48 | guest | Bug heat | 10 => 14 |