-
-
Notifications
You must be signed in to change notification settings - Fork 498
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Limit access to a room with a password #103
Comments
I remember the maintainer of the project arguing with this: #85 (comment) Shouldn't that solve your case as well? |
From a security perspective having a stronger room name is not a good solution. I understand completely that this product should stay as simple as it is. It's just a user feedback, after you do what you want; we are already happy with that but that doesn't check all the boxes from our security officer.... Thanks a lot |
The room name should be transmitted via TLS, thus, it shouldn't be readable by a third-party. IMO this should be enough for most of the use-cases. Still, I'll keep this feature in mind if there are any similar feature request in the future. If enough people want it, then maybe I'll change my mind :P. |
I would also be interested in a feature like this. Currently there is |
Having security by hiding the room name is not and will never be a security measure.... As a workaround I will put an Oauth2 proxy in front of screego...... You tool is still great by the way, not really secured but great :-) |
I would also like to limit access to a room or all rooms to only authenticated users, and I believe the config documentation is misleading because it says
Am I reading it wrong? I interpreted this section, specifically the line describing SCREEGO_AUTH_MODE=all that user login is required to join or create a room but it seems it is not always required because if you know the room id and it's already been created, then you don't need a user login. |
Screego auth mode currently only affects room creation. |
Yes, I realized that from reading through the issues and comments, should the wording be changed in the documentation or did I misunderstand that section? |
The docs could be improved to be more clear about this. |
Hi,
First let me tell you that your app is really great and useful.
I have a feature request that could help us a lot.
We are using screego for internal use only (aka not publicly available) and we choose to not limit the users because of the actual security model (lack of external auth for now).
But it would be great if screego could have an option to define a room password like what we can have on videoconference app such as jitsi for instance.
A user create a room and next define a room password for watcher users.
Thanks a lot again :-)
The text was updated successfully, but these errors were encountered: