We are rolling out Tessitura on the Go. Our IT department is having our users use an MI-Token that is generated on the mobile device. The problem is that it is quite cumbersome for our user to generate a token and then log-in to the VPN.
1. Is there a way to place authorization on the Application itself so not everyone with a Tessitura Log-in can access it.
2. Is anyone using the Tessitura on the Go without a VPN and just an SSL connection.
Thanks
Bob Taulty
92Y
Bob,
I can respond to point number 1. Based on exactly this type of feedback, in v12.5 we are adding user group access security for each of the applications (the main application, Tessitura on the Go, and the tablet application). When checked the user group has access to the application and when unchecked they do not. On a related side note we are mirroring application security in Tessitura on the Go so if a user doesn't have rights to Constituents: Plans they will not have rights to plans in Tessitura on the Go.
I will let the group respond to the second issue.
Best,
Anna
We had started testing using Tessitura on the Go but we put it behind a cloud based WAF (Incapsula/Imperva) which allows us to use 2-factor authentication - the token can be sms, email of software token.
We haven't gone live with this yet but that is because of various other reasons.
The WAF is also the one we use to protect our Live and Test APIs and also some of our other sites.
Mark
Hi Mark,
I'm resurrecting this thread and am curious as to whether you went live with 2FA via your WAF for Tessitura on the Go access. We're looking into something similar as I'd like to avoid making TOTG available anywhere over the Internet with only Tessitura username/passwords as the doorkeeper.
Thanks!David
Must admit that project got sidelined for a bit.
I know we use this particular WAF in front of a lot of our other sites, so will check to see if we ever did turn on the 2FA on any of those.
Thank you Mark! If there is anyone else who happens to notice this thread who has implemented TOTG in their internally installed Tessitura environment, it would be great to hear from you. Thanks!
Hi Nick, in our case we hosted in a local (Toronto based) public cloud environment - they provide 24 hours monitoring and security, and we made it available on the internet – yes, relied on the username and password.
Mo
From: Tessitura Technical Forum [mailto:forums-technical@tessituranetwork.com] On Behalf Of Nick Insell Sent: Thursday, November 19, 2015 11:28 AM To: Mohiuddin Faruqe <mfaruqe@national.ballet.ca> Subject: [Tessitura Technical Forum] Tessitura On The Go
Hi Guys
We really want to make Tessitura On the Go available to our development users in all of our consortium partners. We where wondering how you guys have made this available. We currently have a remote portal which allows you to login to your PC via a one time password. So we can create a link through this portal but it is really fiddly to do from a user point of view. Especially when using a mobile with quite a small screen.
I was wondering how you have made the app available to your users? Have you just made the page available to anyone and relied on the username and password? Or is there a service that you recommend setting up the page behind? Any advice would be great!
Nick
This message was sent automatically to you by www.tessituranetwork.com because you subscribed to the Tessitura Technical Forum. You may reply to this message to post to the Technical forum or visit the site to search, read and post to the forums. In the interest of keeping the forum posts from becoming cluttered, we encourage you to delete previous message text from your reply before sending. Thank you!
We're interested in giving (reasonably) unlimited access access to a limited set of people and are in the preliminary process of working through it in test now.
We've begun by using a SoftEther VPN server. Setup of VPN client to it on an Android device was simple. Next step will likely be issuing a certificate for each device that we can expire or revoke when we want. That should give access to the people we want, anywhere they are.
Users will have to open a VPN session to get in but I think that will be acceptable.
Unknown said: On a related side note we are mirroring application security in Tessitura on the Go so if a user doesn't have rights to Constituents: Plans they will not have rights to plans in Tessitura on the Go.
On a related side note we are mirroring application security in Tessitura on the Go so if a user doesn't have rights to Constituents: Plans they will not have rights to plans in Tessitura on the Go.
Hi Anna,
We're trying to use Tessitura On The Go in a consortium environment, and I'm wondering if I've missed a step somewhere, or if perhaps it simply doesn't support control group security.
The issue we're having is that the membership info and last contribution details are visible to all users rather than only to users with the appropriate control groups.
Is there a fix existing for this, or is it still a future enhancement?
Thanks!
Stacey Voigt Consortium Services Manager Santa Barbara Center for the Performing Arts svoigt@granadasb.org
Hi Stacey,
The membership and last contribution info on the TOTG screen should be respecting the control group access of the user group used when logging in. If this isn't the case for you, please open a support ticket and we'll look at it together.
Brian,
That makes me happy to hear! I've put in a TASK ticket and will talk to you or someone more about this soon, I'm sure.
Our users will be happy to hear they may get to use TTOG after all :)