309 Failed to connect/login: SASLError using SCRAM-SHA-1: not-authorised

Hi
All my components are running but I am getting the following - on the jicofo log - where is it trying to login/authenticate to?


Jicofo 2019-12-03 23:24:49.087 SEVERE: [16] org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.doConnect().309 Failed to connect/login: SASLError using SCRAM-SHA-1: not-authorized
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.lang.Thread.run(Thread.java:748)


Thanks
Glenn

Probably wrong password for user focus. The password is in /etc/jitsi/jicofo/config.
How did you install?

Thanks for coming back I got this one resolved as I found this response - it was the passwords were mismatched on my custom install

I am now getting the below after it runs for a while in the same jvb.log

“org.ice4j.ice.harvest.HostCandidateHarvester.createDatagramSocket() Retrying a bind because of a failure to bind to address x.x.x.x and port 20005 (Address already in use (Bind failed))”

Any thoughts?

Regards,
Glenn

Any update on this please?

What is the problem after fixing the passwords? You do not have media? Like participants are muted?

HI

In Chrome browser appears to freeze up trying to start - so is this related ? Sound and Picture is intermittent as camera is locking up page each time.

jvb Logs are also filling up with that error - is it normal to see those ?

Thanks
Glenn

Strange behavior I haven’t seen. Maybe open js console then open the page and post the output.

Hi,
I have a similar problem. Now I can not connect to my server at all.
Before I had an installation that at least permitted to get the welcome screen and to join as the first user but I got the “reconnecting”-failure when I wanted to join with a second user. Therefore I de installed following the quick install which I also used for the installation before. I deinstalled three times to be very sure that the is nothing left from the old installation. Then I rebooted the machine and followed again the quick install unvoluntaryI was “upgraded” to nginx. Now I could not access the webpage (welcome screen) of jitsi on my server.
I do NOT have a SSL-certificate yet but firefox offered to accept exceptions and I said yes. But this is not enough any longer.
When I ping my page from outside the IP is that one of my server, therefore I think there is no NAT in between…
Below you find part of the jvb.log and part of jicofo.log that showed another severe failure : The ping time outs repeat after the last line. To restart jifico seems to help but not for very long
Also prosody.log showed in between warnings and errors.

What shall I do?

Thanks Frank

part of jvb.log
(SCHWERWIEGEND german for SEVERE
2020-03-29 03:09:40.271 INFORMATION: [19] Videobridge.createConference#326: create_conf, id=d3a7ff6fa50dc2a9 gid=null logging=false
2020-03-29 03:09:40.786 INFORMATION: [19] Health.doRun#294: Performed a successful health check in 515ms. Sticky failure: false
2020-03-29 03:09:40.897 INFORMATION: [23] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$7#648: Logging in.
2020-03-29 03:09:40.897 SCHWERWIEGEND: [23] RetryStrategy$TaskRunner.run#198: org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.lang.Thread.run(Thread.java:748)
2020-03-29 03:09:46.326 INFORMATION: [23] [hostname=localhost id=shard] MucClient.lambda$getConnectAndLoginCallable$7#648: Logging in.
2020-03-29 03:09:50.024 SCHWERWIEGEND: [23] RetryStrategy$TaskRunner.run#198: org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using SCRAM-SHA-1: not-authorized
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.lang.Thread.run(Thread.java:748)
2020-03-29 03:09:50.787 INFORMATION: [19] Videobridge.createConference#326: create_conf, id=ac33cb15322093ff gid=null logging=false
2020-03-29 03:09:50.792 INFORMATION: [19] Health.doRun#294: Performed a successful health check in 6ms. Sticky failure: false

part of jifico.log:
Jicofo 2020-03-29 03:06:33.274 INFORMATION: [1] org.jitsi.xmpp.component.ComponentBase.log() Component org.jitsi.jicofo. config:
Jicofo 2020-03-29 03:06:33.274 INFORMATION: [1] org.jitsi.xmpp.component.ComponentBase.log() ping interval: 10000 ms
Jicofo 2020-03-29 03:06:33.274 INFORMATION: [1] org.jitsi.xmpp.component.ComponentBase.log() ping timeout: 5000 ms
Jicofo 2020-03-29 03:06:33.274 INFORMATION: [1] org.jitsi.xmpp.component.ComponentBase.log() ping threshold: 3
Jicofo 2020-03-29 03:07:02.854 INFORMATION: [31] org.jitsi.jicofo.ComponentsDiscovery.log() New component discovered: focus.MYDOMAIN, null
Jicofo 2020-03-29 03:07:13.341 SCHWERWIEGEND: [40] util.UtilActivator.uncaughtException().122 An uncaught exception occurred in thread=Thread[Component socket reader,5,main] and message was: unable to create new native thread
java.lang.OutOfMemoryError: unable to create new native thread
at java.lang.Thread.start0(Native Method)
at java.lang.Thread.start(Thread.java:717)
at java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:957)
at java.util.concurrent.ThreadPoolExecutor.execute(ThreadPoolExecutor.java:1367)
at org.jivesoftware.whack.ExternalComponent.processPacket(ExternalComponent.java:342)
at org.jivesoftware.whack.SocketReadThread.readStream(SocketReadThread.java:110)
at org.jivesoftware.whack.SocketReadThread.run(SocketReadThread.java:61)
Jicofo 2020-03-29 03:07:18.340 SCHWERWIEGEND: [41] org.jitsi.xmpp.component.ComponentBase.log() Ping timeout for ID: XoKWY-66

part of prosody.log:

Mar 29 03:03:00 conferenceduration.MYDOMAINE:conference_duration_component warn conference duration will not work with Prosody version 0.10 or less.
Mar 29 03:03:00 speakerstats.MYDOMAIN:speakerstats_component warn speaker stats will not work with Prosody version 0.10 or less.

Mar 29 03:03:00 portmanager error Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281
Mar 29 03:03:00 portmanager error Error binding encrypted port for https: No key present in SSL/TLS configuration for https port 5281

but later on

Mar 29 03:03:00 c2s55b974fd7130 info Client connected
Mar 29 03:03:00 c2s55b974fd7130 info Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384)
Mar 29 03:03:08 jcp55b974ffc0d0 info Incoming Jabber component connection
Mar 29 03:03:08 focus.MYDOMAIN:component info External component successfully authenticated

This error means that the password that jicofo uses to connect to prosody is not correct …

Hi damencho,
thanks for the very fast reply.
I never set (or reset) a jicofo password deliberatly.
How do I set it? Has it to be the admins password?
If it does matter: For a start I planned jitsi to be open without named accounts with passwords. If I installed unintentionally a protected jitsi: How do I avoid this?

I’m trying to setup the secure domain and I have the exact same error message as Laomerion. Check everywhere and the jifoco password is correctly set and hasn’t change. What should I do?

[Edit] Ok I managed to make it work. I’ve duplicate my main server (under heavy use) to create a sandbox so I can try things before pushing them on the main server. When I changed the files accordingly to this sandbox domain I misrename the folder auth%2e<mydomain.tld> in /var/lib/prosody/ (forget the auth at the beginning). Once that was corrected it worked like a charm

This error went off after a restart

Hi all !

after configuring prosody with sql, i can’t connect to the conference and i have the same error on jicofo log : SASLError using SCRAM-SHA-1: not-authorized

and users ,are added succesfully and automaticly one database with the cmd (prosodyctl adduser)

help Please