Anonymous user is forced to pass authentication in login to a room

I followed the guide regarding enable authentication and it seems to work fine:

Problem is that it demands also an anonymous authentication (and then he can join) though the procedure says that it should be without it - given that the room owner is already authenticated.
Any idea what may cause that?
Thx

Make sure you followed the directions carefully and you did each step. Be sure the guest virtualhost bit is defined in your prosody config. If still unsure, share your cfg.lua file.

Thx,
To my knowledge I’v done anything right so I paste here the file:
Thx again

plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }

– domain mapper options, must at least have domain base set to use the mapper
muc_mapper_domain_base = “jitsi2.triplebit.com”;

external_service_secret = “pWEWgjc3FeOd2gP4”;
external_services = {
{ type = “stun”, host = “jitsi2.triplebit.com”, port = 3478 },
{ type = “turn”, host = “jitsi2.triplebit.com”, port = 3478, transport = “udp”, secret = true, ttl = 86400, algorithm = “turn” },
{ type = “turns”, host = “jitsi2.triplebit.com”, port = 5349, transport = “tcp”, secret = true, ttl = 86400, algorithm = “turn” }
};

cross_domain_bosh = false;
consider_bosh_secure = true;
– https_ports = { }; – Remove this line to prevent listening on port 5284

https://ssl-config.mozilla.org/#server=haproxy&version=2.1&config=intermediate&openssl=1.1.0g&guideline=5.4
ssl = {
protocol = “tlsv1_2+”;
ciphers = “ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384”
}

unlimited_jids = {
focus@auth.jitsi2.triplebit.com”,
jvb@auth.jitsi2.triplebit.com
}

VirtualHost “jitsi2.triplebit.com
– enabled = false – Remove this line to enable this host
authentication = “internal_hashed”
– Properties below are modified by jitsi-meet-tokens package config
– and authentication above is switched to “token”
–app_id=“example_app_id”
–app_secret=“example_app_secret”
– Assign this host a certificate for TLS, otherwise it would use the one
– set in the global section (if any).
– Note that old-style SSL on port 5223 only supports one certificate, and will always
– use the global one.
ssl = {
key = “/etc/prosody/certs/jitsi2.triplebit.com.key”;
certificate = “/etc/prosody/certs/jitsi2.triplebit.com.crt”;
}
av_moderation_component = “avmoderation.jitsi2.triplebit.com
speakerstats_component = “speakerstats.jitsi2.triplebit.com
conference_duration_component = “conferenceduration.jitsi2.triplebit.com
– we need bosh
modules_enabled = {
“bosh”;
“pubsub”;
“ping”; – Enable mod_ping
“speakerstats”;
“external_services”;
“conference_duration”;
“muc_lobby_rooms”;
“av_moderation”;
}
c2s_require_encryption = false
lobby_muc = “lobby.jitsi2.triplebit.com
main_muc = “conference.jitsi2.triplebit.com
– muc_lobby_whitelist = { “recorder.jitsi2.triplebit.com” } – Here we can whitelist jibri to enter lobby enabled rooms

Component “conference.jitsi2.triplebit.com” “muc”
restrict_room_creation = true
storage = “memory”
modules_enabled = {
“muc_meeting_id”;
“muc_domain_mapper”;
–“token_verification”;
}
admins = { “focus@auth.jitsi2.triplebit.com” }
muc_room_locking = false
muc_room_default_public_jids = true

– internal muc component
Component “internal.auth.jitsi2.triplebit.com” “muc”
storage = “memory”
modules_enabled = {
“ping”;
}
admins = { “focus@auth.jitsi2.triplebit.com”, “jvb@auth.jitsi2.triplebit.com” }
muc_room_locking = false
muc_room_default_public_jids = true

VirtualHost “auth.jitsi2.triplebit.com
ssl = {
key = “/etc/prosody/certs/auth.jitsi2.triplebit.com.key”;
certificate = “/etc/prosody/certs/auth.jitsi2.triplebit.com.crt”;
}
modules_enabled = {
“limits_exception”;
}
authentication = “internal_hashed”

– Proxy to jicofo’s user JID, so that it doesn’t have to register as a component.
Component “focus.jitsi2.triplebit.com” “client_proxy”
target_address = “focus@auth.jitsi2.triplebit.com

Component “speakerstats.jitsi2.triplebit.com” “speakerstats_component”
muc_component = “conference.jitsi2.triplebit.com

Component “conferenceduration.jitsi2.triplebit.com” “conference_duration_component”
muc_component = “conference.jitsi2.triplebit.com

Component “avmoderation.jitsi2.triplebit.com” “av_moderation_component”
muc_component = “conference.jitsi2.triplebit.com

Component “lobby.jitsi2.triplebit.com” “muc”
storage = “memory”
restrict_room_creation = true
muc_room_locking = false
muc_room_default_public_jids = true

VirtualHost “guest.jitsi2.triplebit.com
authentication = “anonymous”
c2s_require_encryption = false

Looks ok to me.
Did you uncomment “Anonymous domain” in your confg.js?

Yes. here is the start of the file:

/* eslint-disable no-unused-vars, no-var */

var config = {
// Connection
//

hosts: {
// XMPP domain.
domain: ‘jitsi2.triplebit.com’,

// When using authentication, domain for guest users.
anonymousdomain: ‘guest.jitsi2.triplebit.com’,

// Domain for authenticated users. Defaults to .
// authdomain: ‘jitsi2.triplebit.com’,

// Focus component domain. Defaults to focus..
// focus: ‘focus.jitsi2.triplebit.com’,

Are you using the same meeting URL for the authenticated user and guests (anonymous users)?

Yes sure. Something like jitsi2.triplebit.com/a on both

בתאריך יום ד׳, 28 ביולי 2021, 23:34, מאת Freddie via Jitsi Community Forum - developers & users ‏<jitsi@discoursemail.com>: