I generate a jwt token and validate it using jwt.io to decode and has no problem with token, but when using on my jitsi meet, is showed a notification with Authentication failed message.
When I access my meet with jwt no messages appear in prosody log, but when I restart prosody, this messages appear in /var/log/prosody/prosody.err:
Apr 03 12:03:03 portmanager error Failed to open server port 5269 on ::, check that Prosody or another XMPP server is not already running and using this port
Apr 03 12:03:03 portmanager error Failed to open server port 5269 on *, check that Prosody or another XMPP server is not already running and using this port
Apr 03 12:03:03 portmanager error Failed to open server port 5347 on 127.0.0.1, this port is in use by another application
Apr 03 12:03:03 portmanager error Failed to open server port 5347 on ::1, this port is in use by another application
Apr 03 12:03:03 portmanager error Failed to open server port 5222 on ::, check that Prosody or another XMPP server is not already running and using this port
Apr 03 12:03:03 portmanager error Failed to open server port 5222 on *, check that Prosody or another XMPP server is not already running and using this port
Apr 03 12:03:03 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for localhost)
Apr 03 12:03:03 localhost:tls error Error creating context for c2s: error loading private key (Permission denied)
Apr 03 12:03:03 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for localhost)
Apr 03 12:03:03 localhost:tls error Error creating contexts for s2sout: error loading private key (system lib)
Apr 03 12:03:03 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for localhost)
Apr 03 12:03:03 localhost:tls error Error creating contexts for s2sin: error loading private key (system lib)
Apr 03 12:03:03 portmanager error Failed to open server port 5280 on ::, check that Prosody or a BOSH connection manager is not already running
Apr 03 12:03:03 portmanager error Failed to open server port 5280 on *, check that Prosody or a BOSH connection manager is not already running
Apr 03 12:03:03 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Check that the permissions allow Prosody to read this file. (for localhost)
Apr 03 12:03:03 portmanager error Error creating TLS context for SNI host localhost: error loading private key (Permission denied)
Apr 03 12:03:03 certmanager error SSL/TLS: Failed to load ‘/etc/prosody/certs/localhost.key’: Previous error (see logs), or other system error. (for localhost)
Apr 03 12:03:03 portmanager error Error creating TLS context for SNI host localhost: error loading private key (system lib)
I check and /etc/prosody/certs/localhost.key don’t exists.
Well, if Prosody needs the localhost.key and it’s not there or not accessible… you don’t still need to see any other log, you need to solve that issue first and see what happens.
Anyway if prosody cannot open ports it looks like a different issue but I would try fixing the localhost.key problem first.
Some error messages with jwt are seen only if you inspect the returned error packets, open chrome developer console, network tab and try to join with jwt and find the bosh error message and read the response xmpp.
Authentication is succefully now.
My prosody (prosodyctl about): Prosody trunk nightly build 1247 (2020-04-01, 0230ceecb8a9)
But this error occur and jitsi meet down and try reconnect again and again:
Apr 04 03:10:31 c2s5589076821a0 error Traceback[c2s]: /usr/lib/prosody/util/cache.lua:66: table index is nil
stack traceback:
/usr/lib/prosody/util/cache.lua:66: in function ‘set’
/usr/lib/prosody/modules/muc/mod_muc.lua:185: in function ‘track_room’
/usr/lib/prosody/modules/muc/mod_muc.lua:213: in function </usr/lib/prosody/modules/muc/mod_muc.lua:200>
(tail call): ?
/usr/lib/prosody/modules/muc/mod_muc.lua:446: in function ‘?’
/usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
(tail call): ?
/usr/lib/prosody/core/stanza_router.lua:188: in function ‘core_post_stanza’
/usr/lib/prosody/core/stanza_router.lua:128: in function ‘core_process_stanza’
/usr/lib/prosody/modules/mod_c2s.lua:283: in function ‘func’
/usr/lib/prosody/util/async.lua:127: in function </usr/lib/prosody/util/async.lua:125>
We’d got some of the problems you explain in our last deploy (had conference…com’s storage as “memory” but internal.auth…com’s storage as “none”) and had to change prosody configs (set internal.auth…com’s storage to “memory”).
That last stanza.lua error does not seem very important. Did not go very deep into it but having a quick look at the file (https://github.com/bjc/prosody/blob/master/util/stanza.lua) it looks like you could be using a number in some field expected to be string (name of participants? name of the room?).
May 20 03:53:35 c2s5629af382800 info Client connected
May 20 03:53:35 c2s5629af382800 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
May 20 03:53:41 conference.example.com:muc_domain_mapper warn Session filters applied
May 20 03:53:41 c2s5629aed1f410 info Client connected
May 20 03:53:41 c2s5629aed1f410 info Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384)
May 20 03:58:35 c2s5629af382800 info Client disconnected: connection closed
May 20 03:58:41 c2s5629aed1f410 info Client disconnected: connection closed
May 20 03:58:42 conference.example.com:muc_domain_mapper warn Session filters applied
May 20 03:58:42 c2s5629aed49760 info Client connected
May 20 03:58:42 c2s5629aed49760 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
May 20 03:58:51 conference.example.com:muc_domain_mapper warn Session filters applied
May 20 03:58:51 c2s5629ae995180 info Client connected
May 20 03:58:51 c2s5629ae995180 info Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384)
May 20 04:03:42 c2s5629aed49760 info Client disconnected: connection closed
May 20 04:03:49 conference.example
.com:muc_domain_mapper warn Session filters applied
May 20 04:03:49 c2s5629af5fb4a0 info Client connected
May 20 04:03:49 c2s5629af5fb4a0 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
May 20 04:03:51 c2s5629ae995180 info Client disconnected: connection closed
May 20 04:04:01 conference.example.com:muc_domain_mapper warn Session filters applied
May 20 04:04:01 c2s5629af0f9dd0 info Client connected
May 20 04:04:01 c2s5629af0f9dd0 info Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384)