Hello,
I have seen many different ways to secure Jitsi from anonymous users but most of these example are geared with an enterprise authentication of some sort.
Here I have installed it and really like the project, but this is a personal site on the internet and I would like to get it secured from abuse.
Is there any way to secure this and how to?
Thanks
Thank you! But as I feared.
sudo prosodyctl register Myusername Mydomain my password
Error: Account creation/modification not supported.
After modifying to use authentication = "internal_plain" have you restarted prosody? Before trying to register a new account?
What does the js console says?
24 errors
2020-01-08T12:15:40.590Z [modules/UI/videolayout/SmallVideo.js] <w.prototype.updateView>: Unable to init avatar - no id
Object { videoSpanId: “localVideoContainer”, streamEndedCallback: _updateLargeVideoIfDisplayed(), container: span#localVideoContainer.videocontainer, “$container”: Object(1), localVideoId: null, isLocal: true, emitter: {…}, statsPopoverLocation: “left top”, _isModerator: false, isAudioMuted: false, … }
Logger.js:154:22
Seems your bosh connection is not working and is returning 404. It should look like: https://meet.jit.si/http-bind
This can be prosody or webserver problem.
How did it break?
No idea, check your webserver and prosody config. Check the logs.
Bingo
I back tracked and once I removed changes should be made in /etc/prosody/conf.avail/[your-hostname].cfg.lua) in Prosody it it provided the focus as needed.
But the Jitsi mobile no longer connect to the server, and I share the link the participant have to enter the credentials.
PS I rebooted the server and it is working with the mobile app, but no video or sound.
Thanks for your input.
After spending hours and 5 reinstall here is what worked.
Authentication Set-up
Authentication for Jisti-meet is done through the program ‘Prosody’. By configuring these settings only users created by prosodyctl will be able to access Jitsi-meet sessions.
-Install jigasi which which is an application that assist with authentication in Jitsi-meet
sudo apt-get install jigasi -y
-Edit the prosody configuration file for your server at /etc/prosody/conf.avail/YOUR-SERVER-HOSTNAME.cfg.lua.
sudo vim /etc/prosody/conf.avail/YOUR-SERVER-HOSTNAME.cfg.lua
-Locate the virtual host with your hostname(should be at the top of the file) and change authentication options to “internal_plain”. It should look like this afterwards.
VirtualHost “YOUR-SERVER-HOSTNAME”
authentication = “internal_plain”
-Once this is done, write and save the file. In vim you type “:wq” then press “Enter”
-In jicofo you need to specify your domain in the additional configuration property. Jicofo will only accept conference requests from authenticated domains. Add your domain with the following command.
sudo cat “org.jitsi.jicofo.auth.URL=XMPP:YOUR-SERVER-HOSTNAME” >> /etc/jitsi/jicofo/sip-communicator.properties
-Create user using prosodyctl. This is where we create users that will sign into Jitsi-meet.
sudo prosodyctl register USERNAME YOUR-SERVER-HOSTNAME PASSWORD
-Restart the server
sudo shutdown now -r
It means we have to manually register new users?
No! You create one user, and the user is the only one that can create room. Once the room is created then the user can send invites. The guest have no account, they just click the link and joins the room. After the last person leaves, the room is destroyed.
Just one user? Thats a pity. Jitsi Meet is good. I was looking for something like skype. Where people can register and add people to contact lists and communicate.
Is there any way this is possible in jitsi meet?
If not, can you suggest any other opensource software?
Is this link useful? https://www.tothenew.com/blog/authorizing-creationentrance-of-a-conference-in-jitsi/
Hi
Wenn I do this, it still does not happen. The page is shown with the regular “anonymous” login.
@ugintl I did, too, but it does not change anything. Still the regular screen where you can just create a meeting.
The authentication is been shown when you try to join a meeting, nothing is shown on the welcome page.
