after these ,I can join the conference with jwt , But I can’t join the conference from my SIP Phone side , I only can hear the ringing and then hangup .
Is there any update here? I’m experiencing the same issue. The only way I can get Jigasi / Prosody to accept incoming calls is to use anonymous all and I don’t feel comfortable doing that.
@damencho thanks so much for the quick reply. I have provided the logs below.
It appears as though Jigasi is choking on the not allowed response from prosody due to missing the required token. Would it be possible to provide a header, for example X-SIP-Token=xxx to support this?
Jigasi logs when the incoming call is received:
Jigasi 2019-02-15 17:32:35.013 INFO: [62] org.jitsi.jigasi.SipGateway.incomingCallReceived().188 Incoming call received...
Jigasi 2019-02-15 17:32:35.021 INFO: [63] org.jitsi.jigasi.SipGatewaySession.run().894 Wait thread cancelled
Jigasi 2019-02-15 17:32:35.034 INFO: [62] org.jitsi.jigasi.JvbConference.setXmppProvider().533 168f200a4c7@meet.jitsi will use ProtocolProviderServiceJabberImpl(168f200a4c7@meet.jitsi (Jabber))
Jigasi 2019-02-15 17:32:35.044 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-15 17:32:35.045 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-15 17:32:35.142 INFO: [64] impl.protocol.jabber.OperationSetBasicTelephonyJabberImpl.registrationStateChanged().125 Jingle : ON
Jigasi 2019-02-15 17:32:35.145 INFO: [64] org.jitsi.jigasi.JvbConference.registrationStateChanged().578 XMPP (168f200a4c7@meet.jitsi): RegistrationStateChangeEvent[ oldState=Registering; newState=RegistrationState=Registering; reasonCode=-1; reason=null]
Jigasi 2019-02-15 17:32:35.149 WARNING: [67] org.jivesoftware.smack.sasl.SASLError.fromString() Could not transform string 'not_allowed' to SASLError
java.lang.IllegalArgumentException: No enum constant org.jivesoftware.smack.sasl.SASLError.not_allowed
at java.lang.Enum.valueOf(Enum.java:238)
at org.jivesoftware.smack.sasl.SASLError.valueOf(SASLError.java:27)
at org.jivesoftware.smack.sasl.SASLError.fromString(SASLError.java:51)
at org.jivesoftware.smack.sasl.packet.SaslStreamElements$SASLFailure.<init>(SaslStreamElements.java:209)
at org.jivesoftware.smack.util.PacketParserUtils.parseSASLFailure(PacketParserUtils.java:797)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1099)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.lang.Thread.run(Thread.java:748)
Jigasi 2019-02-15 17:32:35.149 SEVERE: [64] impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin().1004 Failed to connect to XMPP service
org.jivesoftware.smack.sasl.SASLErrorException: SASLError using ANONYMOUS: not-allowed
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1100)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)
at java.lang.Thread.run(Thread.java:748)
Prosody logs when incoming call is received:
|c2s562ed87290b0 info|Client connected|
|---|---|
|c2s562ed87290b0 debug|Client sent opening <stream:stream> to meet.jitsi|
|c2s562ed87290b0 debug|Sent reply <stream:stream> to client|
|c2s562ed87290b0 debug|Offering mechanism ANONYMOUS|
|c2s562ed87290b0 debug|Received[c2s_unauthed]: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'>|
|socket debug|server.lua: we need to do tls, but delaying until send buffer empty|
|c2s562ed87290b0 debug|TLS negotiation started for c2s_unauthed...|
|socket debug|server.lua: attempting to start tls on tcp{client}: 0x562ed87d4128|
|socket debug|server.lua: ssl handshake done|
|c2s562ed89a1ba0 debug|Client sent opening <stream:stream> to meet.jitsi|
|c2s562ed89a1ba0 debug|Sent reply <stream:stream> to client|
|c2s562ed89a1ba0 info|Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384)|
|c2s562ed89a1ba0 debug|Offering mechanism ANONYMOUS|
|c2s562ed89a1ba0 debug|Received[c2s_unauthed]: <auth mechanism='ANONYMOUS' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>|
|general warn|Error verifying token err:not-allowed, reason:token required|
|meet.jitsi:saslauth debug|sasl reply: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-allowed/><text>token required</text></failure>|
|c2s562ed89a1ba0 debug|Received[c2s_unauthed]: <presence id='MARE5-3012' type='unavailable'>|
|stanzarouter debug|Unhandled c2s_unauthed stanza: presence; xmlns=jabber:client|
|c2s562ed89a1ba0 debug|Received </stream:stream>|
|c2s562ed89a1ba0 debug|c2s stream for 104.248.228.255 closed: session closed|
|c2s562ed89a1ba0 debug|Destroying session for (unknown) ((unknown)@meet.jitsi)|
|c2s562ed89a1ba0 info|Client disconnected: connection closed|
|c2s562ed89a1ba0 debug|Destroying session for (unknown) ((unknown)@(unknown))|
|socket debug|server.lua: closed client handler and removed socket from list|
|socket debug|server.lua: ssl handshake done|
|c2s562ed87290b0 debug|Client sent opening <stream:stream> to meet.jitsi|
|c2s562ed87290b0 debug|Sent reply <stream:stream> to client|
|c2s562ed87290b0 info|Stream encrypted (TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384)|
|c2s562ed87290b0 debug|Offering mechanism ANONYMOUS|
|c2s562ed87290b0 debug|Received[c2s_unauthed]: <auth mechanism='ANONYMOUS' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>|
|general warn|Error verifying token err:not-allowed, reason:token required|
|meet.jitsi:saslauth debug|sasl reply: <failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-allowed/><text>token required</text></failure>|
|c2s562ed87290b0 debug|Received[c2s_unauthed]: <presence id='7h9Ka-90' type='unavailable'>|
|stanzarouter debug|Unhandled c2s_unauthed stanza: presence; xmlns=jabber:client|
|c2s562ed87290b0 debug|Received </stream:stream>|
|c2s562ed87290b0 debug|c2s stream for 172.18.0.6 closed: session closed|
|c2s562ed87290b0 debug|Destroying session for (unknown) ((unknown)@meet.jitsi)|
|c2s562ed87290b0 info|Client disconnected: connection closed|
|c2s562ed87290b0 debug|Destroying session for (unknown) ((unknown)@(unknown))|
Hum, this is strange SASLError using ANONYMOUS: not-allowed. It is supposed to connect to a domain that requires authentication, are you sure your configs are taken into account? There should be no token validation on auth… account.
Can you also try adding and org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true, does it change anything?
Everything is possible, but someone needs to implement it. Currently, you are connecting using tcp connection to port 5222, not bosh, tokens are supported only when using bosh connection, and if you configure that you can hardcode a token in jigasi config.
Adding this config has no change and the same SASLError happens. I’m fairly confident my config changes are being taken into account. However, I may not have the values configured correctly
My prosody meet.jitsi virtual host is configured with token auth. My auth.meet.jitsi domain is configured using internal_plain. My jigasi user / password exists for the auth domain. I have sip DOMAIN_BASE set to meet.jitsi. Is this the correct config?
Currently, you are connecting using tcp connection to port 5222, not bosh, tokens are supported only when using bosh connection, and if you configure that you can hardcode a token in jigasi config.
You need to add org.jitsi.jigasi.xmpp.acc.BOSH_URL_PATTERN=https://{host}/http-bind?room={roomName}
Replace {host} with your nginx ip-address if you need change and the port.
Then you can try adding &token=...... to the bosh connection patter with a valid token. Leave the rest of the config as it is. You will need org.jitsi.jigasi.xmpp.acc.ALLOW_NON_SECURE=true I think.
Unfortunately this approach does not work and results in the following error:
Jigasi 2019-02-15 19:30:41.634 INFO: [59] org.jitsi.jigasi.SipGateway.incomingCallReceived().188 Incoming call received...
Jigasi 2019-02-15 19:30:41.648 INFO: [60] org.jitsi.jigasi.SipGatewaySession.run().894 Wait thread cancelled
Jigasi 2019-02-15 19:30:41.674 INFO: [59] org.jitsi.jigasi.JvbConference.setXmppProvider().533 168f26cc6e7@meet.jitsi will use ProtocolProviderServiceJabberImpl(168f26cc6e7@meet.jitsi (Jabber))
Jigasi 2019-02-15 19:30:41.703 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-15 19:30:41.708 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-15 19:30:41.776 INFO: [61] org.igniterealtime.jbosh.BOSHClient.init() Starting with 1 request processors
Jigasi 2019-02-15 19:30:41.889 WARNING: [63] org.jivesoftware.smack.bosh.XMPPBOSHConnection.shutdown() shutdown
java.lang.NullPointerException
at org.igniterealtime.jbosh.BOSHClient.applySessionData(BOSHClient.java:916)
at org.igniterealtime.jbosh.BOSHClient.send(BOSHClient.java:498)
at org.igniterealtime.jbosh.BOSHClient.disconnect(BOSHClient.java:586)
at org.igniterealtime.jbosh.BOSHClient.disconnect(BOSHClient.java:567)
at org.jivesoftware.smack.bosh.XMPPBOSHConnection.shutdown(XMPPBOSHConnection.java:266)
at org.jivesoftware.smack.bosh.XMPPBOSHConnection.notifyConnectionError(XMPPBOSHConnection.java:417)
at org.jivesoftware.smack.bosh.XMPPBOSHConnection$BOSHConnectionListener.connectionEvent(XMPPBOSHConnection.java:464)
at org.igniterealtime.jbosh.BOSHClient.fireConnectionClosedOnError(BOSHClient.java:1675)
at org.igniterealtime.jbosh.BOSHClient.dispose(BOSHClient.java:705)
at org.igniterealtime.jbosh.BOSHClient.processExchange(BOSHClient.java:1129)
at org.igniterealtime.jbosh.BOSHClient.processMessages(BOSHClient.java:990)
at org.igniterealtime.jbosh.BOSHClient.access$300(BOSHClient.java:100)
at org.igniterealtime.jbosh.BOSHClient$RequestProcessor.run(BOSHClient.java:1719)
at java.lang.Thread.run(Thread.java:748)
Jigasi 2019-02-15 19:30:41.889 WARNING: [63] org.jivesoftware.smack.AbstractXMPPConnection.callConnectionClosedOnErrorListener() Connection XMPPBOSHConnection[not-authenticated] (1) closed with error
org.igniterealtime.jbosh.BOSHException: Could not obtain response
at org.igniterealtime.jbosh.ApacheHTTPResponse.awaitResponse(ApacheHTTPResponse.java:246)
at org.igniterealtime.jbosh.ApacheHTTPResponse.getBody(ApacheHTTPResponse.java:187)
at org.igniterealtime.jbosh.BOSHClient.processExchange(BOSHClient.java:1114)
at org.igniterealtime.jbosh.BOSHClient.processMessages(BOSHClient.java:990)
at org.igniterealtime.jbosh.BOSHClient.access$300(BOSHClient.java:100)
at org.igniterealtime.jbosh.BOSHClient$RequestProcessor.run(BOSHClient.java:1719)
at java.lang.Thread.run(Thread.java:748)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1633)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:543)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:409)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:479)
at org.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.connectSocket(SchemeSocketFactoryAdaptor.java:66)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:177)
at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:611)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:446)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:882)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
at org.igniterealtime.jbosh.ApacheHTTPResponse.awaitResponse(ApacheHTTPResponse.java:230)
... 6 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
at sun.security.validator.Validator.validate(Validator.java:262)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1615)
... 26 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
... 32 more
Jigasi 2019-02-15 19:30:41.911 INFO: [61] impl.protocol.jabber.OperationSetBasicTelephonyJabberImpl.registrationStateChanged().125 Jingle : ON
Jigasi 2019-02-15 19:30:41.914 INFO: [61] org.jitsi.jigasi.JvbConference.registrationStateChanged().578 XMPP (168f26cc6e7@meet.jitsi): RegistrationStateChangeEvent[ oldState=Registering; newState=RegistrationState=Registering; reasonCode=-1; reason=null]
Jigasi 2019-02-15 19:30:41.914 WARNING: [61] org.jivesoftware.smack.SASLAuthentication.selectMechanism() Server did not report any SASL mechanisms
Jigasi 2019-02-15 19:30:41.915 SEVERE: [61] impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin().1004 Failed to connect to XMPP service
org.jivesoftware.smack.SmackException: No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: []. Registered SASL mechanisms with Smack: [SASL Mech: GSSAPI, Prio: 100, SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 200, SASL Mech: CRAM-MD5, Prio: 300, SASL Mech: PLAIN, Prio: 400, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: EXTERNAL, Prio: 500, SASL Mech: ANONYMOUS, Prio: 500]. Enabled SASL mechanisms for this connection: [ANONYMOUS]. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].
at org.jivesoftware.smack.SASLAuthentication.selectMechanism(SASLAuthentication.java:361)
at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:192)
at org.jivesoftware.smack.bosh.XMPPBOSHConnection.loginInternal(XMPPBOSHConnection.java:222)
at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:491)
at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:448)
at net.java.sip.communicator.impl.protocol.jabber.AnonymousLoginStrategy.login(AnonymousLoginStrategy.java:84)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin(ProtocolProviderServiceJabberImpl.java:1363)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin(ProtocolProviderServiceJabberImpl.java:971)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.initializeConnectAndLogin(ProtocolProviderServiceJabberImpl.java:796)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.register(ProtocolProviderServiceJabberImpl.java:501)
at org.jitsi.jigasi.util.RegisterThread.run(RegisterThread.java:59)
Also, how would this approach allow for dynamic rooms if it is always hardcoded?
Thanks again for the reply. I totally understand how to handle the JWT token. The problem is with prosody / Jigasi accepting the incoming SIP call. Currently, Prosody will not accept the incoming call because there is no token. While it’s highly likely i’m misunderstanding soething, I thought the SIP call came in via prosody and was then forwarded to Jigasi so it could bridge the call. Is this not correct? How can I get the incoming SIP call to contain the token?
# SIP URI for incoming / outgoing calls.
JIGASI_SIP_URI=test@test.sip.us1.twilio.com
# Password for the specified SIP account as a clear text
JIGASI_SIP_PASSWORD=Testing123456
# SIP server (use the SIP account domain if in doubt).
JIGASI_SIP_SERVER=test.sip.us1.twilio.com
XMPP_DOMAIN=meet.jitsi
Incoming sip call comes in, then jigasi uses an xmpp account to create a conference. By default that is an anonymous account. It is controlled by the org.jitsi.jigasi.xmpp.acc properties. As described in the template config file, you can add user and pass so, it is not anonymous. None of the accounts in jigasi do not use bosh by default, so cannot use the token.
I had shown you above how to add the bosh url and that account will use bosh, currently meet.jit.si uses that config.
It is on the first place strange, why the user and pass you put in there and jigasi will use a different domain …
What you can do is in /etc/jitsi/jigasi/config(or its corresponding file in docker config) add -Dsmack.debugEnabled=true -Dsmack.debuggerClass=org.jivesoftware.smack.debugger.ConsoleDebugger in JAVA_SYS_PROPS.
Remove the bosh_url, leaving the user and pass with all the rest config I pointed above (where the user is using auth. domain) and try doing a call and then send me the output of jigasi, if you want send it to me in a private message.
@damencho so I realized that my previous issue was the lack of a missing jigasi user at auth.meet.jitsi. Once I realized this I created via prosodyctl. Now using the same config as above, I’m receiving the following errors:
Prosody:
|c2s563cf46bd010 debug|Received[c2s_unauthed]: <auth mechanism='SCRAM-SHA-1' xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>|
|---|---|
|auth.meet.jitsi:auth_internal_plain debug|get_password for username 'jigasi'|
|auth.meet.jitsi:saslauth debug|sasl reply: <challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>cj1XVUFRXyl3Lz1YfE50KWVHQFlHbXFwY3pYXXYveTVjJDdmMGU2YTc5LTNhNDYtNGEzNi05ZGFlLTBjYzllMzA1YzY1OSxzPU1XWmtOR1ZtTXpFdFlXRXhNUzAwWVRZMkxXRTRPRE10TVRsaE1qZGlNakZsTXpCbSxpPTQwOTY=</challenge>|
|c2s563cf46bd010 debug|Received[c2s_unauthed]: <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>|
|c2s563cf46bd010 info|Authenticated as jigasi@auth.meet.jitsi|
|auth.meet.jitsi:saslauth debug|sasl reply: <success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>dj0rZVFuTkhCeE1iL3p6YmdiWGF1UkdnditLcXM9</success>|
|c2s563cf46bd010 debug|Client sent opening <stream:stream> to auth.meet.jitsi|
|c2s563cf46bd010 debug|Sent reply <stream:stream> to client|
|c2s563cf46bd010 debug|Received[c2s_unbound]: <iq id='56ukA-153' type='set'>|
|rostermanager debug|load_roster: asked for: jigasi@auth.meet.jitsi|
|c2s563cf46bd010 debug|Resource bound: jigasi@auth.meet.jitsi/168f8e8bdbb|
|c2s563cf46bd010 debug|Received[c2s]: <iq id='56ukA-155' type='get'>|
|c2s563cf46bd010 debug|Received[c2s]: <iq id='56ukA-156' type='get'>|
|c2s563cf46bd010 debug|Received[c2s]: <presence id='56ukA-159'>|
|datamanager debug|Removing empty offline datastore for user jigasi@auth.meet.jitsi|
|c2s563cf46bd010 debug|Received[c2s]: <iq id='56ukA-160' type='get' to='jigasi@auth.meet.jitsi'>|
|c2s563cf46bd010 debug|Received[c2s]: <iq id='56ukA-165' type='get' to='auth.meet.jitsi'>|
|c2s563cf46bd010 debug|Received[c2s]: <presence id='56ukA-166'>|
|c2s563cf46bd010 debug|Received[c2s]: <presence id='56ukA-174'>|
|c2s563cf46bd010 debug|Received[c2s]: <iq id='disco' type='result' to='jigasi@auth.meet.jitsi'>|
|stanzarouter debug|Discarding iq from c2s of type: result|
|c2s563cf46bd010 debug|Received[c2s]: <iq id='disco' type='result' to='jigasi@auth.meet.jitsi'>|
|stanzarouter debug|Discarding iq from c2s of type: result|
|jcp563cf4462a40 debug|Received[component]: <iq id='LYsyr-664' type='get' to='meet.jitsi' from='focus.meet.jitsi'>|
|c2s563cf46bd010 debug|Received[c2s]: <presence id='56ukA-182' type='unavailable'>|
|c2s563cf46bd010 debug|Received </stream:stream>|
|c2s563cf46bd010 debug|c2s stream for jigasi@auth.meet.jitsi/168f8e8bdbb closed: session closed|
|c2s563cf46bd010 debug|Destroying session for jigasi@auth.meet.jitsi/168f8e8bdbb (jigasi@auth.meet.jitsi)|
|c2s563cf46bd010 info|Client disconnected: connection closed|
|c2s563cf46bd010 debug|Destroying session for (unknown) ((unknown)@(unknown))|
|socket debug|server.lua: closed client handler and removed socket from list|
Jigasi:
Jigasi 2019-02-17 01:47:37.380 INFO: [150] org.jitsi.jigasi.SipGateway.incomingCallReceived().188 Incoming call received...
Jigasi 2019-02-17 01:47:38.381 INFO: [151] org.jitsi.jigasi.SipGatewaySession.run().894 Wait thread cancelled
Jigasi 2019-02-17 01:47:38.383 INFO: [150] org.jitsi.jigasi.JvbConference.setXmppProvider().533 168f8ec39a5@auth.meet.jitsi will use ProtocolProviderServiceJabberImpl(jigasi@auth.meet.jitsi (Jabber))
Jigasi 2019-02-17 01:47:38.388 INFO: [152] impl.protocol.jabber.OperationSetBasicTelephonyJabberImpl.registrationStateChanged().132 Jingle : OFF
Jigasi 2019-02-17 01:47:38.405 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-17 01:47:38.406 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-17 01:47:38.407 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-17 01:47:38.409 SEVERE: [19] impl.packetlogging.PacketLoggingServiceImpl.run().845 Error writing packet to file
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/log/jitsi0.pcap
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.getFileNames(PacketLoggingServiceImpl.java:197)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.savePacket(PacketLoggingServiceImpl.java:582)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl.access$100(PacketLoggingServiceImpl.java:35)
at net.java.sip.communicator.impl.packetlogging.PacketLoggingServiceImpl$SaverThread.run(PacketLoggingServiceImpl.java:834)
Jigasi 2019-02-17 01:47:38.506 INFO: [153] impl.protocol.jabber.OperationSetBasicTelephonyJabberImpl.registrationStateChanged().125 Jingle : ON
Jigasi 2019-02-17 01:47:38.510 INFO: [153] org.jitsi.jigasi.JvbConference.registrationStateChanged().578 XMPP (168f8ec39a5@auth.meet.jitsi): RegistrationStateChangeEvent[ oldState=Registering; newState=RegistrationState=Registering; reasonCode=-1; reason=null]
Jigasi 2019-02-17 01:47:38.534 INFO: [153] impl.protocol.jabber.ProtocolProviderServiceJabberImpl.authenticated().2531 Authenticated: false
Jigasi 2019-02-17 01:47:38.541 INFO: [153] impl.protocol.jabber.OperationSetPersistentPresenceJabberImpl.createAccountPhotoPresenceInterceptor().1980 Can not retrieve account avatar for jigasi@auth.meet.jitsi/168f8ec39a5: XMPPError: item-not-found - cancel
Jigasi 2019-02-17 01:47:38.556 SEVERE: [165] util.AvatarCacheUtils.getLocallyStoredAvatar().219 Could not read avatar image from file avatarcache/Jabber&_co168f8ec39a5@auth.meet.jitsi&_sl168f8ec39a5/Jabber&_co168f8ec39a5@auth.meet.jitsi&_sl168f8ec39a5
java.lang.SecurityException: Insufficient rights to access this file in current user's home directory: /config/avatarcache/Jabber&_co168f8ec39a5@auth.meet.jitsi&_sl168f8ec39a5/Jabber&_co168f8ec39a5@auth.meet.jitsi&_sl168f8ec39a5
at org.jitsi.impl.fileaccess.FileAccessServiceImpl.getPrivatePersistentFile(FileAccessServiceImpl.java:170)
at net.java.sip.communicator.util.AvatarCacheUtils.getLocallyStoredAvatar(AvatarCacheUtils.java:190)
at net.java.sip.communicator.util.AvatarCacheUtils.getCachedAvatar(AvatarCacheUtils.java:77)
at net.java.sip.communicator.impl.globaldisplaydetails.GlobalDisplayDetailsImpl$UpdateAccountInfo.run(GlobalDisplayDetailsImpl.java:377)
Jigasi 2019-02-17 01:47:38.565 WARNING: [153] org.jitsi.jigasi.xmpp.CallControlMucActivator.joinCommonRoom().279 No brewery name specified for:ProtocolProviderServiceJabberImpl(jigasi@auth.meet.jitsi (Jabber))
Jigasi 2019-02-17 01:47:38.568 INFO: [153] org.jitsi.jigasi.JvbConference.joinConferenceRoom().619 Joining JVB conference room: testing
Jigasi 2019-02-17 01:47:38.570 SEVERE: [153] org.jitsi.jigasi.JvbConference.joinConferenceRoom().677 java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0
at java.util.ArrayList.rangeCheck(ArrayList.java:657)
at java.util.ArrayList.get(ArrayList.java:433)
at net.java.sip.communicator.impl.protocol.jabber.OperationSetMultiUserChatJabberImpl.getCanonicalRoomName(OperationSetMultiUserChatJabberImpl.java:658)
at net.java.sip.communicator.impl.protocol.jabber.OperationSetMultiUserChatJabberImpl.findRoom(OperationSetMultiUserChatJabberImpl.java:316)
at org.jitsi.jigasi.JvbConference.joinConferenceRoom(JvbConference.java:621)
at org.jitsi.jigasi.JvbConference.registrationStateChanged(JvbConference.java:563)
at net.java.sip.communicator.service.protocol.AbstractProtocolProviderService.fireRegistrationStateChanged(AbstractProtocolProviderService.java:187)
at net.java.sip.communicator.service.protocol.AbstractProtocolProviderService.fireRegistrationStateChanged(AbstractProtocolProviderService.java:141)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin(ProtocolProviderServiceJabberImpl.java:1381)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.connectAndLogin(ProtocolProviderServiceJabberImpl.java:971)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.initializeConnectAndLogin(ProtocolProviderServiceJabberImpl.java:796)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.register(ProtocolProviderServiceJabberImpl.java:501)
at org.jitsi.jigasi.util.RegisterThread.run(RegisterThread.java:59)
Jigasi 2019-02-17 01:47:38.570 INFO: [153] org.jitsi.jigasi.JvbConference.stop().493 168f8ec39a5@auth.meet.jitsi is removing account Jabber:168f8ec39a5@auth.meet.jitsi/168f8ec39a5
Jigasi 2019-02-17 01:47:38.576 WARNING: [163] org.jivesoftware.smackx.caps.EntityCapsManager.updateLocalEntityCaps() Could could not update presence with caps info
org.jivesoftware.smack.SmackException$NotConnectedException: The connection XMPPTCPConnection[jigasi@auth.meet.jitsi/168f8ec39a5] (3) is no longer connected. done=true smResumptionPossible=false
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketWriter.throwNotConnectedExceptionIfDoneAndResumptionNotPossible(XMPPTCPConnection.java:1327)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.throwNotConnectedExceptionIfAppropriate(XMPPTCPConnection.java:358)
at org.jivesoftware.smack.AbstractXMPPConnection.sendStanza(AbstractXMPPConnection.java:670)
at org.jivesoftware.smackx.caps.EntityCapsManager.updateLocalEntityCaps(EntityCapsManager.java:525)
at org.jivesoftware.smackx.disco.ServiceDiscoveryManager.renewEntityCapsVersion(ServiceDiscoveryManager.java:934)
at org.jivesoftware.smackx.disco.ServiceDiscoveryManager.addFeature(ServiceDiscoveryManager.java:387)
at org.xmpp.jnodes.smack.SmackServiceNode.setup(SmackServiceNode.java:101)
at org.xmpp.jnodes.smack.SmackServiceNode.<init>(SmackServiceNode.java:58)
at net.java.sip.communicator.impl.protocol.jabber.ProtocolProviderServiceJabberImpl.startJingleNodesDiscovery(ProtocolProviderServiceJabberImpl.java:2880)
at net.java.sip.communicator.impl.protocol.jabber.OperationSetPersistentPresenceJabberImpl$ServerStoredListInit.run(OperationSetPersistentPresenceJabberImpl.java:1932)
at java.lang.Thread.run(Thread.java:748)
Jigasi 2019-02-17 01:47:38.577 WARNING: [160] org.jivesoftware.smack.AbstractXMPPConnection.run() Exception while sending response to IQ request
org.jivesoftware.smack.SmackException$NotConnectedException: The connection XMPPTCPConnection[jigasi@auth.meet.jitsi/168f8ec39a5] (3) is no longer connected. done=true smResumptionPossible=false
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketWriter.throwNotConnectedExceptionIfDoneAndResumptionNotPossible(XMPPTCPConnection.java:1327)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.throwNotConnectedExceptionIfAppropriate(XMPPTCPConnection.java:358)
at org.jivesoftware.smack.AbstractXMPPConnection.sendStanza(AbstractXMPPConnection.java:670)
at org.jivesoftware.smack.AbstractXMPPConnection$4.run(AbstractXMPPConnection.java:1198)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Jigasi 2019-02-17 01:47:38.596 SEVERE: [166] util.UtilActivator.uncaughtException().122 An uncaught exception occurred in thread=Thread[Thread-142,10,main] and message was: null
java.lang.NullPointerException
at net.java.sip.communicator.impl.globaldisplaydetails.GlobalStatusServiceImpl$PublishPresenceStatusThread.run(GlobalStatusServiceImpl.java:806)
Jigasi 2019-02-17 01:47:38.596 INFO: [171] impl.protocol.jabber.JingleNodesServiceDiscovery.run().110 Start Jingle Nodes discovery!
Jigasi 2019-02-17 01:47:38.596 INFO: [171] impl.protocol.jabber.JingleNodesServiceDiscovery.run().150 Jingle Nodes discovery terminated!
Jigasi 2019-02-17 01:47:38.596 INFO: [171] impl.protocol.jabber.JingleNodesServiceDiscovery.run().151 Found 0 Jingle Nodes relay for account: jigasi@auth.meet.jitsi in 18 ms.
Jigasi 2019-02-17 01:47:38.597 SEVERE: [165] impl.protocol.jabber.InfoRetreiver.retrieveDetails().369 Cannot load details for contact jigasi@auth.meet.jitsi : XMPPError: item-not-found - cancel
Actually it is detecting your room, but you need to pass testing@conference.meet.jitsi (assuming this is the muc component address). When using authentication the domain is different from the default domain and so it cannot discover the muc service correctly. Anyway passing the muc service speeds things, saving one round trip time for send & receive a xmpp discovery message.
Surprisingly adding the muc component address after the room name did not work. I then did some additonal searching and came across this github issue. Adding org.jitsi.jigasi.MUC_SERVICE_ADDRESS to jigasi sip properties file worked like a charm!
Although, i’m not sure why it doesn’t working being appended to the room name in the SIP call. Regardless, things appear to be working. Thanks so much for assisting with this issue. As always, it’s greatly appreciated!