Jitsi is not asking for credentials after the first correct authentication

Hello and first of all thank you for your great job with Jitsi, its amazing!

I am deploying Jitsi for a videoconference solution and I am facing a strange behaviour (at least for me).

The authentication in enabled so before creating a room, the user must authenticate himself. But, after this first correct authentication, if the user leaves the room and tries to enter again the same room after 2, 3,… minutes, Jitsi do not ask for authenticate again.

Would it be possible to force the first user to authenticate always?

Another question related to this one is that I would like to log in a database when a user enters a room and when leaves. I have made a LUA module to do this using the events “muc-room-created” for logging the first user and “muc-occupant-joined” and “muc-occupant-left” for the rest of users. Is this the best approach or is there other better way to do this? Which is the timer that manages for example when the user looses network link?

Again, thank you very much and regards,


You need to add this jicofo configuration:

That’s fine. There are also client analytics handlers that you can add that will hit some http endpoint, but a central place is prosody and the events you handle.
If a client loses network and as the clients are using bosh, bosh timeouts in 60 seconds if there was not network activity in the connection and when that happens that participant is removed from the muc so a muc-occupant-left event is fired.

Perfect! Thank you Damian.

org.jitsi.jicofo.auth.DISABLE_AUTOLOGIN=true worked as expected.

Regarding the events it is just like that, so logging in the database works also right.

There is one thing about BOSH revealed by the database logging that I do not understand. When the owner creates the room, it authenticates using the prosody credentials. That works right, but that user never appears in the database log. It is always the user “focus” who appears in the log.

Let me explain. The steps seem to be these:
1.- Focus user, as admin and trough “auth”, joins (muc-occupant-joined event gets fired) and creates the room (muc-room-created event gets fired) but this room is not reachable for the user until authentication phase is completed.

2.- So, in that moment, the web user is asked for the credentials. If the user completes authentication correctly, then a user like "uxln_6m4jhfdmmgdrf@guest.domain.com" joins that same room (again, muc-occupant-joined event getes fired). So, at this moment, there are 2 users joined to that room, “focus” and “uxln_6m4jhfdmmgdrf”.

But, where is o where could be captured the user that was used for authentication? In fact is BOSH authentication but I cannot think about an event being triggered. I have tried “resource-bind” (which occurs after authentication) but it seems that this event never gets fired.

Do you have any clue about this? Thank you very much again and regards,


This is jicofo, jicofo is always the one creating the room and setting the first participant as an owner, this in case when the all_owners module is no enabled. You probably need to log the first participant after jicofo.