[jitsi-users] auth token + guest access


#1

Hi all,
I have an issue when I want access to my own jitsi instance with user
anonymous (guest).

I already activated auth tohen to principal domain, It works perfectly.
I can access as moderator with this link:
https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”

But when I want to access as guest (with no token)
https://meet.winlux.fr/room1

I have an issue:
Prosody MUC enter in auth process "mod_token_verification.lua", but I
haven't token (I'm guest).

For me, virtualhost "guest" go to "conference" component (muc), and in
this component there is modules_enabled = { "token_verification" }

“”"
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
pre join: MUC room (room1@conference.meet.winlux.fr) <presence to=’
room1@conference.meet.winlux.fr/5934e5e9’ from=’
5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
xmlns=‘http://jabber.org/protocol/muc’/><user-agent xmlns=’
http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
Safari/537.36</user-agent><c hash=‘sha-1’
ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’ node=‘http://jitsi.org/jitsimeet’ xmlns=’
http://jabber.org/protocol/caps’/

<devices><audio>true</audio><video>true</video></devices><email>

mickael@winlux.fr</email><nick
xmlns='http://jabber.org/protocol/nick'>portablemika</nick><audiomuted
xmlns='http://jitsi.org/jitmeet/audio'>false</audiomuted><videoType xmlns='
http://jitsi.org/jitmeet/video'>camera</videoType><videomuted xmlns='
http://jitsi.org/jitmeet/video'>false</videomuted></presence>
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
Session token: nil, session room: nil
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug in
admin with admin:
5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug in
admin with admin2:
5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
allowEmptyToken: false, session.auth_token: nil
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
Will verify token for user:
5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room: room1
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
token: nil , auth_room: nil
Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument #1
to 'lower' (string expected, got nil)
stack traceback:
    [C]: in function 'lower'
    ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in function
<...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
</usr/lib/prosody/modules/muc/muc.lib.lua:455>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
"""

*My prosody configuration:*

"""
-- Plugins path gets uncommented during jitsi-meet-tokens package install -
that's where token plugin is located
plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }

···

--
--HELP: https://github.com/jitsi/jicofo
--https://bremensaki.com/2015/03/19/configuring-prosody/

VirtualHost "meet.winlux.fr"
        -- enabled = false -- Remove this line to enable this host
    --authentication = "anonymous"
        --authentication = "internal_plain" -- NO LOGIN WITH DOT !!!
mhubert => OK, m.hubert => NOK !!!!!!!!!!!!
        -- authentication = "internal_hash"
        -- Properties below are modified by jitsi-meet-tokens package config
        -- and authentication above is switched to "token"
    authentication = "token";
        app_id="********"
        app_secret="******"
    allow_empty_token=false
        -- Assign this host a certificate for TLS, otherwise it would use
the one
        -- set in the global section (if any).
        -- Note that old-style SSL on port 5223 only supports one
certificate, and will always
        -- use the global one.
        ssl = {
                --key = "/etc/prosody/certs/meet.winlux.fr.key";
                key = "/etc/prosody/certs/privkey.pem";
                --certificate = "/etc/prosody/certs/meet.winlux.fr.crt";
                certificate = "/etc/prosody/certs/fullchain.pem";
        }
        -- we need bosh
        modules_enabled = {
            "bosh";
            "pubsub";
            "ping"; -- Enable mod_ping
        "admin_telnet";
        }

    --storage = "sql"
    --sql = { driver = "MySQL", database = "jitsi", username = "jitsi",
password = "********", host = "localhost" }

Component "conference.meet.winlux.fr" "muc"
    modules_enabled = { "token_verification" }
    admins = { "focus@auth.meet.winlux.fr" }
    -- restrict_room_creation = "local"
    -- restrict_room_creation = true
    ssl = {
        certificate = "/var/lib/prosody/conference.meet.winlux.fr.crt";
    key = "/var/lib/prosody/conference.meet.winlux.fr.key";
    }

Component "jitsi-videobridge.meet.winlux.fr"
    component_secret = "******"
    ssl = {
        certificate =
"/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt";
    key = "/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key";
    }

VirtualHost "auth.meet.winlux.fr"
    authentication = "internal_plain"
    ssl = {
        certificate = "/var/lib/prosody/auth.meet.winlux.fr.crt";
    key = "/var/lib/prosody/auth.meet.winlux.fr.key";
    }

VirtualHost "guest.meet.winlux.fr"
    authentication = "anonymous"
    allow_empty_token=true
    ssl = {
    certificate = "/var/lib/prosody/guest.meet.winlux.fr.crt";
    key = "/var/lib/prosody/guest.meet.winlux.fr.key";
    }

Component "focus.meet.winlux.fr"
    component_secret = "*****"
    ssl = {
        certificate = "/var/lib/prosody/focus.meet.winlux.fr.crt";
        key = "/var/lib/prosody/focus.meet.winlux.fr.key";
    }

Component "callcontrol.meet.winlux.fr"
    component_secret = "******"
    ssl = {
        certificate = "/var/lib/prosody/callcontrol.meet.winlux.fr.crt";
    key = "/var/lib/prosody/callcontrol.meet.winlux.fr.key";
    }
"""

*Deb packet installed:*
"""
drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
-rw-r--r-- 1 root root 25M avril 14 18:26 jicofo_1.0-346-1_amd64.deb
-rw-r--r-- 1 root root 2,7K avril 19 00:26
jitsi-meet_1.0.2013-1_all.deb
-rw-r--r-- 1 root root 5,5K avril 19 00:00
jitsi-meet-prosody_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 9,0K avril 19 00:00
jitsi-meet-tokens_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 5,4M avril 19 00:00
jitsi-meet-web_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 9,2K avril 19 00:00
jitsi-meet-web-config_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 30M avril 19 00:24
jitsi-videobridge_934-1_amd64.deb

"""

Do you have an idea ? is it possible to have token and guest in the same
room ?

big thanks in advance :wink:


#2

Hi,

Hum, it can be that the print there is causing troubles, did you tried
without enabling debug? Or at least comment that debug print that is
giving the error?

Regards
damencho

···

On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> wrote:

Hi all,
I have an issue when I want access to my own jitsi instance with user
anonymous (guest).

I already activated auth tohen to principal domain, It works perfectly.
I can access as moderator with this link:
https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”

But when I want to access as guest (with no token)
https://meet.winlux.fr/room1

I have an issue:
Prosody MUC enter in auth process "mod_token_verification.lua", but I
haven't token (I'm guest).

For me, virtualhost "guest" go to "conference" component (muc), and in this
component there is modules_enabled = { "token_verification" }

“”"
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug pre
join: MUC room (room1@conference.meet.winlux.fr) <presence
to=‘room1@conference.meet.winlux.fr/5934e5e9’
from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
xmlns=‘http://jabber.org/protocol/muc’/><user-agent
xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux x86_64)
AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
Safari/537.36</user-agent><c hash=‘sha-1’ ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
node=‘http://jitsi.org/jitsimeet
xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>true</audio><video>true</video></devices><email>mickael@winlux.fr</email><nick
xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><audiomuted
xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><videomuted
xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></presence>
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
Session token: nil, session room: nil
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug in
admin with admin:
5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug in
admin with admin2:
5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
allowEmptyToken: false, session.auth_token: nil
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
Will verify token for user:
5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room: room1
Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
token: nil , auth_room: nil
Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument #1
to ‘lower’ (string expected, got nil)
stack traceback:
    [C]: in function ‘lower’
    ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in function
<...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
</usr/lib/prosody/modules/muc/muc.lib.lua:455>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
“”"

My prosody configuration:

"""
-- Plugins path gets uncommented during jitsi-meet-tokens package install -
that's where token plugin is located
plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
--
--HELP: https://github.com/jitsi/jicofo
--https://bremensaki.com/2015/03/19/configuring-prosody/

VirtualHost "meet.winlux.fr"
        -- enabled = false -- Remove this line to enable this host
    --authentication = "anonymous"
        --authentication = "internal_plain" -- NO LOGIN WITH DOT !!! mhubert
=> OK, m.hubert => NOK !!!!!!!!!!!!
        -- authentication = "internal_hash"
        -- Properties below are modified by jitsi-meet-tokens package config
        -- and authentication above is switched to "token"
    authentication = "token";
        app_id="********"
        app_secret="******"
    allow_empty_token=false
        -- Assign this host a certificate for TLS, otherwise it would use
the one
        -- set in the global section (if any).
        -- Note that old-style SSL on port 5223 only supports one
certificate, and will always
        -- use the global one.
        ssl = {
                --key = "/etc/prosody/certs/meet.winlux.fr.key";
                key = "/etc/prosody/certs/privkey.pem";
                --certificate = "/etc/prosody/certs/meet.winlux.fr.crt";
                certificate = "/etc/prosody/certs/fullchain.pem";
        }
        -- we need bosh
        modules_enabled = {
            "bosh";
            "pubsub";
            "ping"; -- Enable mod_ping
        "admin_telnet";
        }

    --storage = "sql"
    --sql = { driver = "MySQL", database = "jitsi", username = "jitsi",
password = "********", host = "localhost" }

Component "conference.meet.winlux.fr" "muc"
    modules_enabled = { "token_verification" }
    admins = { "focus@auth.meet.winlux.fr" }
    -- restrict_room_creation = "local"
    -- restrict_room_creation = true
    ssl = {
        certificate = "/var/lib/prosody/conference.meet.winlux.fr.crt";
    key = "/var/lib/prosody/conference.meet.winlux.fr.key";
    }

Component "jitsi-videobridge.meet.winlux.fr"
    component_secret = "******"
    ssl = {
        certificate =
"/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt";
    key = "/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key";
    }

VirtualHost "auth.meet.winlux.fr"
    authentication = "internal_plain"
    ssl = {
        certificate = "/var/lib/prosody/auth.meet.winlux.fr.crt";
    key = "/var/lib/prosody/auth.meet.winlux.fr.key";
    }

VirtualHost "guest.meet.winlux.fr"
    authentication = "anonymous"
    allow_empty_token=true
    ssl = {
    certificate = "/var/lib/prosody/guest.meet.winlux.fr.crt";
    key = "/var/lib/prosody/guest.meet.winlux.fr.key";
    }

Component "focus.meet.winlux.fr"
    component_secret = "*****"
    ssl = {
        certificate = "/var/lib/prosody/focus.meet.winlux.fr.crt";
        key = "/var/lib/prosody/focus.meet.winlux.fr.key";
    }

Component "callcontrol.meet.winlux.fr"
    component_secret = "******"
    ssl = {
        certificate = "/var/lib/prosody/callcontrol.meet.winlux.fr.crt";
    key = "/var/lib/prosody/callcontrol.meet.winlux.fr.key";
    }
"""

Deb packet installed:
"""
drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
-rw-r--r-- 1 root root 25M avril 14 18:26 jicofo_1.0-346-1_amd64.deb
-rw-r--r-- 1 root root 2,7K avril 19 00:26
jitsi-meet_1.0.2013-1_all.deb
-rw-r--r-- 1 root root 5,5K avril 19 00:00
jitsi-meet-prosody_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 9,0K avril 19 00:00
jitsi-meet-tokens_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 5,4M avril 19 00:00
jitsi-meet-web_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 9,2K avril 19 00:00
jitsi-meet-web-config_1.0.1906-1_all.deb
-rw-r--r-- 1 root root 30M avril 19 00:24
jitsi-videobridge_934-1_amd64.deb

"""

Do you have an idea ? is it possible to have token and guest in the same
room ?

big thanks in advance :wink:

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#3

Hi,
without debug, it's the same issue.

*prosody logs with I'm connected in admin (token):*
Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it sid
'd16966f1-3207-4fc6-ba7b-9aeb20a65c26'
Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046ac8d255@meet.winlux.fr

*jicofo logs:*
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus request
for room: room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidWithSession().487
Authenticated jid:
1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
with session: AuthSession[ID=
b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr, JID=
1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be,
SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593, R=
room8@conference.meet.winlux.fr]@829517297
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthenticated().397
Jid
1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
authenticated as: b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.FocusManager.log() Created new focus for
room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences count: 2
options:
    call_control: callcontrol.meet.winlux.fr
    channelLastN: -1
    enableLipSync: true
    openSctp: true
    disableRtx: false
Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
ChatRoomMemberPresenceChangeEvent[type=MemberJoined
sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
null]@1175229885]
Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role: OWNER
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
room6@conference.meet.winlux.fr/focus joined.
Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service discovered -
using JVB
Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
ChatRoomMemberPresenceChangeEvent[type=MemberJoined
sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
null]@500755682]
Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
room6@conference.meet.winlux.fr/1acaef35 joined.

jvb logs:
JVB 2017-04-20 20:25:41.558 INFOS: [325918]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id="V9l6s-3661"
type="result" to="jitsi-videobridge.meet.winlux.fr" from="meet.winlux.fr"/>
JVB 2017-04-20 20:25:43.394 INFOS: [325919]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type="get" to="
jitsi-videobridge.meet.winlux.fr" from="
focus@auth.meet.winlux.fr/focus49834168749676109"
id="q886c-19940"><healthcheck xmlns="http://jitsi.org/protocol/healthcheck
"/></iq>
JVB 2017-04-20 20:25:43.395 INFOS: [325919]
org.jitsi.videobridge.Videobridge.log() CAT=stat
create_conf,conf_id=7a92d43516b1ba4
conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
JVB 2017-04-20 20:25:43.398 INFOS: [325919]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
JVB 2017-04-20 20:25:43.399 INFOS: [325919]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:25:43.399 INFOS: [36]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:25:43.403 INFOS: [325919]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
JVB 2017-04-20 20:25:43.417 INFOS: [325919]
org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq id="q886c-19940"
to="focus@auth.meet.winlux.fr/focus49834168749676109" from="
jitsi-videobridge.meet.winlux.fr" type="result"/>

*Log when I tried to connect without token (guest mode):*
Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it sid
'f40607cb-7566-4861-bbb8-aa53bc147345'
Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
Authenticated as 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument #1
to 'lower' (string expected, got nil)
stack traceback:
    [C]: in function 'lower'
    ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in function
<...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
</usr/lib/prosody/modules/muc/muc.lib.lua:455>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    /usr/lib/prosody/core/stanza_router.lua:189: in function
'core_post_stanza'
    /usr/lib/prosody/core/stanza_router.lua:137: in function
'dispatch_stanza'
    /usr/lib/prosody/modules/mod_bosh.lua:322: in function 'func'
    /usr/lib/prosody/util/async.lua:90: in function
</usr/lib/prosody/util/async.lua:88>
stack traceback:
    (tail call): ?
    /usr/lib/prosody/util/async.lua:163: in function 'run'
    /usr/lib/prosody/modules/mod_bosh.lua:457: in function 'cb_handlestanza'
    /usr/lib/prosody/util/xmppstream.lua:184: in function
</usr/lib/prosody/util/xmppstream.lua:164>
    [C]: in function 'parse'
    /usr/lib/prosody/util/xmppstream.lua:271: in function 'feed'
    /usr/lib/prosody/modules/mod_bosh.lua:150: in function '?'
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    /usr/lib/prosody/net/http/server.lua:239: in function
</usr/lib/prosody/net/http/server.lua:180>
    ...
    /usr/lib/prosody/net/http/server.lua:112: in function 'process_next'
    /usr/lib/prosody/net/http/server.lua:128: in function 'success_cb'
    /usr/lib/prosody/net/http/parser.lua:177: in function 'feed'
    /usr/lib/prosody/net/http/server.lua:159: in function
</usr/lib/prosody/net/http/server.lua:158>
    (tail call): ?
    /usr/lib/prosody/net/server_select.lua:920: in function
</usr/lib/prosody/net/server_select.lua:895>
    [C]: in function 'xpcall'
    /usr/bin/prosody:396: in function 'loop'
    /usr/bin/prosody:427: in main chunk
    [C]: ?

jicofo logs:
Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
participant: room7@conference.meet.winlux.fr/d7e6131e
Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant: true,
room7@conference.meet.winlux.fr/d7e6131e
Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus request
for room: room7@conference.meet.winlux.fr

jvb logs:
JVB 2017-04-20 20:27:21.560 INFOS: [326201]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id="V9l6s-3671"
type="result" to="jitsi-videobridge.meet.winlux.fr" from="meet.winlux.fr"/>
JVB 2017-04-20 20:27:23.394 INFOS: [326108]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type="get" to="
jitsi-videobridge.meet.winlux.fr" from="
focus@auth.meet.winlux.fr/focus49834168749676109"
id="q886c-19991"><healthcheck xmlns="http://jitsi.org/protocol/healthcheck
"/></iq>
JVB 2017-04-20 20:27:23.394 INFOS: [326108]
org.jitsi.videobridge.Videobridge.log() CAT=stat
create_conf,conf_id=fad136c2ad8f27cf
conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
JVB 2017-04-20 20:27:23.398 INFOS: [326108]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
JVB 2017-04-20 20:27:23.399 INFOS: [326108]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:27:23.399 INFOS: [36]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:27:23.402 INFOS: [326108]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
JVB 2017-04-20 20:27:23.412 INFOS: [326108]
org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq id="q886c-19991"
to="focus@auth.meet.winlux.fr/focus49834168749676109" from="
jitsi-videobridge.meet.winlux.fr" type="result"/>

thanks for you help

···

2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

Hum, it can be that the print there is causing troubles, did you tried
without enabling debug? Or at least comment that debug print that is
giving the error?

Regards
damencho

On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> wrote:
> Hi all,
> I have an issue when I want access to my own jitsi instance with user
> anonymous (guest).
>
> I already activated auth tohen to principal domain, It works perfectly.
> I can access as moderator with this link:
> https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>
> But when I want to access as guest (with no token)
> https://meet.winlux.fr/room1
>
> I have an issue:
> Prosody MUC enter in auth process “mod_token_verification.lua”, but I
> haven’t token (I’m guest).
>
> For me, virtualhost “guest” go to “conference” component (muc), and in
this
> component there is modules_enabled = { “token_verification” }
>
> “”"
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
  pre
> join: MUC room (room1@conference.meet.winlux.fr) <presence
> to=‘room1@conference.meet.winlux.fr/5934e5e9’
> from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
> xmlns=‘http://jabber.org/protocol/muc’/><user-agent
> xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux
x86_64)
> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
> Safari/537.36</user-agent><c hash=‘sha-1’ ver=‘bInwKC/7Lt0uq2Y1/
f66QQKgRS4=’
> node=‘http://jitsi.org/jitsimeet
> xmlns=‘http://jabber.org/protocol/caps’/><devices><
>true</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
> xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><audiomuted
> xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
> xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><videomuted
> xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></presence>
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> Session token: nil, session room: nil
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin:
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin2:
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: nil
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room: room1
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> token: nil , auth_room: nil
> Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
> [C]: in function ‘lower’
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
function
> <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
> </usr/lib/prosody/modules/muc/muc.lib.lua:455>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> “”"
>
> My prosody configuration:
>
> “”"
> -- Plugins path gets uncommented during jitsi-meet-tokens package
install -
> that’s where token plugin is located
> plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
> --
> --HELP: https://github.com/jitsi/jicofo
> --https://bremensaki.com/2015/03/19/configuring-prosody/
>
> VirtualHost “meet.winlux.fr
> -- enabled = false -- Remove this line to enable this host
> --authentication = “anonymous”
> --authentication = “internal_plain” -- NO LOGIN WITH DOT !!!
mhubert
> => OK, m.hubert => NOK !!!!!!!!!!!!
> -- authentication = “internal_hash”
> -- Properties below are modified by jitsi-meet-tokens package
config
> -- and authentication above is switched to “token”
> authentication = “token”;
> app_id="********"
> app_secret="******"
> allow_empty_token=false
> -- Assign this host a certificate for TLS, otherwise it would use
> the one
> -- set in the global section (if any).
> -- Note that old-style SSL on port 5223 only supports one
> certificate, and will always
> -- use the global one.
> ssl = {
> --key = “/etc/prosody/certs/meet.winlux.fr.key”;
> key = “/etc/prosody/certs/privkey.pem”;
> --certificate = “/etc/prosody/certs/meet.winlux.fr.crt”;
> certificate = “/etc/prosody/certs/fullchain.pem”;
> }
> -- we need bosh
> modules_enabled = {
> “bosh”;
> “pubsub”;
> “ping”; -- Enable mod_ping
> “admin_telnet”;
> }
>
> --storage = “sql”
> --sql = { driver = “MySQL”, database = “jitsi”, username = “jitsi”,
> password = “********”, host = “localhost” }
>
> Component “conference.meet.winlux.fr” “muc”
> modules_enabled = { “token_verification” }
> admins = { "focus@auth.meet.winlux.fr" }
> -- restrict_room_creation = “local”
> -- restrict_room_creation = true
> ssl = {
> certificate = “/var/lib/prosody/conference.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
> }
>
> Component “jitsi-videobridge.meet.winlux.fr
> component_secret = “******”
> ssl = {
> certificate =
> “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key”;
> }
>
> VirtualHost “auth.meet.winlux.fr
> authentication = “internal_plain”
> ssl = {
> certificate = “/var/lib/prosody/auth.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
> }
>
> VirtualHost “guest.meet.winlux.fr
> authentication = “anonymous”
> allow_empty_token=true
> ssl = {
> certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
> }
>
>
>
> Component “focus.meet.winlux.fr
> component_secret = “*****”
> ssl = {
> certificate = “/var/lib/prosody/focus.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
> }
>
> Component “callcontrol.meet.winlux.fr
> component_secret = “******”
> ssl = {
> certificate = “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
> }
> “”"
>
> Deb packet installed:
> “”"
> drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
> drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
> -rw-r--r-- 1 root root 25M avril 14 18:26
jicofo_1.0-346-1_amd64.deb
> -rw-r--r-- 1 root root 2,7K avril 19 00:26
> jitsi-meet_1.0.2013-1_all.deb
> -rw-r--r-- 1 root root 5,5K avril 19 00:00
> jitsi-meet-prosody_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 9,0K avril 19 00:00
> jitsi-meet-tokens_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 5,4M avril 19 00:00
> jitsi-meet-web_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 9,2K avril 19 00:00
> jitsi-meet-web-config_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 30M avril 19 00:24
> jitsi-videobridge_934-1_amd64.deb
>
> “”"
>
> Do you have an idea ? is it possible to have token and guest in the same
> room ?
>
> big thanks in advance :wink:
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#4

Hi,

can you try changing that problem line, mod_token_verification.lua:76

It is now: log("debug", "pre create: %s %s", tostring(origin),
tostring(stanza));
Can you change it to: log("debug", "pre create: %s", tostring(stanza));
And enable debugging and test again.

I think it is something about how you setup the domains, cause I was
testing that part yesterday, cause I'm currently working on the jwt
stuff and this was working fine.

Regards
damencho

···

On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> wrote:

Hi,
without debug, it's the same issue.

prosody logs with I'm connected in admin (token):
Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it sid
'd16966f1-3207-4fc6-ba7b-9aeb20a65c26'
Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046ac8d255@meet.winlux.fr

jicofo logs:
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus request
for room: room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidWithSession().487
Authenticated jid:
1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
with session:
AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr,
JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be,
SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
R=room8@conference.meet.winlux.fr]@829517297
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthenticated().397
Jid
1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
authenticated as: b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.FocusManager.log() Created new focus for
room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences count: 2
options:
    call_control: callcontrol.meet.winlux.fr
    channelLastN: -1
    enableLipSync: true
    openSctp: true
    disableRtx: false
Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
ChatRoomMemberPresenceChangeEvent[type=MemberJoined
sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
null]@1175229885]
Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role: OWNER
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
room6@conference.meet.winlux.fr/focus joined.
Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service discovered -
using JVB
Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
ChatRoomMemberPresenceChangeEvent[type=MemberJoined
sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
null]@500755682]
Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
room6@conference.meet.winlux.fr/1acaef35 joined.

jvb logs:
JVB 2017-04-20 20:25:41.558 INFOS: [325918]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id=“V9l6s-3661”
type=“result” to=“jitsi-videobridge.meet.winlux.fr” from=“meet.winlux.fr”/>
JVB 2017-04-20 20:25:43.394 INFOS: [325919]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
to=“jitsi-videobridge.meet.winlux.fr
from="focus@auth.meet.winlux.fr/focus49834168749676109"
id=“q886c-19940”><healthcheck
xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
JVB 2017-04-20 20:25:43.395 INFOS: [325919]
org.jitsi.videobridge.Videobridge.log() CAT=stat
create_conf,conf_id=7a92d43516b1ba4
conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
JVB 2017-04-20 20:25:43.398 INFOS: [325919]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
JVB 2017-04-20 20:25:43.399 INFOS: [325919]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:25:43.399 INFOS: [36]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:25:43.403 INFOS: [325919]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
JVB 2017-04-20 20:25:43.417 INFOS: [325919]
org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq id=“q886c-19940”
to="focus@auth.meet.winlux.fr/focus49834168749676109"
from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>

Log when I tried to connect without token (guest mode):
Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it sid
'f40607cb-7566-4861-bbb8-aa53bc147345'
Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
Authenticated as 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument #1
to 'lower' (string expected, got nil)
stack traceback:
    [C]: in function 'lower'
    ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in function
<...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
</usr/lib/prosody/modules/muc/muc.lib.lua:455>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    /usr/lib/prosody/core/stanza_router.lua:189: in function
'core_post_stanza'
    /usr/lib/prosody/core/stanza_router.lua:137: in function
'dispatch_stanza'
    /usr/lib/prosody/modules/mod_bosh.lua:322: in function 'func'
    /usr/lib/prosody/util/async.lua:90: in function
</usr/lib/prosody/util/async.lua:88>
stack traceback:
    (tail call): ?
    /usr/lib/prosody/util/async.lua:163: in function 'run'
    /usr/lib/prosody/modules/mod_bosh.lua:457: in function 'cb_handlestanza'
    /usr/lib/prosody/util/xmppstream.lua:184: in function
</usr/lib/prosody/util/xmppstream.lua:164>
    [C]: in function 'parse'
    /usr/lib/prosody/util/xmppstream.lua:271: in function 'feed'
    /usr/lib/prosody/modules/mod_bosh.lua:150: in function '?'
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    /usr/lib/prosody/net/http/server.lua:239: in function
</usr/lib/prosody/net/http/server.lua:180>
    ...
    /usr/lib/prosody/net/http/server.lua:112: in function 'process_next'
    /usr/lib/prosody/net/http/server.lua:128: in function 'success_cb'
    /usr/lib/prosody/net/http/parser.lua:177: in function 'feed'
    /usr/lib/prosody/net/http/server.lua:159: in function
</usr/lib/prosody/net/http/server.lua:158>
    (tail call): ?
    /usr/lib/prosody/net/server_select.lua:920: in function
</usr/lib/prosody/net/server_select.lua:895>
    [C]: in function 'xpcall'
    /usr/bin/prosody:396: in function 'loop'
    /usr/bin/prosody:427: in main chunk
    [C]: ?

jicofo logs:
Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
participant: room7@conference.meet.winlux.fr/d7e6131e
Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant: true,
room7@conference.meet.winlux.fr/d7e6131e
Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus request
for room: room7@conference.meet.winlux.fr

jvb logs:
JVB 2017-04-20 20:27:21.560 INFOS: [326201]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id=“V9l6s-3671”
type=“result” to=“jitsi-videobridge.meet.winlux.fr” from=“meet.winlux.fr”/>
JVB 2017-04-20 20:27:23.394 INFOS: [326108]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
to=“jitsi-videobridge.meet.winlux.fr
from="focus@auth.meet.winlux.fr/focus49834168749676109"
id=“q886c-19991”><healthcheck
xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
JVB 2017-04-20 20:27:23.394 INFOS: [326108]
org.jitsi.videobridge.Videobridge.log() CAT=stat
create_conf,conf_id=fad136c2ad8f27cf
conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
JVB 2017-04-20 20:27:23.398 INFOS: [326108]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
JVB 2017-04-20 20:27:23.399 INFOS: [326108]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:27:23.399 INFOS: [36]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:27:23.402 INFOS: [326108]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
JVB 2017-04-20 20:27:23.412 INFOS: [326108]
org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq id=“q886c-19991”
to="focus@auth.meet.winlux.fr/focus49834168749676109"
from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>

thanks for you help

2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

Hum, it can be that the print there is causing troubles, did you tried
without enabling debug? Or at least comment that debug print that is
giving the error?

Regards
damencho

On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> wrote:
> Hi all,
> I have an issue when I want access to my own jitsi instance with user
> anonymous (guest).
>
> I already activated auth tohen to principal domain, It works perfectly.
> I can access as moderator with this link:
> https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>
> But when I want to access as guest (with no token)
> https://meet.winlux.fr/room1
>
> I have an issue:
> Prosody MUC enter in auth process “mod_token_verification.lua”, but I
> haven’t token (I’m guest).
>
> For me, virtualhost “guest” go to “conference” component (muc), and in
> this
> component there is modules_enabled = { “token_verification” }
>
> “”"
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> pre
> join: MUC room (room1@conference.meet.winlux.fr) <presence
> to=‘room1@conference.meet.winlux.fr/5934e5e9’
>
> from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
> xmlns=‘http://jabber.org/protocol/muc’/><user-agent
> xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux
> x86_64)
> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
> Safari/537.36</user-agent><c hash=‘sha-1’
> ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
> node=‘http://jitsi.org/jitsimeet
>
> xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>true</audio><video>true</video></devices><email>mickael@winlux.fr</email><nick
> xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><audiomuted
> xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
> xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><videomuted
> xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></presence>
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> Session token: nil, session room: nil
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> in
> admin with admin:
>
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> in
> admin with admin2:
>
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: nil
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room: room1
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> token: nil , auth_room: nil
> Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument
> #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
> [C]: in function ‘lower’
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
> function
> <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
> </usr/lib/prosody/modules/muc/muc.lib.lua:455>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> “”"
>
> My prosody configuration:
>
> “”"
> -- Plugins path gets uncommented during jitsi-meet-tokens package
> install -
> that’s where token plugin is located
> plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
> --
> --HELP: https://github.com/jitsi/jicofo
> --https://bremensaki.com/2015/03/19/configuring-prosody/
>
> VirtualHost “meet.winlux.fr
> -- enabled = false -- Remove this line to enable this host
> --authentication = “anonymous”
> --authentication = “internal_plain” -- NO LOGIN WITH DOT !!!
> mhubert
> => OK, m.hubert => NOK !!!!!!!!!!!!
> -- authentication = “internal_hash”
> -- Properties below are modified by jitsi-meet-tokens package
> config
> -- and authentication above is switched to “token”
> authentication = “token”;
> app_id="********"
> app_secret="******"
> allow_empty_token=false
> -- Assign this host a certificate for TLS, otherwise it would
> use
> the one
> -- set in the global section (if any).
> -- Note that old-style SSL on port 5223 only supports one
> certificate, and will always
> -- use the global one.
> ssl = {
> --key = “/etc/prosody/certs/meet.winlux.fr.key”;
> key = “/etc/prosody/certs/privkey.pem”;
> --certificate = “/etc/prosody/certs/meet.winlux.fr.crt”;
> certificate = “/etc/prosody/certs/fullchain.pem”;
> }
> -- we need bosh
> modules_enabled = {
> “bosh”;
> “pubsub”;
> “ping”; -- Enable mod_ping
> “admin_telnet”;
> }
>
> --storage = “sql”
> --sql = { driver = “MySQL”, database = “jitsi”, username = “jitsi”,
> password = “********”, host = “localhost” }
>
> Component “conference.meet.winlux.fr” “muc”
> modules_enabled = { “token_verification” }
> admins = { "focus@auth.meet.winlux.fr" }
> -- restrict_room_creation = “local”
> -- restrict_room_creation = true
> ssl = {
> certificate = “/var/lib/prosody/conference.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
> }
>
> Component “jitsi-videobridge.meet.winlux.fr
> component_secret = “******”
> ssl = {
> certificate =
> “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key”;
> }
>
> VirtualHost “auth.meet.winlux.fr
> authentication = “internal_plain”
> ssl = {
> certificate = “/var/lib/prosody/auth.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
> }
>
> VirtualHost “guest.meet.winlux.fr
> authentication = “anonymous”
> allow_empty_token=true
> ssl = {
> certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
> }
>
>
>
> Component “focus.meet.winlux.fr
> component_secret = “*****”
> ssl = {
> certificate = “/var/lib/prosody/focus.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
> }
>
> Component “callcontrol.meet.winlux.fr
> component_secret = “******”
> ssl = {
> certificate = “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
> }
> “”"
>
> Deb packet installed:
> “”"
> drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
> drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
> -rw-r--r-- 1 root root 25M avril 14 18:26
> jicofo_1.0-346-1_amd64.deb
> -rw-r--r-- 1 root root 2,7K avril 19 00:26
> jitsi-meet_1.0.2013-1_all.deb
> -rw-r--r-- 1 root root 5,5K avril 19 00:00
> jitsi-meet-prosody_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 9,0K avril 19 00:00
> jitsi-meet-tokens_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 5,4M avril 19 00:00
> jitsi-meet-web_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 9,2K avril 19 00:00
> jitsi-meet-web-config_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 30M avril 19 00:24
> jitsi-videobridge_934-1_amd64.deb
>
> “”"
>
> Do you have an idea ? is it possible to have token and guest in the same
> room ?
>
> big thanks in advance :wink:
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#5

Hey, I think I've just reproduced your issue, it easier now to debug it.

···

On Thu, Apr 20, 2017 at 1:46 PM, Damian Minkov <damencho@jitsi.org> wrote:

Hi,

can you try changing that problem line, mod_token_verification.lua:76

It is now: log("debug", "pre create: %s %s", tostring(origin),
tostring(stanza));
Can you change it to: log("debug", "pre create: %s", tostring(stanza));
And enable debugging and test again.

I think it is something about how you setup the domains, cause I was
testing that part yesterday, cause I'm currently working on the jwt
stuff and this was working fine.

Regards
damencho

On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> wrote:

Hi,
without debug, it's the same issue.

prosody logs with I'm connected in admin (token):
Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it sid
'd16966f1-3207-4fc6-ba7b-9aeb20a65c26'
Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046ac8d255@meet.winlux.fr

jicofo logs:
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus request
for room: room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidWithSession().487
Authenticated jid:
1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
with session:
AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr,
JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be,
SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
R=room8@conference.meet.winlux.fr]@829517297
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthenticated().397
Jid
1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
authenticated as: b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
org.jitsi.jicofo.FocusManager.log() Created new focus for
room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences count: 2
options:
    call_control: callcontrol.meet.winlux.fr
    channelLastN: -1
    enableLipSync: true
    openSctp: true
    disableRtx: false
Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
room6@conference.meet.winlux.fr
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
ChatRoomMemberPresenceChangeEvent[type=MemberJoined
sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
null]@1175229885]
Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role: OWNER
Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
room6@conference.meet.winlux.fr/focus joined.
Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service discovered -
using JVB
Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
ChatRoomMemberPresenceChangeEvent[type=MemberJoined
sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
null]@500755682]
Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
room6@conference.meet.winlux.fr/1acaef35 joined.

jvb logs:
JVB 2017-04-20 20:25:41.558 INFOS: [325918]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id=“V9l6s-3661”
type=“result” to=“jitsi-videobridge.meet.winlux.fr” from=“meet.winlux.fr”/>
JVB 2017-04-20 20:25:43.394 INFOS: [325919]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
to=“jitsi-videobridge.meet.winlux.fr
from="focus@auth.meet.winlux.fr/focus49834168749676109"
id=“q886c-19940”><healthcheck
xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
JVB 2017-04-20 20:25:43.395 INFOS: [325919]
org.jitsi.videobridge.Videobridge.log() CAT=stat
create_conf,conf_id=7a92d43516b1ba4
conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
JVB 2017-04-20 20:25:43.398 INFOS: [325919]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
JVB 2017-04-20 20:25:43.399 INFOS: [325919]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:25:43.399 INFOS: [36]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:25:43.403 INFOS: [325919]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
JVB 2017-04-20 20:25:43.417 INFOS: [325919]
org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq id=“q886c-19940”
to="focus@auth.meet.winlux.fr/focus49834168749676109"
from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>

Log when I tried to connect without token (guest mode):
Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it sid
'f40607cb-7566-4861-bbb8-aa53bc147345'
Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
Authenticated as 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument #1
to 'lower' (string expected, got nil)
stack traceback:
    [C]: in function 'lower'
    ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in function
<...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
</usr/lib/prosody/modules/muc/muc.lib.lua:455>
    (tail call): ?
    (tail call): ?
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    /usr/lib/prosody/core/stanza_router.lua:189: in function
'core_post_stanza'
    /usr/lib/prosody/core/stanza_router.lua:137: in function
'dispatch_stanza'
    /usr/lib/prosody/modules/mod_bosh.lua:322: in function 'func'
    /usr/lib/prosody/util/async.lua:90: in function
</usr/lib/prosody/util/async.lua:88>
stack traceback:
    (tail call): ?
    /usr/lib/prosody/util/async.lua:163: in function 'run'
    /usr/lib/prosody/modules/mod_bosh.lua:457: in function 'cb_handlestanza'
    /usr/lib/prosody/util/xmppstream.lua:184: in function
</usr/lib/prosody/util/xmppstream.lua:164>
    [C]: in function 'parse'
    /usr/lib/prosody/util/xmppstream.lua:271: in function 'feed'
    /usr/lib/prosody/modules/mod_bosh.lua:150: in function '?'
    /usr/lib/prosody/util/events.lua:78: in function
</usr/lib/prosody/util/events.lua:74>
    (tail call): ?
    /usr/lib/prosody/net/http/server.lua:239: in function
</usr/lib/prosody/net/http/server.lua:180>
    ...
    /usr/lib/prosody/net/http/server.lua:112: in function 'process_next'
    /usr/lib/prosody/net/http/server.lua:128: in function 'success_cb'
    /usr/lib/prosody/net/http/parser.lua:177: in function 'feed'
    /usr/lib/prosody/net/http/server.lua:159: in function
</usr/lib/prosody/net/http/server.lua:158>
    (tail call): ?
    /usr/lib/prosody/net/server_select.lua:920: in function
</usr/lib/prosody/net/server_select.lua:895>
    [C]: in function 'xpcall'
    /usr/bin/prosody:396: in function 'loop'
    /usr/bin/prosody:427: in main chunk
    [C]: ?

jicofo logs:
Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
participant: room7@conference.meet.winlux.fr/d7e6131e
Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant: true,
room7@conference.meet.winlux.fr/d7e6131e
Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus request
for room: room7@conference.meet.winlux.fr

jvb logs:
JVB 2017-04-20 20:27:21.560 INFOS: [326201]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id=“V9l6s-3671”
type=“result” to=“jitsi-videobridge.meet.winlux.fr” from=“meet.winlux.fr”/>
JVB 2017-04-20 20:27:23.394 INFOS: [326108]
org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
to=“jitsi-videobridge.meet.winlux.fr
from="focus@auth.meet.winlux.fr/focus49834168749676109"
id=“q886c-19991”><healthcheck
xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
JVB 2017-04-20 20:27:23.394 INFOS: [326108]
org.jitsi.videobridge.Videobridge.log() CAT=stat
create_conf,conf_id=fad136c2ad8f27cf
conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
JVB 2017-04-20 20:27:23.398 INFOS: [326108]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
JVB 2017-04-20 20:27:23.399 INFOS: [326108]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:27:23.399 INFOS: [36]
org.jitsi.videobridge.cc.BitrateController.log()
bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
JVB 2017-04-20 20:27:23.402 INFOS: [326108]
org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
BandwidthEstimator for stream
org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
JVB 2017-04-20 20:27:23.412 INFOS: [326108]
org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq id=“q886c-19991”
to="focus@auth.meet.winlux.fr/focus49834168749676109"
from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>

thanks for you help

2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

Hum, it can be that the print there is causing troubles, did you tried
without enabling debug? Or at least comment that debug print that is
giving the error?

Regards
damencho

On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> wrote:
> Hi all,
> I have an issue when I want access to my own jitsi instance with user
> anonymous (guest).
>
> I already activated auth tohen to principal domain, It works perfectly.
> I can access as moderator with this link:
> https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>
> But when I want to access as guest (with no token)
> https://meet.winlux.fr/room1
>
> I have an issue:
> Prosody MUC enter in auth process “mod_token_verification.lua”, but I
> haven’t token (I’m guest).
>
> For me, virtualhost “guest” go to “conference” component (muc), and in
> this
> component there is modules_enabled = { “token_verification” }
>
> “”"
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> pre
> join: MUC room (room1@conference.meet.winlux.fr) <presence
> to=‘room1@conference.meet.winlux.fr/5934e5e9’
>
> from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
> xmlns=‘http://jabber.org/protocol/muc’/><user-agent
> xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux
> x86_64)
> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
> Safari/537.36</user-agent><c hash=‘sha-1’
> ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
> node=‘http://jitsi.org/jitsimeet
>
> xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>true</audio><video>true</video></devices><email>mickael@winlux.fr</email><nick
> xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><audiomuted
> xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
> xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><videomuted
> xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></presence>
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> Session token: nil, session room: nil
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> in
> admin with admin:
>
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> in
> admin with admin2:
>
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: nil
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room: room1
> Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
> token: nil , auth_room: nil
> Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument
> #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
> [C]: in function ‘lower’
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
> function
> <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
> </usr/lib/prosody/modules/muc/muc.lib.lua:455>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> “”"
>
> My prosody configuration:
>
> “”"
> -- Plugins path gets uncommented during jitsi-meet-tokens package
> install -
> that’s where token plugin is located
> plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
> --
> --HELP: https://github.com/jitsi/jicofo
> --https://bremensaki.com/2015/03/19/configuring-prosody/
>
> VirtualHost “meet.winlux.fr
> -- enabled = false -- Remove this line to enable this host
> --authentication = “anonymous”
> --authentication = “internal_plain” -- NO LOGIN WITH DOT !!!
> mhubert
> => OK, m.hubert => NOK !!!!!!!!!!!!
> -- authentication = “internal_hash”
> -- Properties below are modified by jitsi-meet-tokens package
> config
> -- and authentication above is switched to “token”
> authentication = “token”;
> app_id="********"
> app_secret="******"
> allow_empty_token=false
> -- Assign this host a certificate for TLS, otherwise it would
> use
> the one
> -- set in the global section (if any).
> -- Note that old-style SSL on port 5223 only supports one
> certificate, and will always
> -- use the global one.
> ssl = {
> --key = “/etc/prosody/certs/meet.winlux.fr.key”;
> key = “/etc/prosody/certs/privkey.pem”;
> --certificate = “/etc/prosody/certs/meet.winlux.fr.crt”;
> certificate = “/etc/prosody/certs/fullchain.pem”;
> }
> -- we need bosh
> modules_enabled = {
> “bosh”;
> “pubsub”;
> “ping”; -- Enable mod_ping
> “admin_telnet”;
> }
>
> --storage = “sql”
> --sql = { driver = “MySQL”, database = “jitsi”, username = “jitsi”,
> password = “********”, host = “localhost” }
>
> Component “conference.meet.winlux.fr” “muc”
> modules_enabled = { “token_verification” }
> admins = { "focus@auth.meet.winlux.fr" }
> -- restrict_room_creation = “local”
> -- restrict_room_creation = true
> ssl = {
> certificate = “/var/lib/prosody/conference.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
> }
>
> Component “jitsi-videobridge.meet.winlux.fr
> component_secret = “******”
> ssl = {
> certificate =
> “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key”;
> }
>
> VirtualHost “auth.meet.winlux.fr
> authentication = “internal_plain”
> ssl = {
> certificate = “/var/lib/prosody/auth.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
> }
>
> VirtualHost “guest.meet.winlux.fr
> authentication = “anonymous”
> allow_empty_token=true
> ssl = {
> certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
> }
>
>
>
> Component “focus.meet.winlux.fr
> component_secret = “*****”
> ssl = {
> certificate = “/var/lib/prosody/focus.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
> }
>
> Component “callcontrol.meet.winlux.fr
> component_secret = “******”
> ssl = {
> certificate = “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
> key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
> }
> “”"
>
> Deb packet installed:
> “”"
> drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
> drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
> -rw-r--r-- 1 root root 25M avril 14 18:26
> jicofo_1.0-346-1_amd64.deb
> -rw-r--r-- 1 root root 2,7K avril 19 00:26
> jitsi-meet_1.0.2013-1_all.deb
> -rw-r--r-- 1 root root 5,5K avril 19 00:00
> jitsi-meet-prosody_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 9,0K avril 19 00:00
> jitsi-meet-tokens_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 5,4M avril 19 00:00
> jitsi-meet-web_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 9,2K avril 19 00:00
> jitsi-meet-web-config_1.0.1906-1_all.deb
> -rw-r--r-- 1 root root 30M avril 19 00:24
> jitsi-videobridge_934-1_amd64.deb
>
> “”"
>
> Do you have an idea ? is it possible to have token and guest in the same
> room ?
>
> big thanks in advance :wink:
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#6

I'm sorry,
I add some logs in mod_token_verification.lua.
the line 76 for me it's:
if disableRoomNameConstraints ~= true and room ~= string.lower(auth_room)
then
line 63 for the original:
https://github.com/jitsi/jitsi-meet/blob/master/resources/prosody-plugins/mod_token_verification.lua

and auth_room doesn't exist, because I want access to the room without
token (I want be a guest). Access with token works fine, no problem with
this method.

for me, I can see in the log (first email)
1) I connect with token --> OK (I'm the moderator)
2) When I connect without token, I go to the virtualHost "
guest.meet.winlux.fr" --> OK
3) after, guest.meet.winlux.fr goes to component conference.meet.winlux.fr
-->OK
but this component uses token_verification module (normal with token
method, but not working with guest method).

I don't know if my prosody conf is good or not. Or I don't know the way to
not "route" guest access to the token module.

···

2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

can you try changing that problem line, mod_token_verification.lua:76

It is now: log("debug", "pre create: %s %s", tostring(origin),
tostring(stanza));
Can you change it to: log("debug", "pre create: %s", tostring(stanza));
And enable debugging and test again.

I think it is something about how you setup the domains, cause I was
testing that part yesterday, cause I'm currently working on the jwt
stuff and this was working fine.

Regards
damencho

On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> wrote:
> Hi,
> without debug, it’s the same issue.
>
> prosody logs with I’m connected in admin (token):
> Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it sid
> ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
> Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
> Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046ac8d255@meet.winlux.fr
>
> jicofo logs:
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
request
> for room: room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.auth.AbstractAuthAuthority.
authenticateJidWithSession().487
> Authenticated jid:
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/
9f55e1b5-f309-40a0-bc51-8f26fd8761be
> with session:
> AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr,
> JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/
9f55e1b5-f309-40a0-bc51-8f26fd8761be,
> SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
> MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
> R=room8@conference.meet.winlux.fr]@829517297
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.auth.AbstractAuthAuthority.
notifyUserAuthenticated().397
> Jid
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/
9f55e1b5-f309-40a0-bc51-8f26fd8761be
> authenticated as: b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.FocusManager.log() Created new focus for
> room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences count: 2
> options:
> call_control: callcontrol.meet.winlux.fr
> channelLastN: -1
> enableLipSync: true
> openSctp: true
> disableRtx: false
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
> null]@1175229885]
> Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role:
OWNER
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/focus joined.
> Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
discovered -
> using JVB
> Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
> null]@500755682]
> Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/1acaef35 joined.
>
> jvb logs:
> JVB 2017-04-20 20:25:41.558 INFOS: [325918]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id=“V9l6s-3661”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr” from=“meet.winlux.fr
“/>
> JVB 2017-04-20 20:25:43.394 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109”
> id=“q886c-19940”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:25:43.395 INFOS: [325919]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=7a92d43516b1ba4
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:25:43.398 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
> JVB 2017-04-20 20:25:43.399 INFOS: [325919]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.403 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
> JVB 2017-04-20 20:25:43.417 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
id=“q886c-19940”
> to="focus@auth.meet.winlux.fr/focus49834168749676109”
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
> Log when I tried to connect without token (guest mode):
> Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it sid
> ‘f40607cb-7566-4861-bbb8-aa53bc147345’
> Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
> Authenticated as 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.
winlux.fr
> Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
> [C]: in function ‘lower’
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
function
> <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
> </usr/lib/prosody/modules/muc/muc.lib.lua:455>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/core/stanza_router.lua:189: in function
> ‘core_post_stanza’
> /usr/lib/prosody/core/stanza_router.lua:137: in function
> ‘dispatch_stanza’
> /usr/lib/prosody/modules/mod_bosh.lua:322: in function ‘func’
> /usr/lib/prosody/util/async.lua:90: in function
> </usr/lib/prosody/util/async.lua:88>
> stack traceback:
> (tail call): ?
> /usr/lib/prosody/util/async.lua:163: in function ‘run’
> /usr/lib/prosody/modules/mod_bosh.lua:457: in function
‘cb_handlestanza’
> /usr/lib/prosody/util/xmppstream.lua:184: in function
> </usr/lib/prosody/util/xmppstream.lua:164>
> [C]: in function ‘parse’
> /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
> /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/net/http/server.lua:239: in function
> </usr/lib/prosody/net/http/server.lua:180>
> ...
> /usr/lib/prosody/net/http/server.lua:112: in function ‘process_next’
> /usr/lib/prosody/net/http/server.lua:128: in function ‘success_cb’
> /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
> /usr/lib/prosody/net/http/server.lua:159: in function
> </usr/lib/prosody/net/http/server.lua:158>
> (tail call): ?
> /usr/lib/prosody/net/server_select.lua:920: in function
> </usr/lib/prosody/net/server_select.lua:895>
> [C]: in function ‘xpcall’
> /usr/bin/prosody:396: in function ‘loop’
> /usr/bin/prosody:427: in main chunk
> [C]: ?
>
> jicofo logs:
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
> participant: room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant:
true,
> room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
request
> for room: room7@conference.meet.winlux.fr
>
> jvb logs:
> JVB 2017-04-20 20:27:21.560 INFOS: [326201]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq id=“V9l6s-3671”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr” from=“meet.winlux.fr
“/>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109”
> id=“q886c-19991”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=fad136c2ad8f27cf
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:27:23.398 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
> JVB 2017-04-20 20:27:23.399 INFOS: [326108]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:27:23.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:27:23.402 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
> JVB 2017-04-20 20:27:23.412 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
id=“q886c-19991”
> to="focus@auth.meet.winlux.fr/focus49834168749676109”
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
>
> thanks for you help
>
> 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>
>> Hi,
>>
>> Hum, it can be that the print there is causing troubles, did you tried
>> without enabling debug? Or at least comment that debug print that is
>> giving the error?
>>
>> Regards
>> damencho
>>
>>
>> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> > wrote:
>> > Hi all,
>> > I have an issue when I want access to my own jitsi instance with user
>> > anonymous (guest).
>> >
>> > I already activated auth tohen to principal domain, It works
perfectly.
>> > I can access as moderator with this link:
>> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>> >
>> > But when I want to access as guest (with no token)
>> > https://meet.winlux.fr/room1
>> >
>> > I have an issue:
>> > Prosody MUC enter in auth process “mod_token_verification.lua”, but I
>> > haven’t token (I’m guest).
>> >
>> > For me, virtualhost “guest” go to “conference” component (muc), and
in
>> > this
>> > component there is modules_enabled = { “token_verification” }
>> >
>> > “”"
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > pre
>> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>> >
>> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux
>> > x86_64)
>> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>> > Safari/537.36</user-agent><c hash=‘sha-1’
>> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>> > node=‘http://jitsi.org/jitsimeet
>> >
>> > xmlns=‘http://jabber.org/protocol/caps’/><devices><
>true</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
>> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</
><audiomuted
>> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
>> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><videomuted
>> > xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></presence>
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > Session token: nil, session room: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > in
>> > admin with admin:
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > in
>> > admin with admin2:
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > allowEmptyToken: false, session.auth_token: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > Will verify token for user:
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room:
room1
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification debug
>> > token: nil , auth_room: nil
>> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument
>> > #1
>> > to ‘lower’ (string expected, got nil)
>> > stack traceback:
>> > [C]: in function ‘lower’
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
>> > function
>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > “”"
>> >
>> > My prosody configuration:
>> >
>> > “”"
>> > -- Plugins path gets uncommented during jitsi-meet-tokens package
>> > install -
>> > that’s where token plugin is located
>> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>> > --
>> > --HELP: https://github.com/jitsi/jicofo
>> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>> >
>> > VirtualHost “meet.winlux.fr
>> > -- enabled = false -- Remove this line to enable this host
>> > --authentication = “anonymous”
>> > --authentication = “internal_plain” -- NO LOGIN WITH DOT !!!
>> > mhubert
>> > => OK, m.hubert => NOK !!!!!!!!!!!!
>> > -- authentication = “internal_hash”
>> > -- Properties below are modified by jitsi-meet-tokens package
>> > config
>> > -- and authentication above is switched to “token”
>> > authentication = “token”;
>> > app_id="********"
>> > app_secret="******"
>> > allow_empty_token=false
>> > -- Assign this host a certificate for TLS, otherwise it would
>> > use
>> > the one
>> > -- set in the global section (if any).
>> > -- Note that old-style SSL on port 5223 only supports one
>> > certificate, and will always
>> > -- use the global one.
>> > ssl = {
>> > --key = “/etc/prosody/certs/meet.winlux.fr.key”;
>> > key = “/etc/prosody/certs/privkey.pem”;
>> > --certificate = “/etc/prosody/certs/meet.
winlux.fr.crt”;
>> > certificate = “/etc/prosody/certs/fullchain.pem”;
>> > }
>> > -- we need bosh
>> > modules_enabled = {
>> > “bosh”;
>> > “pubsub”;
>> > “ping”; -- Enable mod_ping
>> > “admin_telnet”;
>> > }
>> >
>> > --storage = “sql”
>> > --sql = { driver = “MySQL”, database = “jitsi”, username =
“jitsi”,
>> > password = “********”, host = “localhost” }
>> >
>> > Component “conference.meet.winlux.fr” “muc”
>> > modules_enabled = { “token_verification” }
>> > admins = { "focus@auth.meet.winlux.fr" }
>> > -- restrict_room_creation = “local”
>> > -- restrict_room_creation = true
>> > ssl = {
>> > certificate = “/var/lib/prosody/conference.
meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “jitsi-videobridge.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate =
>> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “auth.meet.winlux.fr
>> > authentication = “internal_plain”
>> > ssl = {
>> > certificate = “/var/lib/prosody/auth.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “guest.meet.winlux.fr
>> > authentication = “anonymous”
>> > allow_empty_token=true
>> > ssl = {
>> > certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>> > }
>> >
>> >
>> >
>> > Component “focus.meet.winlux.fr
>> > component_secret = “*****”
>> > ssl = {
>> > certificate = “/var/lib/prosody/focus.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “callcontrol.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate = “/var/lib/prosody/callcontrol.
meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>> > }
>> > “”"
>> >
>> > Deb packet installed:
>> > “”"
>> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>> > -rw-r--r-- 1 root root 25M avril 14 18:26
>> > jicofo_1.0-346-1_amd64.deb
>> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>> > jitsi-meet_1.0.2013-1_all.deb
>> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>> > jitsi-meet-prosody_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>> > jitsi-meet-tokens_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>> > jitsi-meet-web_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>> > jitsi-meet-web-config_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 30M avril 19 00:24
>> > jitsi-videobridge_934-1_amd64.deb
>> >
>> > “”"
>> >
>> > Do you have an idea ? is it possible to have token and guest in the
same
>> > room ?
>> >
>> > big thanks in advance :wink:
>> >
>> >
>> > _______________________________________________
>> > users mailing list
>> > users@jitsi.org
>> > Unsubscribe instructions and other list options:
>> > http://lists.jitsi.org/mailman/listinfo/users
>>
>> _______________________________________________
>> users mailing list
>> users@jitsi.org
>> Unsubscribe instructions and other list options:
>> http://lists.jitsi.org/mailman/listinfo/users
>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#7

yes ! very good news !
let me know if you want other things

···

2017-04-20 21:19 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:

I'm sorry,
I add some logs in mod_token_verification.lua.
the line 76 for me it's:
if disableRoomNameConstraints ~= true and room ~= string.lower(auth_room)
then
line 63 for the original: https://github.com/jitsi/jitsi-meet/blob/master/
resources/prosody-plugins/mod_token_verification.lua

and auth_room doesn't exist, because I want access to the room without
token (I want be a guest). Access with token works fine, no problem with
this method.

for me, I can see in the log (first email)
1) I connect with token --> OK (I'm the moderator)
2) When I connect without token, I go to the virtualHost "
guest.meet.winlux.fr" --> OK
3) after, guest.meet.winlux.fr goes to component conference.meet.winlux.fr
-->OK
but this component uses token_verification module (normal with token
method, but not working with guest method).

I don't know if my prosody conf is good or not. Or I don't know the way to
not "route" guest access to the token module.

2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

can you try changing that problem line, mod_token_verification.lua:76

It is now: log("debug", "pre create: %s %s", tostring(origin),
tostring(stanza));
Can you change it to: log("debug", "pre create: %s", tostring(stanza));
And enable debugging and test again.

I think it is something about how you setup the domains, cause I was
testing that part yesterday, cause I'm currently working on the jwt
stuff and this was working fine.

Regards
damencho

On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> >> wrote:
> Hi,
> without debug, it’s the same issue.
>
> prosody logs with I’m connected in admin (token):
> Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it sid
> ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
> Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
> Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046ac8d255@meet.winlux.fr
>
> jicofo logs:
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
request
> for room: room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidW
ithSession().487
> Authenticated jid:
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
> with session:
> AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr,
> JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55
e1b5-f309-40a0-bc51-8f26fd8761be,
> SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
> MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
> R=room8@conference.meet.winlux.fr]@829517297
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthen
ticated().397
> Jid
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
> authenticated as: b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.FocusManager.log() Created new focus for
> room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences count:
2
> options:
> call_control: callcontrol.meet.winlux.fr
> channelLastN: -1
> enableLipSync: true
> openSctp: true
> disableRtx: false
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
> null]@1175229885]
> Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role:
OWNER
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/focus joined.
> Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
discovered -
> using JVB
> Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
> null]@500755682]
> Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/1acaef35 joined.
>
> jvb logs:
> JVB 2017-04-20 20:25:41.558 INFOS: [325918]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
id=“V9l6s-3661”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr” from="
meet.winlux.fr"/>
> JVB 2017-04-20 20:25:43.394 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109"
> id=“q886c-19940”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:25:43.395 INFOS: [325919]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=7a92d43516b1ba4
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:25:43.398 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
> JVB 2017-04-20 20:25:43.399 INFOS: [325919]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.403 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
> JVB 2017-04-20 20:25:43.417 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
id=“q886c-19940”
> to="focus@auth.meet.winlux.fr/focus49834168749676109"
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
> Log when I tried to connect without token (guest mode):
> Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it sid
> ‘f40607cb-7566-4861-bbb8-aa53bc147345’
> Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
> Authenticated as 586f0adb-0f2c-4606-bd66-c27622
103efd@guest.meet.winlux.fr
> Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
> [C]: in function ‘lower’
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
function
> <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
> </usr/lib/prosody/modules/muc/muc.lib.lua:455>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/core/stanza_router.lua:189: in function
> ‘core_post_stanza’
> /usr/lib/prosody/core/stanza_router.lua:137: in function
> ‘dispatch_stanza’
> /usr/lib/prosody/modules/mod_bosh.lua:322: in function ‘func’
> /usr/lib/prosody/util/async.lua:90: in function
> </usr/lib/prosody/util/async.lua:88>
> stack traceback:
> (tail call): ?
> /usr/lib/prosody/util/async.lua:163: in function ‘run’
> /usr/lib/prosody/modules/mod_bosh.lua:457: in function
‘cb_handlestanza’
> /usr/lib/prosody/util/xmppstream.lua:184: in function
> </usr/lib/prosody/util/xmppstream.lua:164>
> [C]: in function ‘parse’
> /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
> /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/net/http/server.lua:239: in function
> </usr/lib/prosody/net/http/server.lua:180>
> ...
> /usr/lib/prosody/net/http/server.lua:112: in function
‘process_next’
> /usr/lib/prosody/net/http/server.lua:128: in function ‘success_cb’
> /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
> /usr/lib/prosody/net/http/server.lua:159: in function
> </usr/lib/prosody/net/http/server.lua:158>
> (tail call): ?
> /usr/lib/prosody/net/server_select.lua:920: in function
> </usr/lib/prosody/net/server_select.lua:895>
> [C]: in function ‘xpcall’
> /usr/bin/prosody:396: in function ‘loop’
> /usr/bin/prosody:427: in main chunk
> [C]: ?
>
> jicofo logs:
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
> participant: room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant:
true,
> room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
request
> for room: room7@conference.meet.winlux.fr
>
> jvb logs:
> JVB 2017-04-20 20:27:21.560 INFOS: [326201]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
id=“V9l6s-3671”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr” from="
meet.winlux.fr"/>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109"
> id=“q886c-19991”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=fad136c2ad8f27cf
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:27:23.398 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
> JVB 2017-04-20 20:27:23.399 INFOS: [326108]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:27:23.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:27:23.402 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
> JVB 2017-04-20 20:27:23.412 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
id=“q886c-19991”
> to="focus@auth.meet.winlux.fr/focus49834168749676109"
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
>
> thanks for you help
>
> 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>
>> Hi,
>>
>> Hum, it can be that the print there is causing troubles, did you tried
>> without enabling debug? Or at least comment that debug print that is
>> giving the error?
>>
>> Regards
>> damencho
>>
>>
>> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> >> wrote:
>> > Hi all,
>> > I have an issue when I want access to my own jitsi instance with user
>> > anonymous (guest).
>> >
>> > I already activated auth tohen to principal domain, It works
perfectly.
>> > I can access as moderator with this link:
>> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>> >
>> > But when I want to access as guest (with no token)
>> > https://meet.winlux.fr/room1
>> >
>> > I have an issue:
>> > Prosody MUC enter in auth process “mod_token_verification.lua”, but I
>> > haven’t token (I’m guest).
>> >
>> > For me, virtualhost “guest” go to “conference” component (muc), and
in
>> > this
>> > component there is modules_enabled = { “token_verification” }
>> >
>> > “”"
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > pre
>> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>> >
>> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux
.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux
>> > x86_64)
>> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>> > Safari/537.36</user-agent><c hash=‘sha-1’
>> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>> > node=‘http://jitsi.org/jitsimeet
>> >
>> > xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>
true</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
>> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><
audiomuted
>> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
>> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><videomuted
>> > xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></presence>
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > Session token: nil, session room: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > in
>> > admin with admin:
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/
906b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > in
>> > admin with admin2:
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/
906b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63
f10ade@guest.meet.winlux.fr
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > allowEmptyToken: false, session.auth_token: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > Will verify token for user:
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room:
room1
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > token: nil , auth_room: nil
>> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument
>> > #1
>> > to ‘lower’ (string expected, got nil)
>> > stack traceback:
>> > [C]: in function ‘lower’
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
>> > function
>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > “”"
>> >
>> > My prosody configuration:
>> >
>> > “”"
>> > -- Plugins path gets uncommented during jitsi-meet-tokens package
>> > install -
>> > that’s where token plugin is located
>> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>> > --
>> > --HELP: https://github.com/jitsi/jicofo
>> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>> >
>> > VirtualHost “meet.winlux.fr
>> > -- enabled = false -- Remove this line to enable this host
>> > --authentication = “anonymous”
>> > --authentication = “internal_plain” -- NO LOGIN WITH DOT !!!
>> > mhubert
>> > => OK, m.hubert => NOK !!!!!!!!!!!!
>> > -- authentication = “internal_hash”
>> > -- Properties below are modified by jitsi-meet-tokens package
>> > config
>> > -- and authentication above is switched to “token”
>> > authentication = “token”;
>> > app_id="********"
>> > app_secret="******"
>> > allow_empty_token=false
>> > -- Assign this host a certificate for TLS, otherwise it would
>> > use
>> > the one
>> > -- set in the global section (if any).
>> > -- Note that old-style SSL on port 5223 only supports one
>> > certificate, and will always
>> > -- use the global one.
>> > ssl = {
>> > --key = “/etc/prosody/certs/meet.winlux.fr.key”;
>> > key = “/etc/prosody/certs/privkey.pem”;
>> > --certificate = “/etc/prosody/certs/meet.winlu
x.fr.crt”;
>> > certificate = “/etc/prosody/certs/fullchain.pem”;
>> > }
>> > -- we need bosh
>> > modules_enabled = {
>> > “bosh”;
>> > “pubsub”;
>> > “ping”; -- Enable mod_ping
>> > “admin_telnet”;
>> > }
>> >
>> > --storage = “sql”
>> > --sql = { driver = “MySQL”, database = “jitsi”, username =
“jitsi”,
>> > password = “********”, host = “localhost” }
>> >
>> > Component “conference.meet.winlux.fr” “muc”
>> > modules_enabled = { “token_verification” }
>> > admins = { "focus@auth.meet.winlux.fr" }
>> > -- restrict_room_creation = “local”
>> > -- restrict_room_creation = true
>> > ssl = {
>> > certificate = “/var/lib/prosody/conference.m
eet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “jitsi-videobridge.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate =
>> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “auth.meet.winlux.fr
>> > authentication = “internal_plain”
>> > ssl = {
>> > certificate = “/var/lib/prosody/auth.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “guest.meet.winlux.fr
>> > authentication = “anonymous”
>> > allow_empty_token=true
>> > ssl = {
>> > certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>> > }
>> >
>> >
>> >
>> > Component “focus.meet.winlux.fr
>> > component_secret = “*****”
>> > ssl = {
>> > certificate = “/var/lib/prosody/focus.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “callcontrol.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate = “/var/lib/prosody/callcontrol.
meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>> > }
>> > “”"
>> >
>> > Deb packet installed:
>> > “”"
>> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>> > -rw-r--r-- 1 root root 25M avril 14 18:26
>> > jicofo_1.0-346-1_amd64.deb
>> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>> > jitsi-meet_1.0.2013-1_all.deb
>> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>> > jitsi-meet-prosody_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>> > jitsi-meet-tokens_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>> > jitsi-meet-web_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>> > jitsi-meet-web-config_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 30M avril 19 00:24
>> > jitsi-videobridge_934-1_amd64.deb
>> >
>> > “”"
>> >
>> > Do you have an idea ? is it possible to have token and guest in the
same
>> > room ?
>> >
>> > big thanks in advance :wink:
>> >
>> >
>> > _______________________________________________
>> > users mailing list
>> > users@jitsi.org
>> > Unsubscribe instructions and other list options:
>> > http://lists.jitsi.org/mailman/listinfo/users
>>
>> _______________________________________________
>> users mailing list
>> users@jitsi.org
>> Unsubscribe instructions and other list options:
>> http://lists.jitsi.org/mailman/listinfo/users
>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#8

maybe this could help you:

*Part of prosody log with token:*
Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
Received[c2s]: <iq id='7ff5efae-9541-416c-9ebd-397bf2d61aee:sendIQ'
type='get' to='guest.meet.winlux.fr' from='
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
'>
Apr 20 21:26:31 mod_bosh debug BOSH stanza received: <iq
id='d9a096fe-66b3-4798-a251-cfa37cb11b36:sendIQ' type='set' to='
focus.meet.winlux.fr'>

Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
Received[c2s]: <presence to='room8@conference.meet.winlux.fr/b2871938'>
Apr 20 21:25:03 conference.meet.winlux.fr:muc debug no occupant found
for room8@conference.meet.winlux.fr/b2871938; creating new occupant object
for
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f

Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
Session token: ******************, session room: room8
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug in
admin with admin:
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug in
admin with admin2:
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
TEST MIKA : b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
allowEmptyToken: false, session.auth_token: ***************
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
auth_room: room8, room: room8@conference.meet.winlux.fr/b2871938
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
Will verify token for user:
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr, room: room8
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
token: ***************** , auth_room: room8
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
allowed: b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr to
enter/create room: room8

*Part of prosody log with guest:*Apr 20 21:25:03
Apr 20 21:25:03 mod_bosh debug BOSH stanza received: <iq
id='abd6301f-8219-4921-9948-96a15ea9597c:sendIQ' type='set' to='
focus.meet.winlux.fr'>

Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
Received[c2s]: <presence to='room8@conference.meet.winlux.fr/62f12864'>
Apr 20 21:26:31 conference.meet.winlux.fr:muc debug no occupant found
for room8@conference.meet.winlux.fr/62f12864; creating new occupant object
for
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389

Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
Session token: nil, session room: nil
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug in
admin with admin:
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug in
admin with admin2:
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
TEST MIKA : 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
allowEmptyToken: false, session.auth_token: nil
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
auth_room: nil, room: room8@conference.meet.winlux.fr/62f12864
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
Will verify token for user:
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr, room: room8
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
token: nil , auth_room: nil
Apr 20 21:26:31 mod_bosh error Traceback[bosh]:
...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument #1
to 'lower' (string expected, got nil)
stack traceback:

in France it's 9PM and I will shutdown my computer soon :wink:

thanks for your help !

···

bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug Received[c2s]: <iq id='930cfc4c-cdcc-4abc-8495-e2260f3fc509:sendIQ' type='get' to=' meet.winlux.fr' from=' b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f '>

2017-04-20 21:22 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:

yes ! very good news !
let me know if you want other things

2017-04-20 21:19 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:

I'm sorry,
I add some logs in mod_token_verification.lua.
the line 76 for me it's:
if disableRoomNameConstraints ~= true and room ~= string.lower(auth_room)
then
line 63 for the original: https://github.com/jitsi/jitsi
-meet/blob/master/resources/prosody-plugins/mod_token_verification.lua

and auth_room doesn't exist, because I want access to the room without
token (I want be a guest). Access with token works fine, no problem with
this method.

for me, I can see in the log (first email)
1) I connect with token --> OK (I'm the moderator)
2) When I connect without token, I go to the virtualHost "
guest.meet.winlux.fr" --> OK
3) after, guest.meet.winlux.fr goes to component
conference.meet.winlux.fr -->OK
but this component uses token_verification module (normal with token
method, but not working with guest method).

I don't know if my prosody conf is good or not. Or I don't know the way
to not "route" guest access to the token module.

2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

can you try changing that problem line, mod_token_verification.lua:76

It is now: log("debug", "pre create: %s %s", tostring(origin),
tostring(stanza));
Can you change it to: log("debug", "pre create: %s", tostring(stanza));
And enable debugging and test again.

I think it is something about how you setup the domains, cause I was
testing that part yesterday, cause I'm currently working on the jwt
stuff and this was working fine.

Regards
damencho

On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> >>> wrote:
> Hi,
> without debug, it’s the same issue.
>
> prosody logs with I’m connected in admin (token):
> Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it sid
> ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
> Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
> Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046ac8d255@meet.winlux.fr
>
> jicofo logs:
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
request
> for room: room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidW
ithSession().487
> Authenticated jid:
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
> with session:
> AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr,
> JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55
e1b5-f309-40a0-bc51-8f26fd8761be,
> SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
> MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
> R=room8@conference.meet.winlux.fr]@829517297
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthen
ticated().397
> Jid
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
> authenticated as: b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.FocusManager.log() Created new focus for
> room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences
count: 2
> options:
> call_control: callcontrol.meet.winlux.fr
> channelLastN: -1
> enableLipSync: true
> openSctp: true
> disableRtx: false
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
> null]@1175229885]
> Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role:
OWNER
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/focus joined.
> Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
discovered -
> using JVB
> Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
> null]@500755682]
> Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/1acaef35 joined.
>
> jvb logs:
> JVB 2017-04-20 20:25:41.558 INFOS: [325918]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
id=“V9l6s-3661”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr” from="
meet.winlux.fr"/>
> JVB 2017-04-20 20:25:43.394 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109"
> id=“q886c-19940”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:25:43.395 INFOS: [325919]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=7a92d43516b1ba4
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:25:43.398 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
> JVB 2017-04-20 20:25:43.399 INFOS: [325919]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.403 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
> JVB 2017-04-20 20:25:43.417 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
id=“q886c-19940”
> to="focus@auth.meet.winlux.fr/focus49834168749676109"
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
> Log when I tried to connect without token (guest mode):
> Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it sid
> ‘f40607cb-7566-4861-bbb8-aa53bc147345’
> Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
> Authenticated as 586f0adb-0f2c-4606-bd66-c27622
103efd@guest.meet.winlux.fr
> Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
> [C]: in function ‘lower’
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
function
> <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
> </usr/lib/prosody/modules/muc/muc.lib.lua:455>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/core/stanza_router.lua:189: in function
> ‘core_post_stanza’
> /usr/lib/prosody/core/stanza_router.lua:137: in function
> ‘dispatch_stanza’
> /usr/lib/prosody/modules/mod_bosh.lua:322: in function ‘func’
> /usr/lib/prosody/util/async.lua:90: in function
> </usr/lib/prosody/util/async.lua:88>
> stack traceback:
> (tail call): ?
> /usr/lib/prosody/util/async.lua:163: in function ‘run’
> /usr/lib/prosody/modules/mod_bosh.lua:457: in function
‘cb_handlestanza’
> /usr/lib/prosody/util/xmppstream.lua:184: in function
> </usr/lib/prosody/util/xmppstream.lua:164>
> [C]: in function ‘parse’
> /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
> /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/net/http/server.lua:239: in function
> </usr/lib/prosody/net/http/server.lua:180>
> ...
> /usr/lib/prosody/net/http/server.lua:112: in function
‘process_next’
> /usr/lib/prosody/net/http/server.lua:128: in function ‘success_cb’
> /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
> /usr/lib/prosody/net/http/server.lua:159: in function
> </usr/lib/prosody/net/http/server.lua:158>
> (tail call): ?
> /usr/lib/prosody/net/server_select.lua:920: in function
> </usr/lib/prosody/net/server_select.lua:895>
> [C]: in function ‘xpcall’
> /usr/bin/prosody:396: in function ‘loop’
> /usr/bin/prosody:427: in main chunk
> [C]: ?
>
> jicofo logs:
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
> participant: room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant:
true,
> room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
request
> for room: room7@conference.meet.winlux.fr
>
> jvb logs:
> JVB 2017-04-20 20:27:21.560 INFOS: [326201]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
id=“V9l6s-3671”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr” from="
meet.winlux.fr"/>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109"
> id=“q886c-19991”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=fad136c2ad8f27cf
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:27:23.398 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
> JVB 2017-04-20 20:27:23.399 INFOS: [326108]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=922337203
6854775807
> JVB 2017-04-20 20:27:23.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994 target_bps=0,bwe_bps=922337203
6854775807
> JVB 2017-04-20 20:27:23.402 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
> JVB 2017-04-20 20:27:23.412 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
id=“q886c-19991”
> to="focus@auth.meet.winlux.fr/focus49834168749676109"
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
>
> thanks for you help
>
> 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>
>> Hi,
>>
>> Hum, it can be that the print there is causing troubles, did you tried
>> without enabling debug? Or at least comment that debug print that is
>> giving the error?
>>
>> Regards
>> damencho
>>
>>
>> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> >>> wrote:
>> > Hi all,
>> > I have an issue when I want access to my own jitsi instance with
user
>> > anonymous (guest).
>> >
>> > I already activated auth tohen to principal domain, It works
perfectly.
>> > I can access as moderator with this link:
>> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>> >
>> > But when I want to access as guest (with no token)
>> > https://meet.winlux.fr/room1
>> >
>> > I have an issue:
>> > Prosody MUC enter in auth process “mod_token_verification.lua”, but
I
>> > haven’t token (I’m guest).
>> >
>> > For me, virtualhost “guest” go to “conference” component (muc),
and in
>> > this
>> > component there is modules_enabled = { “token_verification” }
>> >
>> > “”"
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > pre
>> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>> >
>> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux
.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux
>> > x86_64)
>> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>> > Safari/537.36</user-agent><c hash=‘sha-1’
>> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>> > node=‘http://jitsi.org/jitsimeet
>> >
>> > xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>tru
e</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
>> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><
audiomuted
>> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
>> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><vi
deomuted
>> > xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></p
>
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > Session token: nil, session room: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > in
>> > admin with admin:
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/90
6b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > in
>> > admin with admin2:
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/90
6b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > TEST MIKA : 5934e5e9-9655-4548-a038-0d4f63
f10ade@guest.meet.winlux.fr
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > allowEmptyToken: false, session.auth_token: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > Will verify token for user:
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room:
room1
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
debug
>> > token: nil , auth_room: nil
>> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument
>> > #1
>> > to ‘lower’ (string expected, got nil)
>> > stack traceback:
>> > [C]: in function ‘lower’
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
>> > function
>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > “”"
>> >
>> > My prosody configuration:
>> >
>> > “”"
>> > -- Plugins path gets uncommented during jitsi-meet-tokens package
>> > install -
>> > that’s where token plugin is located
>> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>> > --
>> > --HELP: https://github.com/jitsi/jicofo
>> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>> >
>> > VirtualHost “meet.winlux.fr
>> > -- enabled = false -- Remove this line to enable this host
>> > --authentication = “anonymous”
>> > --authentication = “internal_plain” -- NO LOGIN WITH DOT !!!
>> > mhubert
>> > => OK, m.hubert => NOK !!!!!!!!!!!!
>> > -- authentication = “internal_hash”
>> > -- Properties below are modified by jitsi-meet-tokens
package
>> > config
>> > -- and authentication above is switched to “token”
>> > authentication = “token”;
>> > app_id="********"
>> > app_secret="******"
>> > allow_empty_token=false
>> > -- Assign this host a certificate for TLS, otherwise it
would
>> > use
>> > the one
>> > -- set in the global section (if any).
>> > -- Note that old-style SSL on port 5223 only supports one
>> > certificate, and will always
>> > -- use the global one.
>> > ssl = {
>> > --key = “/etc/prosody/certs/meet.winlux.fr.key”;
>> > key = “/etc/prosody/certs/privkey.pem”;
>> > --certificate = “/etc/prosody/certs/meet.winlu
x.fr.crt”;
>> > certificate = “/etc/prosody/certs/fullchain.pem”;
>> > }
>> > -- we need bosh
>> > modules_enabled = {
>> > “bosh”;
>> > “pubsub”;
>> > “ping”; -- Enable mod_ping
>> > “admin_telnet”;
>> > }
>> >
>> > --storage = “sql”
>> > --sql = { driver = “MySQL”, database = “jitsi”, username =
“jitsi”,
>> > password = “********”, host = “localhost” }
>> >
>> > Component “conference.meet.winlux.fr” “muc”
>> > modules_enabled = { “token_verification” }
>> > admins = { "focus@auth.meet.winlux.fr" }
>> > -- restrict_room_creation = “local”
>> > -- restrict_room_creation = true
>> > ssl = {
>> > certificate = “/var/lib/prosody/conference.m
eet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “jitsi-videobridge.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate =
>> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “auth.meet.winlux.fr
>> > authentication = “internal_plain”
>> > ssl = {
>> > certificate = “/var/lib/prosody/auth.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “guest.meet.winlux.fr
>> > authentication = “anonymous”
>> > allow_empty_token=true
>> > ssl = {
>> > certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>> > }
>> >
>> >
>> >
>> > Component “focus.meet.winlux.fr
>> > component_secret = “*****”
>> > ssl = {
>> > certificate = “/var/lib/prosody/focus.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “callcontrol.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate = “/var/lib/prosody/callcontrol.
meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>> > }
>> > “”"
>> >
>> > Deb packet installed:
>> > “”"
>> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>> > -rw-r--r-- 1 root root 25M avril 14 18:26
>> > jicofo_1.0-346-1_amd64.deb
>> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>> > jitsi-meet_1.0.2013-1_all.deb
>> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>> > jitsi-meet-prosody_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>> > jitsi-meet-tokens_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>> > jitsi-meet-web_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>> > jitsi-meet-web-config_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 30M avril 19 00:24
>> > jitsi-videobridge_934-1_amd64.deb
>> >
>> > “”"
>> >
>> > Do you have an idea ? is it possible to have token and guest in the
same
>> > room ?
>> >
>> > big thanks in advance :wink:
>> >
>> >
>> > _______________________________________________
>> > users mailing list
>> > users@jitsi.org
>> > Unsubscribe instructions and other list options:
>> > http://lists.jitsi.org/mailman/listinfo/users
>>
>> _______________________________________________
>> users mailing list
>> users@jitsi.org
>> Unsubscribe instructions and other list options:
>> http://lists.jitsi.org/mailman/listinfo/users
>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#9

Hi,

So to make it work you need few more option.
Under your main virtual host where you configure the token you need to
add disable_room_name_constraints = true, like:
VirtualHost "meet.winlux.fr"
    authentication = "token";
        app_id="********"
        app_secret="******"
        disable_room_name_constraints = true

The muc config should be:
Component "conference.meet.winlux.fr" "muc"
    modules_enabled = { "token_verification" }
    restrict_room_creation = true
    .....
So only admins should be able to create the room, but in order to
achieve that you need and a setting in Jicofo, in
/etc/jitsi/jicofo/sip-communicator.properties:
org.jitsi.jicofo.auth.URL=XMPP:meet.winlux.fr

This is working on my side. So the case is that room name verification
(verifying the room name coming from the token with the room name that
is about to be created) is not working with this scheme.

Regards
damencho

···

On Thu, Apr 20, 2017 at 2:39 PM, Mickael Hubert <mickael@winlux.fr> wrote:

maybe this could help you:

Part of prosody log with token:
Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
Received[c2s]: <iq id='7ff5efae-9541-416c-9ebd-397bf2d61aee:sendIQ'
type='get' to='guest.meet.winlux.fr'
from='62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389'>
Apr 20 21:26:31 mod_bosh debug BOSH stanza received: <iq
id='d9a096fe-66b3-4798-a251-cfa37cb11b36:sendIQ' type='set'
to='focus.meet.winlux.fr'>

Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
Received[c2s]: <presence to='room8@conference.meet.winlux.fr/b2871938'>
Apr 20 21:25:03 conference.meet.winlux.fr:muc debug no occupant found
for room8@conference.meet.winlux.fr/b2871938; creating new occupant object
for
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f

Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
Session token: ******************, session room: room8
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug in
admin with admin:
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug in
admin with admin2:
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
TEST MIKA : b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
allowEmptyToken: false, session.auth_token: ***************
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
auth_room: room8, room: room8@conference.meet.winlux.fr/b2871938
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
Will verify token for user:
b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr, room: room8
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
token: ***************** , auth_room: room8
Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
allowed: b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr to enter/create
room: room8

Part of prosody log with guest:
Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
Received[c2s]: <iq id='930cfc4c-cdcc-4abc-8495-e2260f3fc509:sendIQ'
type='get' to='meet.winlux.fr'
from='b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804-9ff3-4a19-9413-bb570c29402f'>
Apr 20 21:25:03 mod_bosh debug BOSH stanza received: <iq
id='abd6301f-8219-4921-9948-96a15ea9597c:sendIQ' type='set'
to='focus.meet.winlux.fr'>

Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
Received[c2s]: <presence to='room8@conference.meet.winlux.fr/62f12864'>
Apr 20 21:26:31 conference.meet.winlux.fr:muc debug no occupant found
for room8@conference.meet.winlux.fr/62f12864; creating new occupant object
for
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389

Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
Session token: nil, session room: nil
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug in
admin with admin:
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug in
admin with admin2:
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
TEST MIKA : 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
allowEmptyToken: false, session.auth_token: nil
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
auth_room: nil, room: room8@conference.meet.winlux.fr/62f12864
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
Will verify token for user:
62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr, room: room8
Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
token: nil , auth_room: nil
Apr 20 21:26:31 mod_bosh error Traceback[bosh]:
...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad argument #1
to 'lower' (string expected, got nil)
stack traceback:

in France it's 9PM and I will shutdown my computer soon :wink:

thanks for your help !

2017-04-20 21:22 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:

yes ! very good news !
let me know if you want other things

2017-04-20 21:19 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:

I'm sorry,
I add some logs in mod_token_verification.lua.
the line 76 for me it's:
if disableRoomNameConstraints ~= true and room ~= string.lower(auth_room)
then
line 63 for the original:
https://github.com/jitsi/jitsi-meet/blob/master/resources/prosody-plugins/mod_token_verification.lua

and auth_room doesn't exist, because I want access to the room without
token (I want be a guest). Access with token works fine, no problem with
this method.

for me, I can see in the log (first email)
1) I connect with token --> OK (I'm the moderator)
2) When I connect without token, I go to the virtualHost
"guest.meet.winlux.fr" --> OK
3) after, guest.meet.winlux.fr goes to component
conference.meet.winlux.fr -->OK
but this component uses token_verification module (normal with token
method, but not working with guest method).

I don't know if my prosody conf is good or not. Or I don't know the way
to not "route" guest access to the token module.

2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

can you try changing that problem line, mod_token_verification.lua:76

It is now: log("debug", "pre create: %s %s", tostring(origin),
tostring(stanza));
Can you change it to: log("debug", "pre create: %s", tostring(stanza));
And enable debugging and test again.

I think it is something about how you setup the domains, cause I was
testing that part yesterday, cause I'm currently working on the jwt
stuff and this was working fine.

Regards
damencho

On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> >>>> wrote:
> Hi,
> without debug, it’s the same issue.
>
> prosody logs with I’m connected in admin (token):
> Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it sid
> ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
> Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
> Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046ac8d255@meet.winlux.fr
>
> jicofo logs:
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
> request
> for room: room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>
> org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidWithSession().487
> Authenticated jid:
>
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
> with session:
> AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr,
>
> JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be,
> SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
> MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
> R=room8@conference.meet.winlux.fr]@829517297
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>
> org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthenticated().397
> Jid
>
> 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5-f309-40a0-bc51-8f26fd8761be
> authenticated as: b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
> org.jitsi.jicofo.FocusManager.log() Created new focus for
> room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences count:
> 2
> options:
> call_control: callcontrol.meet.winlux.fr
> channelLastN: -1
> enableLipSync: true
> openSctp: true
> disableRtx: false
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
> room6@conference.meet.winlux.fr
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
> null]@1175229885]
> Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role:
> OWNER
> Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/focus joined.
> Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
> org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
> discovered -
> using JVB
> Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
> org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
> ChatRoomMemberPresenceChangeEvent[type=MemberJoined
> sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
> member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
> null]@500755682]
> Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
> room6@conference.meet.winlux.fr/1acaef35 joined.
>
> jvb logs:
> JVB 2017-04-20 20:25:41.558 INFOS: [325918]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
> id=“V9l6s-3661”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr
> from=“meet.winlux.fr”/>
> JVB 2017-04-20 20:25:43.394 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109"
> id=“q886c-19940”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:25:43.395 INFOS: [325919]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=7a92d43516b1ba4
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:25:43.398 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
> JVB 2017-04-20 20:25:43.399 INFOS: [325919]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:25:43.403 INFOS: [325919]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
> JVB 2017-04-20 20:25:43.417 INFOS: [325919]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
> id=“q886c-19940”
> to="focus@auth.meet.winlux.fr/focus49834168749676109"
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
> Log when I tried to connect without token (guest mode):
> Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it sid
> ‘f40607cb-7566-4861-bbb8-aa53bc147345’
> Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
> Authenticated as
> 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
> Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
> argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
> [C]: in function ‘lower’
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
> function
> <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
> </usr/lib/prosody/modules/muc/muc.lib.lua:455>
> (tail call): ?
> (tail call): ?
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/core/stanza_router.lua:189: in function
> ‘core_post_stanza’
> /usr/lib/prosody/core/stanza_router.lua:137: in function
> ‘dispatch_stanza’
> /usr/lib/prosody/modules/mod_bosh.lua:322: in function ‘func’
> /usr/lib/prosody/util/async.lua:90: in function
> </usr/lib/prosody/util/async.lua:88>
> stack traceback:
> (tail call): ?
> /usr/lib/prosody/util/async.lua:163: in function ‘run’
> /usr/lib/prosody/modules/mod_bosh.lua:457: in function
> ‘cb_handlestanza’
> /usr/lib/prosody/util/xmppstream.lua:184: in function
> </usr/lib/prosody/util/xmppstream.lua:164>
> [C]: in function ‘parse’
> /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
> /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
> /usr/lib/prosody/util/events.lua:78: in function
> </usr/lib/prosody/util/events.lua:74>
> (tail call): ?
> /usr/lib/prosody/net/http/server.lua:239: in function
> </usr/lib/prosody/net/http/server.lua:180>
> ...
> /usr/lib/prosody/net/http/server.lua:112: in function
> ‘process_next’
> /usr/lib/prosody/net/http/server.lua:128: in function ‘success_cb’
> /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
> /usr/lib/prosody/net/http/server.lua:159: in function
> </usr/lib/prosody/net/http/server.lua:158>
> (tail call): ?
> /usr/lib/prosody/net/server_select.lua:920: in function
> </usr/lib/prosody/net/server_select.lua:895>
> [C]: in function ‘xpcall’
> /usr/bin/prosody:396: in function ‘loop’
> /usr/bin/prosody:427: in main chunk
> [C]: ?
>
> jicofo logs:
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
> participant: room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
> org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant:
> true,
> room7@conference.meet.winlux.fr/d7e6131e
> Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
> org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
> request
> for room: room7@conference.meet.winlux.fr
>
> jvb logs:
> JVB 2017-04-20 20:27:21.560 INFOS: [326201]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
> id=“V9l6s-3671”
> type=“result” to=“jitsi-videobridge.meet.winlux.fr
> from=“meet.winlux.fr”/>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
> to=“jitsi-videobridge.meet.winlux.fr
> from="focus@auth.meet.winlux.fr/focus49834168749676109"
> id=“q886c-19991”><healthcheck
> xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
> JVB 2017-04-20 20:27:23.394 INFOS: [326108]
> org.jitsi.videobridge.Videobridge.log() CAT=stat
> create_conf,conf_id=fad136c2ad8f27cf
> conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
> JVB 2017-04-20 20:27:23.398 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
> JVB 2017-04-20 20:27:23.399 INFOS: [326108]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994
> target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:27:23.399 INFOS: [36]
> org.jitsi.videobridge.cc.BitrateController.log()
> bitrate_ctrl,stream=1436393994
> target_bps=0,bwe_bps=9223372036854775807
> JVB 2017-04-20 20:27:23.402 INFOS: [326108]
> org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
> BandwidthEstimator for stream
> org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
> JVB 2017-04-20 20:27:23.412 INFOS: [326108]
> org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
> id=“q886c-19991”
> to="focus@auth.meet.winlux.fr/focus49834168749676109"
> from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>
>
> thanks for you help
>
> 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>
>> Hi,
>>
>> Hum, it can be that the print there is causing troubles, did you
>> tried
>> without enabling debug? Or at least comment that debug print that is
>> giving the error?
>>
>> Regards
>> damencho
>>
>>
>> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr> >>>> >> wrote:
>> > Hi all,
>> > I have an issue when I want access to my own jitsi instance with
>> > user
>> > anonymous (guest).
>> >
>> > I already activated auth tohen to principal domain, It works
>> > perfectly.
>> > I can access as moderator with this link:
>> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>> >
>> > But when I want to access as guest (with no token)
>> > https://meet.winlux.fr/room1
>> >
>> > I have an issue:
>> > Prosody MUC enter in auth process “mod_token_verification.lua”, but
>> > I
>> > haven’t token (I’m guest).
>> >
>> > For me, virtualhost “guest” go to “conference” component (muc),
>> > and in
>> > this
>> > component there is modules_enabled = { “token_verification” }
>> >
>> > “”"
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > pre
>> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>> >
>> >
>> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11; Linux
>> > x86_64)
>> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>> > Safari/537.36</user-agent><c hash=‘sha-1’
>> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>> > node=‘http://jitsi.org/jitsimeet
>> >
>> >
>> > xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>true</audio><video>true</video></devices><email>mickael@winlux.fr</email><nick
>> >
>> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><audiomuted
>> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><videoType
>> >
>> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><videomuted
>> >
>> > xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></presence>
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > Session token: nil, session room: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > in
>> > admin with admin:
>> >
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > in
>> > admin with admin2:
>> >
>> >
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > TEST MIKA :
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > allowEmptyToken: false, session.auth_token: nil
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > Will verify token for user:
>> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room:
>> > room1
>> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>> > debug
>> > token: nil , auth_room: nil
>> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
>> > argument
>> > #1
>> > to ‘lower’ (string expected, got nil)
>> > stack traceback:
>> > [C]: in function ‘lower’
>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
>> > function
>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>> > (tail call): ?
>> > (tail call): ?
>> > /usr/lib/prosody/util/events.lua:78: in function
>> > </usr/lib/prosody/util/events.lua:74>
>> > “”"
>> >
>> > My prosody configuration:
>> >
>> > “”"
>> > -- Plugins path gets uncommented during jitsi-meet-tokens package
>> > install -
>> > that’s where token plugin is located
>> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>> > --
>> > --HELP: https://github.com/jitsi/jicofo
>> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>> >
>> > VirtualHost “meet.winlux.fr
>> > -- enabled = false -- Remove this line to enable this host
>> > --authentication = “anonymous”
>> > --authentication = “internal_plain” -- NO LOGIN WITH DOT
>> > !!!
>> > mhubert
>> > => OK, m.hubert => NOK !!!!!!!!!!!!
>> > -- authentication = “internal_hash”
>> > -- Properties below are modified by jitsi-meet-tokens
>> > package
>> > config
>> > -- and authentication above is switched to “token”
>> > authentication = “token”;
>> > app_id="********"
>> > app_secret="******"
>> > allow_empty_token=false
>> > -- Assign this host a certificate for TLS, otherwise it
>> > would
>> > use
>> > the one
>> > -- set in the global section (if any).
>> > -- Note that old-style SSL on port 5223 only supports one
>> > certificate, and will always
>> > -- use the global one.
>> > ssl = {
>> > --key = “/etc/prosody/certs/meet.winlux.fr.key”;
>> > key = “/etc/prosody/certs/privkey.pem”;
>> > --certificate =
>> > “/etc/prosody/certs/meet.winlux.fr.crt”;
>> > certificate = “/etc/prosody/certs/fullchain.pem”;
>> > }
>> > -- we need bosh
>> > modules_enabled = {
>> > “bosh”;
>> > “pubsub”;
>> > “ping”; -- Enable mod_ping
>> > “admin_telnet”;
>> > }
>> >
>> > --storage = “sql”
>> > --sql = { driver = “MySQL”, database = “jitsi”, username =
>> > “jitsi”,
>> > password = “********”, host = “localhost” }
>> >
>> > Component “conference.meet.winlux.fr” “muc”
>> > modules_enabled = { “token_verification” }
>> > admins = { "focus@auth.meet.winlux.fr" }
>> > -- restrict_room_creation = “local”
>> > -- restrict_room_creation = true
>> > ssl = {
>> > certificate =
>> > “/var/lib/prosody/conference.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “jitsi-videobridge.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate =
>> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “auth.meet.winlux.fr
>> > authentication = “internal_plain”
>> > ssl = {
>> > certificate = “/var/lib/prosody/auth.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>> > }
>> >
>> > VirtualHost “guest.meet.winlux.fr
>> > authentication = “anonymous”
>> > allow_empty_token=true
>> > ssl = {
>> > certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>> > }
>> >
>> >
>> >
>> > Component “focus.meet.winlux.fr
>> > component_secret = “*****”
>> > ssl = {
>> > certificate = “/var/lib/prosody/focus.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>> > }
>> >
>> > Component “callcontrol.meet.winlux.fr
>> > component_secret = “******”
>> > ssl = {
>> > certificate =
>> > “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
>> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>> > }
>> > “”"
>> >
>> > Deb packet installed:
>> > “”"
>> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>> > -rw-r--r-- 1 root root 25M avril 14 18:26
>> > jicofo_1.0-346-1_amd64.deb
>> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>> > jitsi-meet_1.0.2013-1_all.deb
>> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>> > jitsi-meet-prosody_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>> > jitsi-meet-tokens_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>> > jitsi-meet-web_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>> > jitsi-meet-web-config_1.0.1906-1_all.deb
>> > -rw-r--r-- 1 root root 30M avril 19 00:24
>> > jitsi-videobridge_934-1_amd64.deb
>> >
>> > “”"
>> >
>> > Do you have an idea ? is it possible to have token and guest in the
>> > same
>> > room ?
>> >
>> > big thanks in advance :wink:
>> >
>> >
>> > _______________________________________________
>> > users mailing list
>> > users@jitsi.org
>> > Unsubscribe instructions and other list options:
>> > http://lists.jitsi.org/mailman/listinfo/users
>>
>> _______________________________________________
>> users mailing list
>> users@jitsi.org
>> Unsubscribe instructions and other list options:
>> http://lists.jitsi.org/mailman/listinfo/users
>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#10

Bravo !
it works !!!

thank you very much !

next issue now :wink:

screenshot below :

···

2017-04-20 22:03 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

So to make it work you need few more option.
Under your main virtual host where you configure the token you need to
add disable_room_name_constraints = true, like:
VirtualHost "meet.winlux.fr"
    authentication = "token";
        app_id="********"
        app_secret="******"
        disable_room_name_constraints = true

The muc config should be:
Component "conference.meet.winlux.fr" "muc"
    modules_enabled = { "token_verification" }
    restrict_room_creation = true
    .....
So only admins should be able to create the room, but in order to
achieve that you need and a setting in Jicofo, in
/etc/jitsi/jicofo/sip-communicator.properties:
org.jitsi.jicofo.auth.URL=XMPP:meet.winlux.fr

This is working on my side. So the case is that room name verification
(verifying the room name coming from the token with the room name that
is about to be created) is not working with this scheme.

Regards
damencho

On Thu, Apr 20, 2017 at 2:39 PM, Mickael Hubert <mickael@winlux.fr> wrote:
> maybe this could help you:
>
> Part of prosody log with token:
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <iq id=‘7ff5efae-9541-416c-9ebd-397bf2d61aee:sendIQ’
> type=‘get’ to=‘guest.meet.winlux.fr
> from=‘62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.
winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389’>
> Apr 20 21:26:31 mod_bosh debug BOSH stanza received: <iq
> id=‘d9a096fe-66b3-4798-a251-cfa37cb11b36:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <presence to=‘room8@conference.meet.winlux.fr/b2871938’>
> Apr 20 21:25:03 conference.meet.winlux.fr:muc debug no occupant
found
> for room8@conference.meet.winlux.fr/b2871938; creating new occupant
object
> for
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/
6932d804-9ff3-4a19-9413-bb570c29402f
>
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Session token: ******************, session room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/
6932d804-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin2:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/
6932d804-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: ***************
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> auth_room: room8, room: room8@conference.meet.winlux.fr/b2871938
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr, room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> token: ***************** , auth_room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowed: b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr to
enter/create
> room: room8
>
> Part of prosody log with guest:
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <iq id=‘930cfc4c-cdcc-4abc-8495-e2260f3fc509:sendIQ’
> type=‘get’ to=‘meet.winlux.fr
> from=‘b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/
6932d804-9ff3-4a19-9413-bb570c29402f’>
> Apr 20 21:25:03 mod_bosh debug BOSH stanza received: <iq
> id=‘abd6301f-8219-4921-9948-96a15ea9597c:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <presence to=‘room8@conference.meet.winlux.fr/62f12864’>
> Apr 20 21:26:31 conference.meet.winlux.fr:muc debug no occupant
found
> for room8@conference.meet.winlux.fr/62f12864; creating new occupant
object
> for
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.
winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
>
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Session token: nil, session room: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.
winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin2:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.
winlux.fr/28549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> auth_room: nil, room: room8@conference.meet.winlux.fr/62f12864
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr, room: room8
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> token: nil , auth_room: nil
> Apr 20 21:26:31 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
>
> in France it’s 9PM and I will shutdown my computer soon :wink:
>
> thanks for your help !
>
> 2017-04-20 21:22 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>
>> yes ! very good news !
>> let me know if you want other things
>>
>>
>> 2017-04-20 21:19 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>>
>>> I’m sorry,
>>> I add some logs in mod_token_verification.lua.
>>> the line 76 for me it’s:
>>> if disableRoomNameConstraints ~= true and room ~=
string.lower(auth_room)
>>> then
>>> line 63 for the original:
>>> https://github.com/jitsi/jitsi-meet/blob/master/
resources/prosody-plugins/mod_token_verification.lua
>>>
>>> and auth_room doesn’t exist, because I want access to the room without
>>> token (I want be a guest). Access with token works fine, no problem
with
>>> this method.
>>>
>>> for me, I can see in the log (first email)
>>> 1) I connect with token --> OK (I’m the moderator)
>>> 2) When I connect without token, I go to the virtualHost
>>> “guest.meet.winlux.fr” --> OK
>>> 3) after, guest.meet.winlux.fr goes to component
>>> conference.meet.winlux.fr -->OK
>>> but this component uses token_verification module (normal with token
>>> method, but not working with guest method).
>>>
>>> I don’t know if my prosody conf is good or not. Or I don’t know the way
>>> to not “route” guest access to the token module.
>>>
>>>
>>>
>>> 2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>>
>>>> Hi,
>>>>
>>>> can you try changing that problem line, mod_token_verification.lua:76
>>>>
>>>> It is now: log(“debug”, “pre create: %s %s”, tostring(origin),
>>>> tostring(stanza));
>>>> Can you change it to: log(“debug”, “pre create: %s”,
tostring(stanza));
>>>> And enable debugging and test again.
>>>>
>>>> I think it is something about how you setup the domains, cause I was
>>>> testing that part yesterday, cause I’m currently working on the jwt
>>>> stuff and this was working fine.
>>>>
>>>> Regards
>>>> damencho
>>>>
>>>>
>>>> On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> > >>>> wrote:
>>>> > Hi,
>>>> > without debug, it’s the same issue.
>>>> >
>>>> > prosody logs with I’m connected in admin (token):
>>>> > Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it
sid
>>>> > ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
>>>> > Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
>>>> > Authenticated as 583f66e8-ffeb-4f4e-85f8-
bd046ac8d255@meet.winlux.fr
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
>>>> > request
>>>> > for room: room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.
authenticateJidWithSession().487
>>>> > Authenticated jid:
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/
9f55e1b5-f309-40a0-bc51-8f26fd8761be
>>>> > with session:
>>>> > AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr,
>>>> >
>>>> > JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/
9f55e1b5-f309-40a0-bc51-8f26fd8761be,
>>>> > SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
>>>> > MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
>>>> > R=room8@conference.meet.winlux.fr]@829517297
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.
notifyUserAuthenticated().397
>>>> > Jid
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/
9f55e1b5-f309-40a0-bc51-8f26fd8761be
>>>> > authenticated as: b7051b9c-2535-4faf-8643-
f55c276e0cde@meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.FocusManager.log() Created new focus for
>>>> > room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences
count:
>>>> > 2
>>>> > options:
>>>> > call_control: callcontrol.meet.winlux.fr
>>>> > channelLastN: -1
>>>> > enableLipSync: true
>>>> > openSctp: true
>>>> > disableRtx: false
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
>>>> > null]@1175229885]
>>>> > Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus role:
>>>> > OWNER
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/focus joined.
>>>> > Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
>>>> > discovered -
>>>> > using JVB
>>>> > Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
>>>> > null]@500755682]
>>>> > Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/1acaef35 joined.
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:25:41.558 INFOS: [325918]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3661”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:25:43.394 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19940”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:25:43.395 INFOS: [325919]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=7a92d43516b1ba4
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:25:43.398 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [325919]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=
9223372036854775807
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=
9223372036854775807
>>>> > JVB 2017-04-20 20:25:43.403 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
>>>> > JVB 2017-04-20 20:25:43.417 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19940”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> > Log when I tried to connect without token (guest mode):
>>>> > Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it
sid
>>>> > ‘f40607cb-7566-4861-bbb8-aa53bc147345’
>>>> > Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
>>>> > Authenticated as
>>>> > 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
>>>> > Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
>>>> > argument #1
>>>> > to ‘lower’ (string expected, got nil)
>>>> > stack traceback:
>>>> > [C]: in function ‘lower’
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
>>>> > function
>>>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/core/stanza_router.lua:189: in function
>>>> > ‘core_post_stanza’
>>>> > /usr/lib/prosody/core/stanza_router.lua:137: in function
>>>> > ‘dispatch_stanza’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:322: in function ‘func’
>>>> > /usr/lib/prosody/util/async.lua:90: in function
>>>> > </usr/lib/prosody/util/async.lua:88>
>>>> > stack traceback:
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/async.lua:163: in function ‘run’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:457: in function
>>>> > ‘cb_handlestanza’
>>>> > /usr/lib/prosody/util/xmppstream.lua:184: in function
>>>> > </usr/lib/prosody/util/xmppstream.lua:164>
>>>> > [C]: in function ‘parse’
>>>> > /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/http/server.lua:239: in function
>>>> > </usr/lib/prosody/net/http/server.lua:180>
>>>> > ...
>>>> > /usr/lib/prosody/net/http/server.lua:112: in function
>>>> > ‘process_next’
>>>> > /usr/lib/prosody/net/http/server.lua:128: in function
‘success_cb’
>>>> > /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
>>>> > /usr/lib/prosody/net/http/server.lua:159: in function
>>>> > </usr/lib/prosody/net/http/server.lua:158>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/server_select.lua:920: in function
>>>> > </usr/lib/prosody/net/server_select.lua:895>
>>>> > [C]: in function ‘xpcall’
>>>> > /usr/bin/prosody:396: in function ‘loop’
>>>> > /usr/bin/prosody:427: in main chunk
>>>> > [C]: ?
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
>>>> > participant: room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed participant:
>>>> > true,
>>>> > room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416 Focus
>>>> > request
>>>> > for room: room7@conference.meet.winlux.fr
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:27:21.560 INFOS: [326201]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3671”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19991”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=fad136c2ad8f27cf
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:27:23.398 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [326108]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.402 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
>>>> > JVB 2017-04-20 20:27:23.412 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19991”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> >
>>>> > thanks for you help
>>>> >
>>>> > 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>> >>
>>>> >> Hi,
>>>> >>
>>>> >> Hum, it can be that the print there is causing troubles, did you
>>>> >> tried
>>>> >> without enabling debug? Or at least comment that debug print that
is
>>>> >> giving the error?
>>>> >>
>>>> >> Regards
>>>> >> damencho
>>>> >>
>>>> >>
>>>> >> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert <mickael@winlux.fr > > > >>>> >> wrote:
>>>> >> > Hi all,
>>>> >> > I have an issue when I want access to my own jitsi instance with
>>>> >> > user
>>>> >> > anonymous (guest).
>>>> >> >
>>>> >> > I already activated auth tohen to principal domain, It works
>>>> >> > perfectly.
>>>> >> > I can access as moderator with this link:
>>>> >> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs....”
>>>> >> >
>>>> >> > But when I want to access as guest (with no token)
>>>> >> > https://meet.winlux.fr/room1
>>>> >> >
>>>> >> > I have an issue:
>>>> >> > Prosody MUC enter in auth process “mod_token_verification.lua”,
but
>>>> >> > I
>>>> >> > haven’t token (I’m guest).
>>>> >> >
>>>> >> > For me, virtualhost “guest” go to “conference” component (muc),
>>>> >> > and in
>>>> >> > this
>>>> >> > component there is modules_enabled = { “token_verification” }
>>>> >> >
>>>> >> > “”"
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > pre
>>>> >> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>>>> >> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>>>> >> >
>>>> >> >
>>>> >> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>>>> >> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11;
Linux
>>>> >> > x86_64)
>>>> >> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>>>> >> > Safari/537.36</user-agent><c hash=‘sha-1’
>>>> >> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>>>> >> > node=‘http://jitsi.org/jitsimeet
>>>> >> >
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/caps’/><devices><
>true</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</
><audiomuted
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</
><videoType
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</
><videomuted
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>false</
></presence>
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Session token: nil, session room: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin2:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.
winlux.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > TEST MIKA :
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > allowEmptyToken: false, session.auth_token: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Will verify token for user:
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr, room:
>>>> >> > room1
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > token: nil , auth_room: nil
>>>> >> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
>>>> >> > argument
>>>> >> > #1
>>>> >> > to ‘lower’ (string expected, got nil)
>>>> >> > stack traceback:
>>>> >> > [C]: in function ‘lower’
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
in
>>>> >> > function
>>>> >> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> >> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > “”"
>>>> >> >
>>>> >> > My prosody configuration:
>>>> >> >
>>>> >> > “”"
>>>> >> > -- Plugins path gets uncommented during jitsi-meet-tokens package
>>>> >> > install -
>>>> >> > that’s where token plugin is located
>>>> >> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>>>> >> > --
>>>> >> > --HELP: https://github.com/jitsi/jicofo
>>>> >> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>>>> >> >
>>>> >> > VirtualHost “meet.winlux.fr
>>>> >> > -- enabled = false -- Remove this line to enable this
host
>>>> >> > --authentication = “anonymous”
>>>> >> > --authentication = “internal_plain” -- NO LOGIN WITH DOT
>>>> >> > !!!
>>>> >> > mhubert
>>>> >> > => OK, m.hubert => NOK !!!!!!!!!!!!
>>>> >> > -- authentication = “internal_hash”
>>>> >> > -- Properties below are modified by jitsi-meet-tokens
>>>> >> > package
>>>> >> > config
>>>> >> > -- and authentication above is switched to “token”
>>>> >> > authentication = “token”;
>>>> >> > app_id="********"
>>>> >> > app_secret="******"
>>>> >> > allow_empty_token=false
>>>> >> > -- Assign this host a certificate for TLS, otherwise it
>>>> >> > would
>>>> >> > use
>>>> >> > the one
>>>> >> > -- set in the global section (if any).
>>>> >> > -- Note that old-style SSL on port 5223 only supports one
>>>> >> > certificate, and will always
>>>> >> > -- use the global one.
>>>> >> > ssl = {
>>>> >> > --key = “/etc/prosody/certs/meet.winlux.fr.key”;
>>>> >> > key = “/etc/prosody/certs/privkey.pem”;
>>>> >> > --certificate =
>>>> >> > “/etc/prosody/certs/meet.winlux.fr.crt”;
>>>> >> > certificate = “/etc/prosody/certs/fullchain.
pem”;
>>>> >> > }
>>>> >> > -- we need bosh
>>>> >> > modules_enabled = {
>>>> >> > “bosh”;
>>>> >> > “pubsub”;
>>>> >> > “ping”; -- Enable mod_ping
>>>> >> > “admin_telnet”;
>>>> >> > }
>>>> >> >
>>>> >> > --storage = “sql”
>>>> >> > --sql = { driver = “MySQL”, database = “jitsi”, username =
>>>> >> > “jitsi”,
>>>> >> > password = “********”, host = “localhost” }
>>>> >> >
>>>> >> > Component “conference.meet.winlux.fr” “muc”
>>>> >> > modules_enabled = { “token_verification” }
>>>> >> > admins = { "focus@auth.meet.winlux.fr" }
>>>> >> > -- restrict_room_creation = “local”
>>>> >> > -- restrict_room_creation = true
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/conference.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “jitsi-videobridge.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.
key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “auth.meet.winlux.fr
>>>> >> > authentication = “internal_plain”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/auth.meet.
winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “guest.meet.winlux.fr
>>>> >> > authentication = “anonymous”
>>>> >> > allow_empty_token=true
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > Component “focus.meet.winlux.fr
>>>> >> > component_secret = “*****”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/focus.meet.
winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “callcontrol.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> > “”"
>>>> >> >
>>>> >> > Deb packet installed:
>>>> >> > “”"
>>>> >> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>>>> >> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>>>> >> > -rw-r--r-- 1 root root 25M avril 14 18:26
>>>> >> > jicofo_1.0-346-1_amd64.deb
>>>> >> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>>>> >> > jitsi-meet_1.0.2013-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>>>> >> > jitsi-meet-prosody_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>>>> >> > jitsi-meet-tokens_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>>>> >> > jitsi-meet-web_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>>>> >> > jitsi-meet-web-config_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 30M avril 19 00:24
>>>> >> > jitsi-videobridge_934-1_amd64.deb
>>>> >> >
>>>> >> > “”"
>>>> >> >
>>>> >> > Do you have an idea ? is it possible to have token and guest in
the
>>>> >> > same
>>>> >> > room ?
>>>> >> >
>>>> >> > big thanks in advance :wink:
>>>> >> >
>>>> >> >
>>>> >> > _______________________________________________
>>>> >> > users mailing list
>>>> >> > users@jitsi.org
>>>> >> > Unsubscribe instructions and other list options:
>>>> >> > http://lists.jitsi.org/mailman/listinfo/users
>>>> >>
>>>> >> _______________________________________________
>>>> >> users mailing list
>>>> >> users@jitsi.org
>>>> >> Unsubscribe instructions and other list options:
>>>> >> http://lists.jitsi.org/mailman/listinfo/users
>>>> >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > users mailing list
>>>> > users@jitsi.org
>>>> > Unsubscribe instructions and other list options:
>>>> > http://lists.jitsi.org/mailman/listinfo/users
>>>>
>>>> _______________________________________________
>>>> users mailing list
>>>> users@jitsi.org
>>>> Unsubscribe instructions and other list options:
>>>> http://lists.jitsi.org/mailman/listinfo/users
>>>
>>>
>>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#11

Hi,

This is not a problem, this dialog is shown when a guest tries to enter a
room which is not created. If authenticated user enters in the room and
tries to enter like guest it should work.

Regards
damencho

···

On Fri, Apr 21, 2017 at 5:06 AM, Mickael Hubert <mickael@winlux.fr> wrote:

Bravo !
it works !!!

thank you very much !

next issue now :wink:

screenshot below :

2017-04-20 22:03 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

So to make it work you need few more option.
Under your main virtual host where you configure the token you need to
add disable_room_name_constraints = true, like:
VirtualHost "meet.winlux.fr"
    authentication = "token";
        app_id="********"
        app_secret="******"
        disable_room_name_constraints = true

The muc config should be:
Component "conference.meet.winlux.fr" "muc"
    modules_enabled = { "token_verification" }
    restrict_room_creation = true
    .....
So only admins should be able to create the room, but in order to
achieve that you need and a setting in Jicofo, in
/etc/jitsi/jicofo/sip-communicator.properties:
org.jitsi.jicofo.auth.URL=XMPP:meet.winlux.fr

This is working on my side. So the case is that room name verification
(verifying the room name coming from the token with the room name that
is about to be created) is not working with this scheme.

Regards
damencho

On Thu, Apr 20, 2017 at 2:39 PM, Mickael Hubert <mickael@winlux.fr> >> wrote:
> maybe this could help you:
>
> Part of prosody log with token:
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <iq id=‘7ff5efae-9541-416c-9ebd-397bf2d61aee:sendIQ’
> type=‘get’ to=‘guest.meet.winlux.fr
> from=‘62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux
.fr/28549acf-68f6-4db8-a3cc-3aa231c15389’>
> Apr 20 21:26:31 mod_bosh debug BOSH stanza received: <iq
> id=‘d9a096fe-66b3-4798-a251-cfa37cb11b36:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <presence to=‘room8@conference.meet.winlux.fr/b2871938’>
> Apr 20 21:25:03 conference.meet.winlux.fr:muc debug no occupant
found
> for room8@conference.meet.winlux.fr/b2871938; creating new occupant
object
> for
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
>
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Session token: ******************, session room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin2:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: ***************
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> auth_room: room8, room: room8@conference.meet.winlux.fr/b2871938
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr, room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> token: ***************** , auth_room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowed: b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr to
enter/create
> room: room8
>
> Part of prosody log with guest:
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <iq id=‘930cfc4c-cdcc-4abc-8495-e2260f3fc509:sendIQ’
> type=‘get’ to=‘meet.winlux.fr
> from=‘b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/69
32d804-9ff3-4a19-9413-bb570c29402f’>
> Apr 20 21:25:03 mod_bosh debug BOSH stanza received: <iq
> id=‘abd6301f-8219-4921-9948-96a15ea9597c:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <presence to=‘room8@conference.meet.winlux.fr/62f12864’>
> Apr 20 21:26:31 conference.meet.winlux.fr:muc debug no occupant
found
> for room8@conference.meet.winlux.fr/62f12864; creating new occupant
object
> for
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/
28549acf-68f6-4db8-a3cc-3aa231c15389
>
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Session token: nil, session room: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/
28549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
  in
> admin with admin2:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/
28549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> auth_room: nil, room: room8@conference.meet.winlux.fr/62f12864
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr, room: room8
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> token: nil , auth_room: nil
> Apr 20 21:26:31 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
>
> in France it’s 9PM and I will shutdown my computer soon :wink:
>
> thanks for your help !
>
> 2017-04-20 21:22 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>
>> yes ! very good news !
>> let me know if you want other things
>>
>>
>> 2017-04-20 21:19 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>>
>>> I’m sorry,
>>> I add some logs in mod_token_verification.lua.
>>> the line 76 for me it’s:
>>> if disableRoomNameConstraints ~= true and room ~=
string.lower(auth_room)
>>> then
>>> line 63 for the original:
>>> https://github.com/jitsi/jitsi-meet/blob/master/resources/
prosody-plugins/mod_token_verification.lua
>>>
>>> and auth_room doesn’t exist, because I want access to the room without
>>> token (I want be a guest). Access with token works fine, no problem
with
>>> this method.
>>>
>>> for me, I can see in the log (first email)
>>> 1) I connect with token --> OK (I’m the moderator)
>>> 2) When I connect without token, I go to the virtualHost
>>> “guest.meet.winlux.fr” --> OK
>>> 3) after, guest.meet.winlux.fr goes to component
>>> conference.meet.winlux.fr -->OK
>>> but this component uses token_verification module (normal with token
>>> method, but not working with guest method).
>>>
>>> I don’t know if my prosody conf is good or not. Or I don’t know the
way
>>> to not “route” guest access to the token module.
>>>
>>>
>>>
>>> 2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>>
>>>> Hi,
>>>>
>>>> can you try changing that problem line, mod_token_verification.lua:76
>>>>
>>>> It is now: log(“debug”, “pre create: %s %s”, tostring(origin),
>>>> tostring(stanza));
>>>> Can you change it to: log(“debug”, “pre create: %s”,
tostring(stanza));
>>>> And enable debugging and test again.
>>>>
>>>> I think it is something about how you setup the domains, cause I was
>>>> testing that part yesterday, cause I’m currently working on the jwt
>>>> stuff and this was working fine.
>>>>
>>>> Regards
>>>> damencho
>>>>
>>>>
>>>> On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> >> >>>> wrote:
>>>> > Hi,
>>>> > without debug, it’s the same issue.
>>>> >
>>>> > prosody logs with I’m connected in admin (token):
>>>> > Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it
sid
>>>> > ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
>>>> > Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
>>>> > Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046a
c8d255@meet.winlux.fr
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416
Focus
>>>> > request
>>>> > for room: room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidW
ithSession().487
>>>> > Authenticated jid:
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
>>>> > with session:
>>>> > AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.winlux.fr
,
>>>> >
>>>> > JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55
e1b5-f309-40a0-bc51-8f26fd8761be,
>>>> > SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
>>>> > MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
>>>> > R=room8@conference.meet.winlux.fr]@829517297
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthen
ticated().397
>>>> > Jid
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
>>>> > authenticated as: b7051b9c-2535-4faf-8643-f55c27
6e0cde@meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.FocusManager.log() Created new focus for
>>>> > room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences
count:
>>>> > 2
>>>> > options:
>>>> > call_control: callcontrol.meet.winlux.fr
>>>> > channelLastN: -1
>>>> > enableLipSync: true
>>>> > openSctp: true
>>>> > disableRtx: false
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled in
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
>>>> > null]@1175229885]
>>>> > Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus
role:
>>>> > OWNER
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/focus joined.
>>>> > Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
>>>> > discovered -
>>>> > using JVB
>>>> > Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
>>>> > null]@500755682]
>>>> > Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/1acaef35 joined.
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:25:41.558 INFOS: [325918]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3661”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:25:43.394 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19940”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:25:43.395 INFOS: [325919]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=7a92d43516b1ba4
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:25:43.398 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [325919]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=922337203
6854775807
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=922337203
6854775807
>>>> > JVB 2017-04-20 20:25:43.403 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
>>>> > JVB 2017-04-20 20:25:43.417 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19940”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> > Log when I tried to connect without token (guest mode):
>>>> > Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it
sid
>>>> > ‘f40607cb-7566-4861-bbb8-aa53bc147345’
>>>> > Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
>>>> > Authenticated as
>>>> > 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
>>>> > Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
>>>> > argument #1
>>>> > to ‘lower’ (string expected, got nil)
>>>> > stack traceback:
>>>> > [C]: in function ‘lower’
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: in
>>>> > function
>>>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/core/stanza_router.lua:189: in function
>>>> > ‘core_post_stanza’
>>>> > /usr/lib/prosody/core/stanza_router.lua:137: in function
>>>> > ‘dispatch_stanza’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:322: in function ‘func’
>>>> > /usr/lib/prosody/util/async.lua:90: in function
>>>> > </usr/lib/prosody/util/async.lua:88>
>>>> > stack traceback:
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/async.lua:163: in function ‘run’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:457: in function
>>>> > ‘cb_handlestanza’
>>>> > /usr/lib/prosody/util/xmppstream.lua:184: in function
>>>> > </usr/lib/prosody/util/xmppstream.lua:164>
>>>> > [C]: in function ‘parse’
>>>> > /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/http/server.lua:239: in function
>>>> > </usr/lib/prosody/net/http/server.lua:180>
>>>> > ...
>>>> > /usr/lib/prosody/net/http/server.lua:112: in function
>>>> > ‘process_next’
>>>> > /usr/lib/prosody/net/http/server.lua:128: in function
‘success_cb’
>>>> > /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
>>>> > /usr/lib/prosody/net/http/server.lua:159: in function
>>>> > </usr/lib/prosody/net/http/server.lua:158>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/server_select.lua:920: in function
>>>> > </usr/lib/prosody/net/server_select.lua:895>
>>>> > [C]: in function ‘xpcall’
>>>> > /usr/bin/prosody:396: in function ‘loop’
>>>> > /usr/bin/prosody:427: in main chunk
>>>> > [C]: ?
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
>>>> > participant: room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed
participant:
>>>> > true,
>>>> > room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416
Focus
>>>> > request
>>>> > for room: room7@conference.meet.winlux.fr
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:27:21.560 INFOS: [326201]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3671”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19991”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=fad136c2ad8f27cf
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:27:23.398 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [326108]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.402 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
>>>> > JVB 2017-04-20 20:27:23.412 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19991”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> >
>>>> > thanks for you help
>>>> >
>>>> > 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>> >>
>>>> >> Hi,
>>>> >>
>>>> >> Hum, it can be that the print there is causing troubles, did you
>>>> >> tried
>>>> >> without enabling debug? Or at least comment that debug print that
is
>>>> >> giving the error?
>>>> >>
>>>> >> Regards
>>>> >> damencho
>>>> >>
>>>> >>
>>>> >> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert < >> mickael@winlux.fr> >> >>>> >> wrote:
>>>> >> > Hi all,
>>>> >> > I have an issue when I want access to my own jitsi instance with
>>>> >> > user
>>>> >> > anonymous (guest).
>>>> >> >
>>>> >> > I already activated auth tohen to principal domain, It works
>>>> >> > perfectly.
>>>> >> > I can access as moderator with this link:
>>>> >> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs.
...”
>>>> >> >
>>>> >> > But when I want to access as guest (with no token)
>>>> >> > https://meet.winlux.fr/room1
>>>> >> >
>>>> >> > I have an issue:
>>>> >> > Prosody MUC enter in auth process “mod_token_verification.lua”,
but
>>>> >> > I
>>>> >> > haven’t token (I’m guest).
>>>> >> >
>>>> >> > For me, virtualhost “guest” go to “conference” component (muc),
>>>> >> > and in
>>>> >> > this
>>>> >> > component there is modules_enabled = { “token_verification” }
>>>> >> >
>>>> >> > “”"
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > pre
>>>> >> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>>>> >> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>>>> >> >
>>>> >> >
>>>> >> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux
.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>>>> >> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11;
Linux
>>>> >> > x86_64)
>>>> >> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>>>> >> > Safari/537.36</user-agent><c hash=‘sha-1’
>>>> >> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>>>> >> > node=‘http://jitsi.org/jitsimeet
>>>> >> >
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>
true</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><
audiomuted
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><
videoType
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><
videomuted
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></
>
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Session token: nil, session room: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/
906b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin2:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/
906b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > TEST MIKA :
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > allowEmptyToken: false, session.auth_token: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Will verify token for user:
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr,
room:
>>>> >> > room1
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > token: nil , auth_room: nil
>>>> >> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
>>>> >> > argument
>>>> >> > #1
>>>> >> > to ‘lower’ (string expected, got nil)
>>>> >> > stack traceback:
>>>> >> > [C]: in function ‘lower’
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
in
>>>> >> > function
>>>> >> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> >> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > “”"
>>>> >> >
>>>> >> > My prosody configuration:
>>>> >> >
>>>> >> > “”"
>>>> >> > -- Plugins path gets uncommented during jitsi-meet-tokens
package
>>>> >> > install -
>>>> >> > that’s where token plugin is located
>>>> >> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>>>> >> > --
>>>> >> > --HELP: https://github.com/jitsi/jicofo
>>>> >> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>>>> >> >
>>>> >> > VirtualHost “meet.winlux.fr
>>>> >> > -- enabled = false -- Remove this line to enable this
host
>>>> >> > --authentication = “anonymous”
>>>> >> > --authentication = “internal_plain” -- NO LOGIN WITH DOT
>>>> >> > !!!
>>>> >> > mhubert
>>>> >> > => OK, m.hubert => NOK !!!!!!!!!!!!
>>>> >> > -- authentication = “internal_hash”
>>>> >> > -- Properties below are modified by jitsi-meet-tokens
>>>> >> > package
>>>> >> > config
>>>> >> > -- and authentication above is switched to “token”
>>>> >> > authentication = “token”;
>>>> >> > app_id="********"
>>>> >> > app_secret="******"
>>>> >> > allow_empty_token=false
>>>> >> > -- Assign this host a certificate for TLS, otherwise it
>>>> >> > would
>>>> >> > use
>>>> >> > the one
>>>> >> > -- set in the global section (if any).
>>>> >> > -- Note that old-style SSL on port 5223 only supports
one
>>>> >> > certificate, and will always
>>>> >> > -- use the global one.
>>>> >> > ssl = {
>>>> >> > --key = “/etc/prosody/certs/meet.winlu
x.fr.key”;
>>>> >> > key = “/etc/prosody/certs/privkey.pem”;
>>>> >> > --certificate =
>>>> >> > “/etc/prosody/certs/meet.winlux.fr.crt”;
>>>> >> > certificate = “/etc/prosody/certs/fullchain.
pem”;
>>>> >> > }
>>>> >> > -- we need bosh
>>>> >> > modules_enabled = {
>>>> >> > “bosh”;
>>>> >> > “pubsub”;
>>>> >> > “ping”; -- Enable mod_ping
>>>> >> > “admin_telnet”;
>>>> >> > }
>>>> >> >
>>>> >> > --storage = “sql”
>>>> >> > --sql = { driver = “MySQL”, database = “jitsi”, username =
>>>> >> > “jitsi”,
>>>> >> > password = “********”, host = “localhost” }
>>>> >> >
>>>> >> > Component “conference.meet.winlux.fr” “muc”
>>>> >> > modules_enabled = { “token_verification” }
>>>> >> > admins = { "focus@auth.meet.winlux.fr" }
>>>> >> > -- restrict_room_creation = “local”
>>>> >> > -- restrict_room_creation = true
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/conference.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “jitsi-videobridge.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr
.key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “auth.meet.winlux.fr
>>>> >> > authentication = “internal_plain”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/auth.meet.wi
nlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “guest.meet.winlux.fr
>>>> >> > authentication = “anonymous”
>>>> >> > allow_empty_token=true
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > Component “focus.meet.winlux.fr
>>>> >> > component_secret = “*****”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/focus.meet.w
inlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “callcontrol.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> > “”"
>>>> >> >
>>>> >> > Deb packet installed:
>>>> >> > “”"
>>>> >> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>>>> >> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>>>> >> > -rw-r--r-- 1 root root 25M avril 14 18:26
>>>> >> > jicofo_1.0-346-1_amd64.deb
>>>> >> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>>>> >> > jitsi-meet_1.0.2013-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>>>> >> > jitsi-meet-prosody_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>>>> >> > jitsi-meet-tokens_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>>>> >> > jitsi-meet-web_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>>>> >> > jitsi-meet-web-config_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 30M avril 19 00:24
>>>> >> > jitsi-videobridge_934-1_amd64.deb
>>>> >> >
>>>> >> > “”"
>>>> >> >
>>>> >> > Do you have an idea ? is it possible to have token and guest in
the
>>>> >> > same
>>>> >> > room ?
>>>> >> >
>>>> >> > big thanks in advance :wink:
>>>> >> >
>>>> >> >
>>>> >> > _______________________________________________
>>>> >> > users mailing list
>>>> >> > users@jitsi.org
>>>> >> > Unsubscribe instructions and other list options:
>>>> >> > http://lists.jitsi.org/mailman/listinfo/users
>>>> >>
>>>> >> _______________________________________________
>>>> >> users mailing list
>>>> >> users@jitsi.org
>>>> >> Unsubscribe instructions and other list options:
>>>> >> http://lists.jitsi.org/mailman/listinfo/users
>>>> >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > users mailing list
>>>> > users@jitsi.org
>>>> > Unsubscribe instructions and other list options:
>>>> > http://lists.jitsi.org/mailman/listinfo/users
>>>>
>>>> _______________________________________________
>>>> users mailing list
>>>> users@jitsi.org
>>>> Unsubscribe instructions and other list options:
>>>> http://lists.jitsi.org/mailman/listinfo/users
>>>
>>>
>>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#12

Hi Damien, I'm sorry it's a mistake.
Next issue is the one way audio with jigasi (other tiket already sent) :wink:
Not the screenshot.
I take it to show you it works :wink: and say thank you

···

2017-04-21 17:06 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

This is not a problem, this dialog is shown when a guest tries to enter a
room which is not created. If authenticated user enters in the room and
tries to enter like guest it should work.

Regards
damencho

On Fri, Apr 21, 2017 at 5:06 AM, Mickael Hubert <mickael@winlux.fr> wrote:

Bravo !
it works !!!

thank you very much !

next issue now :wink:

screenshot below :

2017-04-20 22:03 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

So to make it work you need few more option.
Under your main virtual host where you configure the token you need to
add disable_room_name_constraints = true, like:
VirtualHost "meet.winlux.fr"
    authentication = "token";
        app_id="********"
        app_secret="******"
        disable_room_name_constraints = true

The muc config should be:
Component "conference.meet.winlux.fr" "muc"
    modules_enabled = { "token_verification" }
    restrict_room_creation = true
    .....
So only admins should be able to create the room, but in order to
achieve that you need and a setting in Jicofo, in
/etc/jitsi/jicofo/sip-communicator.properties:
org.jitsi.jicofo.auth.URL=XMPP:meet.winlux.fr

This is working on my side. So the case is that room name verification
(verifying the room name coming from the token with the room name that
is about to be created) is not working with this scheme.

Regards
damencho

On Thu, Apr 20, 2017 at 2:39 PM, Mickael Hubert <mickael@winlux.fr> >>> wrote:
> maybe this could help you:
>
> Part of prosody log with token:
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <iq id=‘7ff5efae-9541-416c-9ebd-397bf2d61aee:sendIQ’
> type=‘get’ to=‘guest.meet.winlux.fr
> from=‘62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux
.fr/28549acf-68f6-4db8-a3cc-3aa231c15389’>
> Apr 20 21:26:31 mod_bosh debug BOSH stanza received: <iq
> id=‘d9a096fe-66b3-4798-a251-cfa37cb11b36:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <presence to='room8@conference.meet.winlux.fr/b2871938
'>
> Apr 20 21:25:03 conference.meet.winlux.fr:muc debug no occupant
found
> for room8@conference.meet.winlux.fr/b2871938; creating new occupant
object
> for
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
>
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Session token: ******************, session room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification
debug in
> admin with admin:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification
debug in
> admin with admin2:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: ***************
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> auth_room: room8, room: room8@conference.meet.winlux.fr/b2871938
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr, room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> token: ***************** , auth_room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowed: b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr to
enter/create
> room: room8
>
> Part of prosody log with guest:
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <iq id=‘930cfc4c-cdcc-4abc-8495-e2260f3fc509:sendIQ’
> type=‘get’ to=‘meet.winlux.fr
> from=‘b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/69
32d804-9ff3-4a19-9413-bb570c29402f’>
> Apr 20 21:25:03 mod_bosh debug BOSH stanza received: <iq
> id=‘abd6301f-8219-4921-9948-96a15ea9597c:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <presence to='room8@conference.meet.winlux.fr/62f12864
'>
> Apr 20 21:26:31 conference.meet.winlux.fr:muc debug no occupant
found
> for room8@conference.meet.winlux.fr/62f12864; creating new occupant
object
> for
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28
549acf-68f6-4db8-a3cc-3aa231c15389
>
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Session token: nil, session room: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification
debug in
> admin with admin:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28
549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification
debug in
> admin with admin2:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28
549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> auth_room: nil, room: room8@conference.meet.winlux.fr/62f12864
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr, room: room8
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> token: nil , auth_room: nil
> Apr 20 21:26:31 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
>
> in France it’s 9PM and I will shutdown my computer soon :wink:
>
> thanks for your help !
>
> 2017-04-20 21:22 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>
>> yes ! very good news !
>> let me know if you want other things
>>
>>
>> 2017-04-20 21:19 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>>
>>> I’m sorry,
>>> I add some logs in mod_token_verification.lua.
>>> the line 76 for me it’s:
>>> if disableRoomNameConstraints ~= true and room ~=
string.lower(auth_room)
>>> then
>>> line 63 for the original:
>>> https://github.com/jitsi/jitsi-meet/blob/master/resources/pr
osody-plugins/mod_token_verification.lua
>>>
>>> and auth_room doesn’t exist, because I want access to the room
without
>>> token (I want be a guest). Access with token works fine, no problem
with
>>> this method.
>>>
>>> for me, I can see in the log (first email)
>>> 1) I connect with token --> OK (I’m the moderator)
>>> 2) When I connect without token, I go to the virtualHost
>>> “guest.meet.winlux.fr” --> OK
>>> 3) after, guest.meet.winlux.fr goes to component
>>> conference.meet.winlux.fr -->OK
>>> but this component uses token_verification module (normal with token
>>> method, but not working with guest method).
>>>
>>> I don’t know if my prosody conf is good or not. Or I don’t know the
way
>>> to not “route” guest access to the token module.
>>>
>>>
>>>
>>> 2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>>
>>>> Hi,
>>>>
>>>> can you try changing that problem line,
mod_token_verification.lua:76
>>>>
>>>> It is now: log(“debug”, “pre create: %s %s”, tostring(origin),
>>>> tostring(stanza));
>>>> Can you change it to: log(“debug”, “pre create: %s”,
tostring(stanza));
>>>> And enable debugging and test again.
>>>>
>>>> I think it is something about how you setup the domains, cause I was
>>>> testing that part yesterday, cause I’m currently working on the jwt
>>>> stuff and this was working fine.
>>>>
>>>> Regards
>>>> damencho
>>>>
>>>>
>>>> On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr> >>> >>>> wrote:
>>>> > Hi,
>>>> > without debug, it’s the same issue.
>>>> >
>>>> > prosody logs with I’m connected in admin (token):
>>>> > Apr 20 20:11:03 mod_bosh info New BOSH session, assigned it
sid
>>>> > ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
>>>> > Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
>>>> > Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046a
c8d255@meet.winlux.fr
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416
Focus
>>>> > request
>>>> > for room: room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidW
ithSession().487
>>>> > Authenticated jid:
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
>>>> > with session:
>>>> > AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.win
lux.fr,
>>>> >
>>>> > JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55
e1b5-f309-40a0-bc51-8f26fd8761be,
>>>> > SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
>>>> > MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
>>>> > R=room8@conference.meet.winlux.fr]@829517297
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthen
ticated().397
>>>> > Jid
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
>>>> > authenticated as: b7051b9c-2535-4faf-8643-f55c27
6e0cde@meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.FocusManager.log() Created new focus for
>>>> > room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences
count:
>>>> > 2
>>>> > options:
>>>> > call_control: callcontrol.meet.winlux.fr
>>>> > channelLastN: -1
>>>> > enableLipSync: true
>>>> > openSctp: true
>>>> > disableRtx: false
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled
in
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
>>>> > null]@1175229885]
>>>> > Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role unknown
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus
role:
>>>> > OWNER
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/focus joined.
>>>> > Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
>>>> > discovered -
>>>> > using JVB
>>>> > Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
>>>> > null]@500755682]
>>>> > Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/1acaef35 joined.
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:25:41.558 INFOS: [325918]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3661”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:25:43.394 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19940”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:25:43.395 INFOS: [325919]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=7a92d43516b1ba4
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:25:43.398 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [325919]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=922337203
6854775807
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=922337203
6854775807
>>>> > JVB 2017-04-20 20:25:43.403 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
>>>> > JVB 2017-04-20 20:25:43.417 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19940”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> > Log when I tried to connect without token (guest mode):
>>>> > Apr 20 20:17:57 mod_bosh info New BOSH session, assigned it
sid
>>>> > ‘f40607cb-7566-4861-bbb8-aa53bc147345’
>>>> > Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
>>>> > Authenticated as
>>>> > 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
>>>> > Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
>>>> > argument #1
>>>> > to ‘lower’ (string expected, got nil)
>>>> > stack traceback:
>>>> > [C]: in function ‘lower’
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
in
>>>> > function
>>>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/core/stanza_router.lua:189: in function
>>>> > ‘core_post_stanza’
>>>> > /usr/lib/prosody/core/stanza_router.lua:137: in function
>>>> > ‘dispatch_stanza’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:322: in function ‘func’
>>>> > /usr/lib/prosody/util/async.lua:90: in function
>>>> > </usr/lib/prosody/util/async.lua:88>
>>>> > stack traceback:
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/async.lua:163: in function ‘run’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:457: in function
>>>> > ‘cb_handlestanza’
>>>> > /usr/lib/prosody/util/xmppstream.lua:184: in function
>>>> > </usr/lib/prosody/util/xmppstream.lua:164>
>>>> > [C]: in function ‘parse’
>>>> > /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/http/server.lua:239: in function
>>>> > </usr/lib/prosody/net/http/server.lua:180>
>>>> > ...
>>>> > /usr/lib/prosody/net/http/server.lua:112: in function
>>>> > ‘process_next’
>>>> > /usr/lib/prosody/net/http/server.lua:128: in function
‘success_cb’
>>>> > /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
>>>> > /usr/lib/prosody/net/http/server.lua:159: in function
>>>> > </usr/lib/prosody/net/http/server.lua:158>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/server_select.lua:920: in function
>>>> > </usr/lib/prosody/net/server_select.lua:895>
>>>> > [C]: in function ‘xpcall’
>>>> > /usr/bin/prosody:396: in function ‘loop’
>>>> > /usr/bin/prosody:427: in main chunk
>>>> > [C]: ?
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
>>>> > participant: room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed
participant:
>>>> > true,
>>>> > room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416
Focus
>>>> > request
>>>> > for room: room7@conference.meet.winlux.fr
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:27:21.560 INFOS: [326201]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3671”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19991”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=fad136c2ad8f27cf
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:27:23.398 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [326108]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.402 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
>>>> > JVB 2017-04-20 20:27:23.412 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19991”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> >
>>>> > thanks for you help
>>>> >
>>>> > 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>> >>
>>>> >> Hi,
>>>> >>
>>>> >> Hum, it can be that the print there is causing troubles, did you
>>>> >> tried
>>>> >> without enabling debug? Or at least comment that debug print
that is
>>>> >> giving the error?
>>>> >>
>>>> >> Regards
>>>> >> damencho
>>>> >>
>>>> >>
>>>> >> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert < >>> mickael@winlux.fr> >>> >>>> >> wrote:
>>>> >> > Hi all,
>>>> >> > I have an issue when I want access to my own jitsi instance
with
>>>> >> > user
>>>> >> > anonymous (guest).
>>>> >> >
>>>> >> > I already activated auth tohen to principal domain, It works
>>>> >> > perfectly.
>>>> >> > I can access as moderator with this link:
>>>> >> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs.
...”
>>>> >> >
>>>> >> > But when I want to access as guest (with no token)
>>>> >> > https://meet.winlux.fr/room1
>>>> >> >
>>>> >> > I have an issue:
>>>> >> > Prosody MUC enter in auth process
“mod_token_verification.lua”, but
>>>> >> > I
>>>> >> > haven’t token (I’m guest).
>>>> >> >
>>>> >> > For me, virtualhost “guest” go to “conference” component
(muc),
>>>> >> > and in
>>>> >> > this
>>>> >> > component there is modules_enabled = { “token_verification” }
>>>> >> >
>>>> >> > “”"
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > pre
>>>> >> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>>>> >> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>>>> >> >
>>>> >> >
>>>> >> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux
.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>>>> >> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0 (X11;
Linux
>>>> >> > x86_64)
>>>> >> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>>>> >> > Safari/537.36</user-agent><c hash=‘sha-1’
>>>> >> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>>>> >> > node=‘http://jitsi.org/jitsimeet
>>>> >> >
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>tru
e</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><
audiomuted
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><vi
deoType
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><vi
deomuted
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></p
>
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Session token: nil, session room: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/90
6b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin2:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/90
6b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > TEST MIKA :
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > allowEmptyToken: false, session.auth_token: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > auth_room: nil, room: room1@conference.meet.winlux.fr/5934e5e9
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Will verify token for user:
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr,
room:
>>>> >> > room1
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > token: nil , auth_room: nil
>>>> >> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
bad
>>>> >> > argument
>>>> >> > #1
>>>> >> > to ‘lower’ (string expected, got nil)
>>>> >> > stack traceback:
>>>> >> > [C]: in function ‘lower’
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
in
>>>> >> > function
>>>> >> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> >> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > “”"
>>>> >> >
>>>> >> > My prosody configuration:
>>>> >> >
>>>> >> > “”"
>>>> >> > -- Plugins path gets uncommented during jitsi-meet-tokens
package
>>>> >> > install -
>>>> >> > that’s where token plugin is located
>>>> >> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>>>> >> > --
>>>> >> > --HELP: https://github.com/jitsi/jicofo
>>>> >> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>>>> >> >
>>>> >> > VirtualHost “meet.winlux.fr
>>>> >> > -- enabled = false -- Remove this line to enable this
host
>>>> >> > --authentication = “anonymous”
>>>> >> > --authentication = “internal_plain” -- NO LOGIN WITH
DOT
>>>> >> > !!!
>>>> >> > mhubert
>>>> >> > => OK, m.hubert => NOK !!!!!!!!!!!!
>>>> >> > -- authentication = “internal_hash”
>>>> >> > -- Properties below are modified by jitsi-meet-tokens
>>>> >> > package
>>>> >> > config
>>>> >> > -- and authentication above is switched to “token”
>>>> >> > authentication = “token”;
>>>> >> > app_id="********"
>>>> >> > app_secret="******"
>>>> >> > allow_empty_token=false
>>>> >> > -- Assign this host a certificate for TLS, otherwise it
>>>> >> > would
>>>> >> > use
>>>> >> > the one
>>>> >> > -- set in the global section (if any).
>>>> >> > -- Note that old-style SSL on port 5223 only supports
one
>>>> >> > certificate, and will always
>>>> >> > -- use the global one.
>>>> >> > ssl = {
>>>> >> > --key = “/etc/prosody/certs/meet.winlu
x.fr.key”;
>>>> >> > key = “/etc/prosody/certs/privkey.pem”;
>>>> >> > --certificate =
>>>> >> > “/etc/prosody/certs/meet.winlux.fr.crt”;
>>>> >> > certificate = “/etc/prosody/certs/fullchain.
pem”;
>>>> >> > }
>>>> >> > -- we need bosh
>>>> >> > modules_enabled = {
>>>> >> > “bosh”;
>>>> >> > “pubsub”;
>>>> >> > “ping”; -- Enable mod_ping
>>>> >> > “admin_telnet”;
>>>> >> > }
>>>> >> >
>>>> >> > --storage = “sql”
>>>> >> > --sql = { driver = “MySQL”, database = “jitsi”, username =
>>>> >> > “jitsi”,
>>>> >> > password = “********”, host = “localhost” }
>>>> >> >
>>>> >> > Component “conference.meet.winlux.fr” “muc”
>>>> >> > modules_enabled = { “token_verification” }
>>>> >> > admins = { "focus@auth.meet.winlux.fr" }
>>>> >> > -- restrict_room_creation = “local”
>>>> >> > -- restrict_room_creation = true
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/conference.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “jitsi-videobridge.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr
.key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “auth.meet.winlux.fr
>>>> >> > authentication = “internal_plain”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/auth.meet.wi
nlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “guest.meet.winlux.fr
>>>> >> > authentication = “anonymous”
>>>> >> > allow_empty_token=true
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/guest.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > Component “focus.meet.winlux.fr
>>>> >> > component_secret = “*****”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/focus.meet.w
inlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “callcontrol.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> > “”"
>>>> >> >
>>>> >> > Deb packet installed:
>>>> >> > “”"
>>>> >> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>>>> >> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>>>> >> > -rw-r--r-- 1 root root 25M avril 14 18:26
>>>> >> > jicofo_1.0-346-1_amd64.deb
>>>> >> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>>>> >> > jitsi-meet_1.0.2013-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>>>> >> > jitsi-meet-prosody_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>>>> >> > jitsi-meet-tokens_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>>>> >> > jitsi-meet-web_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>>>> >> > jitsi-meet-web-config_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 30M avril 19 00:24
>>>> >> > jitsi-videobridge_934-1_amd64.deb
>>>> >> >
>>>> >> > “”"
>>>> >> >
>>>> >> > Do you have an idea ? is it possible to have token and guest
in the
>>>> >> > same
>>>> >> > room ?
>>>> >> >
>>>> >> > big thanks in advance :wink:
>>>> >> >
>>>> >> >
>>>> >> > _______________________________________________
>>>> >> > users mailing list
>>>> >> > users@jitsi.org
>>>> >> > Unsubscribe instructions and other list options:
>>>> >> > http://lists.jitsi.org/mailman/listinfo/users
>>>> >>
>>>> >> _______________________________________________
>>>> >> users mailing list
>>>> >> users@jitsi.org
>>>> >> Unsubscribe instructions and other list options:
>>>> >> http://lists.jitsi.org/mailman/listinfo/users
>>>> >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > users mailing list
>>>> > users@jitsi.org
>>>> > Unsubscribe instructions and other list options:
>>>> > http://lists.jitsi.org/mailman/listinfo/users
>>>>
>>>> _______________________________________________
>>>> users mailing list
>>>> users@jitsi.org
>>>> Unsubscribe instructions and other list options:
>>>> http://lists.jitsi.org/mailman/listinfo/users
>>>
>>>
>>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#13

Sorry I wrongly understood it :slight_smile:

···

On Fri, Apr 21, 2017 at 10:11 AM, Mickael Hubert <mickael@winlux.fr> wrote:

Hi Damien, I'm sorry it's a mistake.
Next issue is the one way audio with jigasi (other tiket already sent) :wink:
Not the screenshot.
I take it to show you it works :wink: and say thank you

2017-04-21 17:06 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

This is not a problem, this dialog is shown when a guest tries to enter a
room which is not created. If authenticated user enters in the room and
tries to enter like guest it should work.

Regards
damencho

On Fri, Apr 21, 2017 at 5:06 AM, Mickael Hubert <mickael@winlux.fr> >> wrote:

Bravo !
it works !!!

thank you very much !

next issue now :wink:

screenshot below :

2017-04-20 22:03 GMT+02:00 Damian Minkov <damencho@jitsi.org>:

Hi,

So to make it work you need few more option.
Under your main virtual host where you configure the token you need to
add disable_room_name_constraints = true, like:
VirtualHost "meet.winlux.fr"
    authentication = "token";
        app_id="********"
        app_secret="******"
        disable_room_name_constraints = true

The muc config should be:
Component "conference.meet.winlux.fr" "muc"
    modules_enabled = { "token_verification" }
    restrict_room_creation = true
    .....
So only admins should be able to create the room, but in order to
achieve that you need and a setting in Jicofo, in
/etc/jitsi/jicofo/sip-communicator.properties:
org.jitsi.jicofo.auth.URL=XMPP:meet.winlux.fr

This is working on my side. So the case is that room name verification
(verifying the room name coming from the token with the room name that
is about to be created) is not working with this scheme.

Regards
damencho

On Thu, Apr 20, 2017 at 2:39 PM, Mickael Hubert <mickael@winlux.fr> >>>> wrote:
> maybe this could help you:
>
> Part of prosody log with token:
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <iq id=‘7ff5efae-9541-416c-9ebd-397bf2d61aee:sendIQ’
> type=‘get’ to=‘guest.meet.winlux.fr
> from=‘62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux
.fr/28549acf-68f6-4db8-a3cc-3aa231c15389’>
> Apr 20 21:26:31 mod_bosh debug BOSH stanza received: <iq
> id=‘d9a096fe-66b3-4798-a251-cfa37cb11b36:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <presence to='room8@conference.meet.winlux.fr/b2871938
'>
> Apr 20 21:25:03 conference.meet.winlux.fr:muc debug no
occupant found
> for room8@conference.meet.winlux.fr/b2871938; creating new occupant
object
> for
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
>
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Session token: ******************, session room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification
debug in
> admin with admin:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification
debug in
> admin with admin2:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/6932d804
-9ff3-4a19-9413-bb570c29402f
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: ***************
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> auth_room: room8, room: room8@conference.meet.winlux.fr/b2871938
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr, room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> token: ***************** , auth_room: room8
> Apr 20 21:25:03 conference.meet.winlux.fr:token_verification debug
> allowed: b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr to
enter/create
> room: room8
>
> Part of prosody log with guest:
> Apr 20 21:25:03 bosh019cc4fa-6160-49c9-bcc8-66acc088cd34 debug
> Received[c2s]: <iq id=‘930cfc4c-cdcc-4abc-8495-e2260f3fc509:sendIQ’
> type=‘get’ to=‘meet.winlux.fr
> from=‘b2871938-83cb-44e1-8a01-6601a7463abb@meet.winlux.fr/69
32d804-9ff3-4a19-9413-bb570c29402f’>
> Apr 20 21:25:03 mod_bosh debug BOSH stanza received: <iq
> id=‘abd6301f-8219-4921-9948-96a15ea9597c:sendIQ’ type=‘set’
> to=‘focus.meet.winlux.fr’>
>
> Apr 20 21:26:31 boshe3339571-3166-44f4-94b7-c690930205cc debug
> Received[c2s]: <presence to='room8@conference.meet.winlux.fr/62f12864
'>
> Apr 20 21:26:31 conference.meet.winlux.fr:muc debug no
occupant found
> for room8@conference.meet.winlux.fr/62f12864; creating new occupant
object
> for
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28
549acf-68f6-4db8-a3cc-3aa231c15389
>
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Session token: nil, session room: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification
debug in
> admin with admin:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28
549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification
debug in
> admin with admin2:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr/28
549acf-68f6-4db8-a3cc-3aa231c15389
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> TEST MIKA : 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> allowEmptyToken: false, session.auth_token: nil
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> auth_room: nil, room: room8@conference.meet.winlux.fr/62f12864
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> Will verify token for user:
> 62f12864-d0d7-4fb3-80e1-bd4e21095841@guest.meet.winlux.fr, room:
room8
> Apr 20 21:26:31 conference.meet.winlux.fr:token_verification debug
> token: nil , auth_room: nil
> Apr 20 21:26:31 mod_bosh error Traceback[bosh]:
> ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
argument #1
> to ‘lower’ (string expected, got nil)
> stack traceback:
>
> in France it’s 9PM and I will shutdown my computer soon :wink:
>
> thanks for your help !
>
> 2017-04-20 21:22 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>
>> yes ! very good news !
>> let me know if you want other things
>>
>>
>> 2017-04-20 21:19 GMT+02:00 Mickael Hubert <mickael@winlux.fr>:
>>>
>>> I’m sorry,
>>> I add some logs in mod_token_verification.lua.
>>> the line 76 for me it’s:
>>> if disableRoomNameConstraints ~= true and room ~=
string.lower(auth_room)
>>> then
>>> line 63 for the original:
>>> https://github.com/jitsi/jitsi-meet/blob/master/resources/pr
osody-plugins/mod_token_verification.lua
>>>
>>> and auth_room doesn’t exist, because I want access to the room
without
>>> token (I want be a guest). Access with token works fine, no problem
with
>>> this method.
>>>
>>> for me, I can see in the log (first email)
>>> 1) I connect with token --> OK (I’m the moderator)
>>> 2) When I connect without token, I go to the virtualHost
>>> “guest.meet.winlux.fr” --> OK
>>> 3) after, guest.meet.winlux.fr goes to component
>>> conference.meet.winlux.fr -->OK
>>> but this component uses token_verification module (normal with token
>>> method, but not working with guest method).
>>>
>>> I don’t know if my prosody conf is good or not. Or I don’t know the
way
>>> to not “route” guest access to the token module.
>>>
>>>
>>>
>>> 2017-04-20 20:46 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>>
>>>> Hi,
>>>>
>>>> can you try changing that problem line,
mod_token_verification.lua:76
>>>>
>>>> It is now: log(“debug”, “pre create: %s %s”, tostring(origin),
>>>> tostring(stanza));
>>>> Can you change it to: log(“debug”, “pre create: %s”,
tostring(stanza));
>>>> And enable debugging and test again.
>>>>
>>>> I think it is something about how you setup the domains, cause I
was
>>>> testing that part yesterday, cause I’m currently working on the jwt
>>>> stuff and this was working fine.
>>>>
>>>> Regards
>>>> damencho
>>>>
>>>>
>>>> On Thu, Apr 20, 2017 at 1:28 PM, Mickael Hubert <mickael@winlux.fr >>>> > >>>> >>>> wrote:
>>>> > Hi,
>>>> > without debug, it’s the same issue.
>>>> >
>>>> > prosody logs with I’m connected in admin (token):
>>>> > Apr 20 20:11:03 mod_bosh info New BOSH session, assigned
it sid
>>>> > ‘d16966f1-3207-4fc6-ba7b-9aeb20a65c26’
>>>> > Apr 20 20:11:03 boshd16966f1-3207-4fc6-ba7b-9aeb20a65c26 info
>>>> > Authenticated as 583f66e8-ffeb-4f4e-85f8-bd046a
c8d255@meet.winlux.fr
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416
Focus
>>>> > request
>>>> > for room: room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.authenticateJidW
ithSession().487
>>>> > Authenticated jid:
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
>>>> > with session:
>>>> > AuthSession[ID=b7051b9c-2535-4faf-8643-f55c276e0cde@meet.win
lux.fr,
>>>> >
>>>> > JID=1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55
e1b5-f309-40a0-bc51-8f26fd8761be,
>>>> > SID=06f72777-df9d-4ac8-b9eb-8878e95ec667,
>>>> > MUID=509b6ec16583852f96f4d2f918c4ac88, LIFE_TM_SEC=593,
>>>> > R=room8@conference.meet.winlux.fr]@829517297
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> >
>>>> > org.jitsi.jicofo.auth.AbstractAuthAuthority.notifyUserAuthen
ticated().397
>>>> > Jid
>>>> >
>>>> > 1acaef35-a8d3-4a0e-a3f8-abd058cfe1dc@meet.winlux.fr/9f55e1b5
-f309-40a0-bc51-8f26fd8761be
>>>> > authenticated as: b7051b9c-2535-4faf-8643-f55c27
6e0cde@meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.530 INFOS: [171]
>>>> > org.jitsi.jicofo.FocusManager.log() Created new focus for
>>>> > room6@conference.meet.winlux.fr@auth.meet.winlux.fr conferences
count:
>>>> > 2
>>>> > options:
>>>> > call_control: callcontrol.meet.winlux.fr
>>>> > channelLastN: -1
>>>> > enableLipSync: true
>>>> > openSctp: true
>>>> > disableRtx: false
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Lip-sync enabled
in
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.531 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Joining the room:
>>>> > room6@conference.meet.winlux.fr
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/focus, jid:
>>>> > null]@1175229885]
>>>> > Jicofo 2017-04-20 20:20:57.533 AVERTISSEMENT: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Focus role
unknown
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Obtained focus
role:
>>>> > OWNER
>>>> > Jicofo 2017-04-20 20:20:57.533 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/focus joined.
>>>> > Jicofo 2017-04-20 20:20:57.535 INFOS: [171]
>>>> > org.jitsi.jicofo.JitsiMeetRecording.log() No recorder service
>>>> > discovered -
>>>> > using JVB
>>>> > Jicofo 2017-04-20 20:20:57.702 INFOS: [160]
>>>> > org.jitsi.jicofo.ChatRoomRoleAndPresence.log() Chat room event
>>>> > ChatRoomMemberPresenceChangeEvent[type=MemberJoined
>>>> > sourceRoom=org.jitsi.impl.protocol.xmpp.ChatRoomImpl@6d1448bb
>>>> > member=ChatMember[room6@conference.meet.winlux.fr/1acaef35, jid:
>>>> > null]@500755682]
>>>> > Jicofo 2017-04-20 20:20:57.704 INFOS: [160]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Member
>>>> > room6@conference.meet.winlux.fr/1acaef35 joined.
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:25:41.558 INFOS: [325918]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3661”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:25:43.394 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19940”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:25:43.395 INFOS: [325919]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=7a92d43516b1ba4
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:25:43.398 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@19f9c54e
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [325919]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=922337203
6854775807
>>>> > JVB 2017-04-20 20:25:43.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=435799374 target_bps=0,bwe_bps=922337203
6854775807
>>>> > JVB 2017-04-20 20:25:43.403 INFOS: [325919]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@7ed837bd
>>>> > JVB 2017-04-20 20:25:43.417 INFOS: [325919]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19940”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> > Log when I tried to connect without token (guest mode):
>>>> > Apr 20 20:17:57 mod_bosh info New BOSH session, assigned
it sid
>>>> > ‘f40607cb-7566-4861-bbb8-aa53bc147345’
>>>> > Apr 20 20:17:59 boshf40607cb-7566-4861-bbb8-aa53bc147345 info
>>>> > Authenticated as
>>>> > 586f0adb-0f2c-4606-bd66-c27622103efd@guest.meet.winlux.fr
>>>> > Apr 20 20:18:02 mod_bosh error Traceback[bosh]:
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76: bad
>>>> > argument #1
>>>> > to ‘lower’ (string expected, got nil)
>>>> > stack traceback:
>>>> > [C]: in function ‘lower’
>>>> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
in
>>>> > function
>>>> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> > (tail call): ?
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/core/stanza_router.lua:189: in function
>>>> > ‘core_post_stanza’
>>>> > /usr/lib/prosody/core/stanza_router.lua:137: in function
>>>> > ‘dispatch_stanza’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:322: in function
‘func’
>>>> > /usr/lib/prosody/util/async.lua:90: in function
>>>> > </usr/lib/prosody/util/async.lua:88>
>>>> > stack traceback:
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/util/async.lua:163: in function ‘run’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:457: in function
>>>> > ‘cb_handlestanza’
>>>> > /usr/lib/prosody/util/xmppstream.lua:184: in function
>>>> > </usr/lib/prosody/util/xmppstream.lua:164>
>>>> > [C]: in function ‘parse’
>>>> > /usr/lib/prosody/util/xmppstream.lua:271: in function ‘feed’
>>>> > /usr/lib/prosody/modules/mod_bosh.lua:150: in function ‘?’
>>>> > /usr/lib/prosody/util/events.lua:78: in function
>>>> > </usr/lib/prosody/util/events.lua:74>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/http/server.lua:239: in function
>>>> > </usr/lib/prosody/net/http/server.lua:180>
>>>> > ...
>>>> > /usr/lib/prosody/net/http/server.lua:112: in function
>>>> > ‘process_next’
>>>> > /usr/lib/prosody/net/http/server.lua:128: in function
‘success_cb’
>>>> > /usr/lib/prosody/net/http/parser.lua:177: in function ‘feed’
>>>> > /usr/lib/prosody/net/http/server.lua:159: in function
>>>> > </usr/lib/prosody/net/http/server.lua:158>
>>>> > (tail call): ?
>>>> > /usr/lib/prosody/net/server_select.lua:920: in function
>>>> > </usr/lib/prosody/net/server_select.lua:895>
>>>> > [C]: in function ‘xpcall’
>>>> > /usr/bin/prosody:396: in function ‘loop’
>>>> > /usr/bin/prosody:427: in main chunk
>>>> > [C]: ?
>>>> >
>>>> > jicofo logs:
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Timing out single
>>>> > participant: room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:22:54.778 INFOS: [87]
>>>> > org.jitsi.jicofo.JitsiMeetConferenceImpl.log() Removed
participant:
>>>> > true,
>>>> > room7@conference.meet.winlux.fr/d7e6131e
>>>> > Jicofo 2017-04-20 20:23:12.266 INFOS: [169]
>>>> > org.jitsi.jicofo.xmpp.FocusComponent.handleConferenceIq().416
Focus
>>>> > request
>>>> > for room: room7@conference.meet.winlux.fr
>>>> >
>>>> > jvb logs:
>>>> > JVB 2017-04-20 20:27:21.560 INFOS: [326201]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
>>>> > id=“V9l6s-3671”
>>>> > type=“result” to=“jitsi-videobridge.meet.winlux.fr
>>>> > from=“meet.winlux.fr”/>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() RECV: <iq
type=“get”
>>>> > to=“jitsi-videobridge.meet.winlux.fr
>>>> > from="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > id=“q886c-19991”><healthcheck
>>>> > xmlns=“http://jitsi.org/protocol/healthcheck”/></iq>
>>>> > JVB 2017-04-20 20:27:23.394 INFOS: [326108]
>>>> > org.jitsi.videobridge.Videobridge.log() CAT=stat
>>>> > create_conf,conf_id=fad136c2ad8f27cf
>>>> > conf_name=null,logging=false,conf_count=1,ch_count=0,v_streams=0
>>>> > JVB 2017-04-20 20:27:23.398 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@559da20a
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [326108]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.399 INFOS: [36]
>>>> > org.jitsi.videobridge.cc.BitrateController.log()
>>>> > bitrate_ctrl,stream=1436393994
>>>> > target_bps=0,bwe_bps=9223372036854775807
>>>> > JVB 2017-04-20 20:27:23.402 INFOS: [326108]
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl.log() Creating a
>>>> > BandwidthEstimator for stream
>>>> > org.jitsi.impl.neomedia.VideoMediaStreamImpl@53684180
>>>> > JVB 2017-04-20 20:27:23.412 INFOS: [326108]
>>>> > org.jitsi.videobridge.xmpp.ComponentImpl.log() SENT: <iq
>>>> > id=“q886c-19991”
>>>> > to="focus@auth.meet.winlux.fr/focus49834168749676109"
>>>> > from=“jitsi-videobridge.meet.winlux.fr” type=“result”/>
>>>> >
>>>> >
>>>> > thanks for you help
>>>> >
>>>> > 2017-04-20 18:11 GMT+02:00 Damian Minkov <damencho@jitsi.org>:
>>>> >>
>>>> >> Hi,
>>>> >>
>>>> >> Hum, it can be that the print there is causing troubles, did you
>>>> >> tried
>>>> >> without enabling debug? Or at least comment that debug print
that is
>>>> >> giving the error?
>>>> >>
>>>> >> Regards
>>>> >> damencho
>>>> >>
>>>> >>
>>>> >> On Thu, Apr 20, 2017 at 1:47 AM, Mickael Hubert < >>>> mickael@winlux.fr> >>>> >>>> >> wrote:
>>>> >> > Hi all,
>>>> >> > I have an issue when I want access to my own jitsi instance
with
>>>> >> > user
>>>> >> > anonymous (guest).
>>>> >> >
>>>> >> > I already activated auth tohen to principal domain, It works
>>>> >> > perfectly.
>>>> >> > I can access as moderator with this link:
>>>> >> > https://meet.winlux.fr/room1#config.token=“eyJhbGciOiJI2hNs.
...”
>>>> >> >
>>>> >> > But when I want to access as guest (with no token)
>>>> >> > https://meet.winlux.fr/room1
>>>> >> >
>>>> >> > I have an issue:
>>>> >> > Prosody MUC enter in auth process
“mod_token_verification.lua”, but
>>>> >> > I
>>>> >> > haven’t token (I’m guest).
>>>> >> >
>>>> >> > For me, virtualhost “guest” go to “conference” component
(muc),
>>>> >> > and in
>>>> >> > this
>>>> >> > component there is modules_enabled = { “token_verification” }
>>>> >> >
>>>> >> > “”"
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > pre
>>>> >> > join: MUC room (room1@conference.meet.winlux.fr) <presence
>>>> >> > to=‘room1@conference.meet.winlux.fr/5934e5e9’
>>>> >> >
>>>> >> >
>>>> >> > from=‘5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux
.fr/906b41ed-4532-4c00-9cb0-e14aa9d38566’><x
>>>> >> > xmlns=‘http://jabber.org/protocol/muc’/><user-agent
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/user-agent’>Mozilla/5.0
(X11; Linux
>>>> >> > x86_64)
>>>> >> > AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133
>>>> >> > Safari/537.36</user-agent><c hash=‘sha-1’
>>>> >> > ver=‘bInwKC/7Lt0uq2Y1/f66QQKgRS4=’
>>>> >> > node=‘http://jitsi.org/jitsimeet
>>>> >> >
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/caps’/><devices><audio>tru
e</audio><video>true</video></devices><email>mickael@winlux.fr
</email><nick
>>>> >> >
>>>> >> > xmlns=‘http://jabber.org/protocol/nick’>portablemika</nick><
audiomuted
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/audio’>false</audiomuted><vi
deoType
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>camera</videoType><vi
deomuted
>>>> >> >
>>>> >> > xmlns=‘http://jitsi.org/jitmeet/video’>false</videomuted></p
>
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Session token: nil, session room: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/90
6b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > in
>>>> >> > admin with admin2:
>>>> >> >
>>>> >> >
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr/90
6b41ed-4532-4c00-9cb0-e14aa9d38566
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > TEST MIKA :
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > allowEmptyToken: false, session.auth_token: nil
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > auth_room: nil, room: room1@conference.meet.winlux.f
r/5934e5e9
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > Will verify token for user:
>>>> >> > 5934e5e9-9655-4548-a038-0d4f63f10ade@guest.meet.winlux.fr,
room:
>>>> >> > room1
>>>> >> > Apr 19 17:30:06 conference.meet.winlux.fr:token_verification
>>>> >> > debug
>>>> >> > token: nil , auth_room: nil
>>>> >> > Apr 19 17:30:06 mod_bosh error Traceback[bosh]:
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
bad
>>>> >> > argument
>>>> >> > #1
>>>> >> > to ‘lower’ (string expected, got nil)
>>>> >> > stack traceback:
>>>> >> > [C]: in function ‘lower’
>>>> >> > ...itsi-meet/prosody-plugins/mod_token_verification.lua:76:
in
>>>> >> > function
>>>> >> > <...itsi-meet/prosody-plugins/mod_token_verification.lua:34>
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/modules/muc/muc.lib.lua:515: in function
>>>> >> > </usr/lib/prosody/modules/muc/muc.lib.lua:455>
>>>> >> > (tail call): ?
>>>> >> > (tail call): ?
>>>> >> > /usr/lib/prosody/util/events.lua:78: in function
>>>> >> > </usr/lib/prosody/util/events.lua:74>
>>>> >> > “”"
>>>> >> >
>>>> >> > My prosody configuration:
>>>> >> >
>>>> >> > “”"
>>>> >> > -- Plugins path gets uncommented during jitsi-meet-tokens
package
>>>> >> > install -
>>>> >> > that’s where token plugin is located
>>>> >> > plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }
>>>> >> > --
>>>> >> > --HELP: https://github.com/jitsi/jicofo
>>>> >> > --https://bremensaki.com/2015/03/19/configuring-prosody/
>>>> >> >
>>>> >> > VirtualHost “meet.winlux.fr
>>>> >> > -- enabled = false -- Remove this line to enable this
host
>>>> >> > --authentication = “anonymous”
>>>> >> > --authentication = “internal_plain” -- NO LOGIN WITH
DOT
>>>> >> > !!!
>>>> >> > mhubert
>>>> >> > => OK, m.hubert => NOK !!!!!!!!!!!!
>>>> >> > -- authentication = “internal_hash”
>>>> >> > -- Properties below are modified by jitsi-meet-tokens
>>>> >> > package
>>>> >> > config
>>>> >> > -- and authentication above is switched to “token”
>>>> >> > authentication = “token”;
>>>> >> > app_id="********"
>>>> >> > app_secret="******"
>>>> >> > allow_empty_token=false
>>>> >> > -- Assign this host a certificate for TLS, otherwise
it
>>>> >> > would
>>>> >> > use
>>>> >> > the one
>>>> >> > -- set in the global section (if any).
>>>> >> > -- Note that old-style SSL on port 5223 only supports
one
>>>> >> > certificate, and will always
>>>> >> > -- use the global one.
>>>> >> > ssl = {
>>>> >> > --key = “/etc/prosody/certs/meet.winlu
x.fr.key”;
>>>> >> > key = “/etc/prosody/certs/privkey.pem”;
>>>> >> > --certificate =
>>>> >> > “/etc/prosody/certs/meet.winlux.fr.crt”;
>>>> >> > certificate = “/etc/prosody/certs/fullchain.
pem”;
>>>> >> > }
>>>> >> > -- we need bosh
>>>> >> > modules_enabled = {
>>>> >> > “bosh”;
>>>> >> > “pubsub”;
>>>> >> > “ping”; -- Enable mod_ping
>>>> >> > “admin_telnet”;
>>>> >> > }
>>>> >> >
>>>> >> > --storage = “sql”
>>>> >> > --sql = { driver = “MySQL”, database = “jitsi”, username =
>>>> >> > “jitsi”,
>>>> >> > password = “********”, host = “localhost” }
>>>> >> >
>>>> >> > Component “conference.meet.winlux.fr” “muc”
>>>> >> > modules_enabled = { “token_verification” }
>>>> >> > admins = { "focus@auth.meet.winlux.fr" }
>>>> >> > -- restrict_room_creation = “local”
>>>> >> > -- restrict_room_creation = true
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/conference.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/conference.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “jitsi-videobridge.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/jitsi-videobridge.meet.winlux.fr
.key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “auth.meet.winlux.fr
>>>> >> > authentication = “internal_plain”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/auth.meet.wi
nlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/auth.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > VirtualHost “guest.meet.winlux.fr
>>>> >> > authentication = “anonymous”
>>>> >> > allow_empty_token=true
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/guest.meet.w
inlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/guest.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > Component “focus.meet.winlux.fr
>>>> >> > component_secret = “*****”
>>>> >> > ssl = {
>>>> >> > certificate = “/var/lib/prosody/focus.meet.w
inlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/focus.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> >
>>>> >> > Component “callcontrol.meet.winlux.fr
>>>> >> > component_secret = “******”
>>>> >> > ssl = {
>>>> >> > certificate =
>>>> >> > “/var/lib/prosody/callcontrol.meet.winlux.fr.crt”;
>>>> >> > key = “/var/lib/prosody/callcontrol.meet.winlux.fr.key”;
>>>> >> > }
>>>> >> > “”"
>>>> >> >
>>>> >> > Deb packet installed:
>>>> >> > “”"
>>>> >> > drwxr-xr-x 2 root root 4,0K avril 19 08:51 .
>>>> >> > drwxr-xr-x 13 hubertm hubertm 4,0K avril 19 08:46 ..
>>>> >> > -rw-r--r-- 1 root root 25M avril 14 18:26
>>>> >> > jicofo_1.0-346-1_amd64.deb
>>>> >> > -rw-r--r-- 1 root root 2,7K avril 19 00:26
>>>> >> > jitsi-meet_1.0.2013-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,5K avril 19 00:00
>>>> >> > jitsi-meet-prosody_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,0K avril 19 00:00
>>>> >> > jitsi-meet-tokens_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 5,4M avril 19 00:00
>>>> >> > jitsi-meet-web_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 9,2K avril 19 00:00
>>>> >> > jitsi-meet-web-config_1.0.1906-1_all.deb
>>>> >> > -rw-r--r-- 1 root root 30M avril 19 00:24
>>>> >> > jitsi-videobridge_934-1_amd64.deb
>>>> >> >
>>>> >> > “”"
>>>> >> >
>>>> >> > Do you have an idea ? is it possible to have token and guest
in the
>>>> >> > same
>>>> >> > room ?
>>>> >> >
>>>> >> > big thanks in advance :wink:
>>>> >> >
>>>> >> >
>>>> >> > _______________________________________________
>>>> >> > users mailing list
>>>> >> > users@jitsi.org
>>>> >> > Unsubscribe instructions and other list options:
>>>> >> > http://lists.jitsi.org/mailman/listinfo/users
>>>> >>
>>>> >> _______________________________________________
>>>> >> users mailing list
>>>> >> users@jitsi.org
>>>> >> Unsubscribe instructions and other list options:
>>>> >> http://lists.jitsi.org/mailman/listinfo/users
>>>> >
>>>> >
>>>> >
>>>> > _______________________________________________
>>>> > users mailing list
>>>> > users@jitsi.org
>>>> > Unsubscribe instructions and other list options:
>>>> > http://lists.jitsi.org/mailman/listinfo/users
>>>>
>>>> _______________________________________________
>>>> users mailing list
>>>> users@jitsi.org
>>>> Unsubscribe instructions and other list options:
>>>> http://lists.jitsi.org/mailman/listinfo/users
>>>
>>>
>>
>
>
> _______________________________________________
> users mailing list
> users@jitsi.org
> Unsubscribe instructions and other list options:
> http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users