I just reconfigured my Jitsi-Meet installation to use Active-Directory-Auth and keep rooms persistent. But there is one thing I noticed: When a user want’s to create a Room, he has to authenticate only once. For every other room he enteres, he will be authenticated automatically. That’s weird because this way you can “hijack” another room. Example: User A creates Room A, has to enter credentials. User B creates Room B, has to enter credentials. Both leave their rooms. User A enters Room B. Doesn’t have to enter credentials and is granted moderator rights.
Looks like there is some sort of SessionID or Tokes working in the background.
The only way to get around this is to delete the browser cache.
I’m running Ubuntu 20.04 with Jitsi-Meet installed from the repository.
Joined the machine into AD and configured saslauthd to use PAM.
Finally followed this tutorial for persistent rooms:Persistent Passwords on Self Hosted Rooms
Edit: How can i deactivate this autologon?