Prosody XMPP XEP-198 resume item-not-found with authentication = jitsi-anonymous

Hi,

We currently have a problem with our prosody not reconnecting our users properly with websockets. We are only using lib-jitsi-meet and our own docker AWS infrastructure based on your docker-jitsi-meet.
The base docker has been modified since we wanted JVBs to run separately and we are behind load balancers, using nginx to proxy connections for XMPP websockets and colibri webservices.

We have been trying various configurations including different authentication modes (anonymous, token with allow empty tokens and now jitsi-anonymous with the plugin we retrieved from august changes).

We do have logs XMPP (client and server side) is trying to reconnect but then fails since it doesn’t find session with “prevId”, thus returning an “item-not-found” error. We can confirm the session still exists and is only destroyed later on jicofo.

Client side :
2021-09-27T09:03:43.574Z [modules\statistics\statistics.js] <Function.b.sendAnalyticsAndLog>: {"type":"operational","action":"connection.failed","attributes":{"error_type":"connection.droppedError","error_message":"item-not-found","suspend_time":2368,"time_since_last_success":42310}}

After auth mechanism “ANONYMOUS” success
<stream:features xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams'><c ver='FWtCjROV71oUv2ldWLh9f3KSHxM=' node='http://prosody.im' xmlns='http://jabber.org/protocol/caps' hash='sha-1'/><ver xmlns='urn:xmpp:features:rosterver'/><bind xmlns='urn:ietf:params:xml:ns:xmpp-bind'><required/></bind><session xmlns='urn:ietf:params:xml:ns:xmpp-session'><optional/></session><sm xmlns='urn:xmpp:sm:2'><optional/></sm><sm xmlns='urn:xmpp:sm:3'><optional/></sm></stream:features>

<resume h="25" previd="979a2f46-2f09-4d66-b858-3becc88a128e" xmlns="urn:xmpp:sm:3"/>

<failed xmlns='urn:xmpp:sm:3'><item-not-found xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/></failed>

We enabled “smacks” in jitsi-meet.cfg.lua and, as said earlier do not use JWT but jitsi-anonymous though we have been trying token with allow empty values and anonymous on previous versions :

VirtualHost "{{ .Env.XMPP_DOMAIN }}"
{{ if $ENABLE_AUTH }}
  {{ if eq $AUTH_TYPE "jwt" }}
    authentication = "{{ $JWT_AUTH_TYPE }}"
    app_id = "{{ .Env.JWT_APP_ID }}"
    app_secret = "{{ .Env.JWT_APP_SECRET }}"
    allow_empty_token = true
    {{ if $JWT_ASAP_KEYSERVER }}
    asap_key_server = "{{ .Env.JWT_ASAP_KEYSERVER }}"
    {{ end }}

    {{ else if eq $AUTH_TYPE "ldap" }}
    authentication = "cyrus"
    cyrus_application_name = "xmpp"
    allow_unencrypted_plain_auth = true
  {{ else if eq $AUTH_TYPE "internal" }}
    authentication = "internal_hashed"
  {{ end }}
{{ else }}
    authentication = "jitsi-anonymous"
{{ end }}

Here is part of our configuration inside prosody.cfg.lua :

consider_websocket_secure = true;
cross_domain_websocket = true;
smacks_max_unacked_stanzas = 5;
smacks_hibernation_time = 60;
smacks_max_hibernated_sessions = 1;
smacks_max_old_sessions = 1;

Running out of ideas to make our client capable of reconnecting on Firefox (92.0) and Chrome (94).

We are using the latest versions of Prosody, Jicofo and JVB.

Thanks in advance if you have any advice or clue about how to fix XMPP stream management resumption.

Regards

1 Like