Secure Rooms and Authentication


#1

Hi,

I manage to configure the secure domain following the guide https://github.com/jitsi/jicofo#secure-domain. Jitsi prompts a login for the host and the rest of the users can join that call (great!!).

What I actually need is that the rest of the users should also be authenticated before joining. Is there a way to prompt the login every time that a user wants to join or create a videoconference? or What approach should I use here?

Thanks,
Fiury


#2

Just remove the guest… domain from config.js and prosody config.


#3

Oh ok cool, thanks @damencho , I thought the guest was required somehow.


#4

Is there any way to parse Random room name and password in url each time we generate at our end? So that each session has separate room name and separate password and never used again? It locks the room with random password automatically when admin enters into a room?


#5

No such features. If you are embedding jitsi-meet in another app you can gain more control when using jwt, you can pass clients jwt tokens, valid for some time and valid for just one room and allow users to access it only with jwt.


#6

@damencho, Can’t we open multiple conferences in once with a different token for each conf room for both issuer and audience separately?

I wanted to “Add Password” feature not in the room but outside the room while we input Room name at Welcome Page so that 3 users can only enter into the room if password/token matched and all simultaneous rooms with different password/token.

Suppose, Admin 1(nickname) enter room “abcd” with password “1234”
Admin 2 enters room “xyz” with password “5678” in another browser tab (obviously with disabled mic & video)
Admin 3 enters room “uvw” with password “7890” in another tab

all 3 instances at the same time … Is it possible to enter and parse password while entering room at welcome page if we modify it? e.g. Input1 Room: abcd ; Input2 Password: 1234 [GO]

Now admin and guest enters room abcd with matching password and simultaneously other sessions on another tab like this?


#7

Is it possible with Tokens?


#8

Tokens can specify room * which will make the token valid for all rooms.


#9

But the same token?? not different token for all other rooms? I want to start simultaneously several conferences at once. and once user knows the token, he may enter in any room?


#10

Yes, if you enable room verification module, the token will be checked whether the user has access to the room he want to enter. If the room in the token is * this means that the token is valid for all rooms and he can access whatever room name is entered.


#11

I Understand @damencho. It secures room but we can’t change token like passwords. Like token is parsed in url, it would be good for me if we could parse different passwords too before joining the room. :slight_smile:


#12

I stuck with this error installing of jitsi token to try with this system.


#13

@damencho…I read one of your post …which prosody trunk have you installed on your bionic?
I have tried using bionic 747, 860, 1074…I have configured correctly, I believe…do you think the Authentication error may be due to incompatible version…?


#14

We are currently using 747 for meet.jit.si and all our deployments.


#15

747 xenial or trusty?


#16

we use 747 on bionic


#17

but there are no bionic version…xenial and trusty were present at that time…i think in 2017


#18

We just download the deb package and install it, aaa I understand now what you mean.
I just checked my deployment I have this installed 1nightly747-1~trusty and

$ lsb_release -a
Description:	Ubuntu 18.04.2 LTS

#19

anyway thanks…I have tried using jwt authentication suggested by you …but I failed to config as I am getting this error finally.