we are running a Jitsi system which needs authentication for creation of the rooms. We used until now dedicated local accounts. But want to access an AD. We tested ldap2 and it worked, but created a lot effort for the network connection. We decided to give SAML a try.
I set up a new single small test system from ground with the last jitsi version. And configured the login. Worked without any problem. Then I used the documentation https://github.com/jitsi/jicofo/blob/master/doc/shibboleth.md to set up shibboleth. After some small changes in the nginx config, because the regular expression priority was too low, I was able to handle the Metadatafiles in both directions and connect and login into the IdP by using /login or /Shibboleth.sso/Login.
Then I tried it with jitsi and it did not work. The result was exactly the same as described here https://community.jitsi.org/t/struggling-with-shibboleth-auth-in-update-2-0-5765/97824. If I press the button in the login Box. I get the try to connect message and that’s it. I do not see any connection over nginx to login over shibboleth into the IdP. And quite clear also no transaction in Shibboleth. I saw also a lot of focus requests. As mentioned exactly the same behaviour as described in the linked problem, but if I understand it right this has been fixed long time ago.
jicofo.txt (548 Bytes)
sip-communicator.txt (148 Bytes)
test.de.cfg.txt (4.8 KB)
I didn’t change a lot in the Jitsi config. I expect that I missed something. Any help would be really appreciated