Authentication support?
-
@luckow said in Authentication support?:
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- internal/public (only ldap users can initiate a conference, then guests are allowed)
That ressembles much as my point of view too, for what would be primary needs to start with.
By the way: the same is true for Greenlight (the BigBlueButton frontend).
Yep, and AFACS that app works pretty well.
BTW, may I put a double Kudos! Here as well as for the recent 7.1 version work from our super folks @girish and @nebulon which are among the best software engineers I've seen and worked with online in my 20 and dust on the 'information superhighway' career lol
Thanks for your dedication guys, really.
@micmc I totally agree that internal/public would be perfect. But if this is not yet possible imho public is much better than internal because I can use the public jitsi server immediatly to work with my clients (this is what I did over the last two weeks and it performed great). The 'internal only' version means that I have to use Zoom etc. again...
-
@micmc I totally agree that internal/public would be perfect. But if this is not yet possible imho public is much better than internal because I can use the public jitsi server immediatly to work with my clients (this is what I did over the last two weeks and it performed great). The 'internal only' version means that I have to use Zoom etc. again...
@jan-reinhardt As a quick (dirty) workaround: add a user guest with the password guest to your Cloudron ldap and only allow this user to access your jitsi instance. Tell your clients that they must use guest:guest for authentication.
-
@jan-reinhardt As a quick (dirty) workaround: add a user guest with the password guest to your Cloudron ldap and only allow this user to access your jitsi instance. Tell your clients that they must use guest:guest for authentication.
-
For some reason the LDAP authentication isn't working for me. I tried a fresh install of package v.0.2.0 and v0.3.0 on my server (v7.1.2) but my Jitsi instance is still public.
@hakunamatata have tried to actually start a meeting? With version 0.3 anyone can still access the page where you can create a meeting but when you actually join the meeting it asks for authentication.
-
@hakunamatata have tried to actually start a meeting? With version 0.3 anyone can still access the page where you can create a meeting but when you actually join the meeting it asks for authentication.
@avatar1024 This was the missing link! Yes I am prompted for authentication after I start a meeting. Thanks for the clarification!
-
So the latest package v0.4.0 now has LDAP enabled and fixes the guest mode. Each conference can be started by an authenticated user and then guests can join.
Optional LDAP will probably come as well.
@nebulon There appear to be App upgrade issues.
From all the Jitsi updates, the app updates into a non responding state.
It may be a combo of the fixed port at 10000 and addon changes.
This also makes it impossible to have more than one instance installed, if one were to test/troubleshoot ;-/
What I found works is uninstalling the app, then reinstalling, but that doesn't help fix the bug of it not upgrading properly.
See the Jitsi support email if you want to log in and check things out.
-
@nebulon There appear to be App upgrade issues.
From all the Jitsi updates, the app updates into a non responding state.
It may be a combo of the fixed port at 10000 and addon changes.
This also makes it impossible to have more than one instance installed, if one were to test/troubleshoot ;-/
What I found works is uninstalling the app, then reinstalling, but that doesn't help fix the bug of it not upgrading properly.
See the Jitsi support email if you want to log in and check things out.
@robi unfortunately jitsi as such does not support port changes, so this needs to be possible upstream.
For upgrades, as always with unstable apps, we don't care of migration. I can tell you already that likely the next jitsi update today will also require a reinstall. It just makes little sense to deal with config file or data migration while we haven't settled on the storage way yet.
-
@robi unfortunately jitsi as such does not support port changes, so this needs to be possible upstream.
For upgrades, as always with unstable apps, we don't care of migration. I can tell you already that likely the next jitsi update today will also require a reinstall. It just makes little sense to deal with config file or data migration while we haven't settled on the storage way yet.
-
So the latest package v0.4.0 now has LDAP enabled and fixes the guest mode. Each conference can be started by an authenticated user and then guests can join.
Optional LDAP will probably come as well.
@nebulon I'm still getting the authentication issue, when I use my Cloudron login username, it doesn't authenticate me, and says incorrect pwd or username. Then I tried my Cloudron email, it just connecting...
Do I need to change/add something in the "jitsi-meet-config.js"? -
@nebulon I'm still getting the authentication issue, when I use my Cloudron login username, it doesn't authenticate me, and says incorrect pwd or username. Then I tried my Cloudron email, it just connecting...
Do I need to change/add something in the "jitsi-meet-config.js"? -
I'm just wondering the opposite.
Is it possible to run Jitsi on Cloudron without any authentication? So that anyone can start a room? (I potentially have a client who wants to do this)
Or is @luckow suggestion still the best/ only way to achieve that?
@luckow said in Authentication support?:
@jan-reinhardt As a quick (dirty) workaround: add a user guest with the password guest to your Cloudron ldap and only allow this user to access your jitsi instance. Tell your clients that they must use guest:guest for authentication.
Or can we now do all the options outlined by @luckow here (and if so, how - if someone tells me, I'll add the details to the currently very sparse docs)
@luckow said in Authentication support?:
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- public (open to all / without authentication).
- internal (only ldap users)
- internal/public (only ldap users can initiate a conference, then guests are allowed)
- jwt (token based authentication for e.g. nextcloud, rocket.chat ...).
Thanks!
-
I'm just wondering the opposite.
Is it possible to run Jitsi on Cloudron without any authentication? So that anyone can start a room? (I potentially have a client who wants to do this)
Or is @luckow suggestion still the best/ only way to achieve that?
@luckow said in Authentication support?:
@jan-reinhardt As a quick (dirty) workaround: add a user guest with the password guest to your Cloudron ldap and only allow this user to access your jitsi instance. Tell your clients that they must use guest:guest for authentication.
Or can we now do all the options outlined by @luckow here (and if so, how - if someone tells me, I'll add the details to the currently very sparse docs)
@luckow said in Authentication support?:
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- public (open to all / without authentication).
- internal (only ldap users)
- internal/public (only ldap users can initiate a conference, then guests are allowed)
- jwt (token based authentication for e.g. nextcloud, rocket.chat ...).
Thanks!
@jdaviescoates said in Authentication support?:
Is it possible to run Jitsi on Cloudron without any authentication? So that anyone can start a room? (I potentially have a client who wants to do this)
Yes, just choose to have jitsi manage its own users and it's open by default.
-
@jdaviescoates said in Authentication support?:
Is it possible to run Jitsi on Cloudron without any authentication? So that anyone can start a room? (I potentially have a client who wants to do this)
Yes, just choose to have jitsi manage its own users and it's open by default.
@robi cool, thanks figured that might be the case, thanks for confirming! (I probably should've just tried it!)
-
@nebulon I'm still getting the authentication issue, when I use my Cloudron login username, it doesn't authenticate me, and says incorrect pwd or username. Then I tried my Cloudron email, it just connecting...
Do I need to change/add something in the "jitsi-meet-config.js"?@Aizat said in Authentication support?:
@nebulon I'm still getting the authentication issue, when I use my Cloudron login username, it doesn't authenticate me, and says incorrect pwd or username. Then I tried my Cloudron email, it just connecting...
Do I need to change/add something in the "jitsi-meet-config.js"?Hello, have you been able to solve this problem? I would like to use the cloudron authentication...
-
-
Is this feature on the roadmap?
@YurkshireLad said in Authentication support?:
Is this feature on the roadmap?
I think it already exists.
There are various ways to configure it. I've got it set-up to allow LDAP users to start a meeting and then anyone else to join.
-
Hey all,
Just running into troubles on this a bit with the LDAP authentication, and wondering if someone who has walked this road has some advice.
I'm following these instructions: https://jitsi.github.io/handbook/docs/devops-guide/secure-domain
The first step has me edit a file in /etc/prosody/conf.avail
Except... that's obviously a read-only file (because it's not part of the mount with Docker.I'm pretty sure the only step I'll be able to do is the 2nd one... but is that sufficient?
Is there a different set of steps I should be following to enable LDAP for Jitsi?
Thanks.
