Authentication support?
-
@nebulon Interesting phenomenon: there is a folder in Prosody that cannot be accessed via the Web Filemanger. In the terminal, this is not a problem.
@luckow that seems to be a filemanager client side bug. Thanks for reporting.
Regardless of that, I do wonder if that folder needs to be there in the first place. There is nothing which should be changed or touched by the admin without risking breaking, so I think I will move most of that, if not all to
/run -
@nebulon I just installed a fresh install to see/ test LDAP support but when installing it just talks about "Dahboard visibility" not "User management" like other LDAP enabled apps:
@jdaviescoates How did you get the "Dashboard visibility" option? I just tried a fresh install on 7.1.2 but am presented with the default "user management" option. If I continue with the Jitsi install, the app does not require a login.
-
@jdaviescoates How did you get the "Dashboard visibility" option? I just tried a fresh install on 7.1.2 but am presented with the default "user management" option. If I continue with the Jitsi install, the app does not require a login.
To be clear for everyone: Since jitsi app package version 0.1.0 did not have any sso/ldap integration, everyone was seeing the dashboard visibility. Once on v0.2.0 this changes, since it is integrated. App package version 0.2.0 is only available for Cloudron v7.1.2 though, which is only available as a pre-release so far. So if you want to try jitsi v0.2.0, you have to manually update your Cloudron first.
-
@jdaviescoates How did you get the "Dashboard visibility" option? I just tried a fresh install on 7.1.2 but am presented with the default "user management" option. If I continue with the Jitsi install, the app does not require a login.
@hakunamatata said in Authentication support?:
@jdaviescoates How did you get the "Dashboard visibility" option? I just tried a fresh install on 7.1.2 but am presented with the default "user management" option. If I continue with the Jitsi install, the app does not require a login.
I'm still on 7.0.4 so I'm also still on the 0.1.0 version of the app package, that's why.
-
There is some confusion about the guest mode in jitsi and it interferes with the ldap auth. I am not sure yet why and what the behavior should be, but I published a new package v0.3.0 which is ldap always on now. Given, that this will not allow guests to join a conference, this is not the final intended status.
-
There is some confusion about the guest mode in jitsi and it interferes with the ldap auth. I am not sure yet why and what the behavior should be, but I published a new package v0.3.0 which is ldap always on now. Given, that this will not allow guests to join a conference, this is not the final intended status.
@nebulon I just installed 0.3.0 and it seems that now only internal meetings between registered users of my cloudron are possible. How can I invite external guests so that they can join the meeting without being a cloudron user? If I had to choose between an open jitsi where everybody can start a meeting and a closed one only for registered cloudron users I'd like to have the open version like 0.1.0 back please
-
@nebulon I just installed 0.3.0 and it seems that now only internal meetings between registered users of my cloudron are possible. How can I invite external guests so that they can join the meeting without being a cloudron user? If I had to choose between an open jitsi where everybody can start a meeting and a closed one only for registered cloudron users I'd like to have the open version like 0.1.0 back please
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- public (open to all / without authentication).
- internal (only ldap users)
- internal/public (only ldap users can initiate a conference, then guests are allowed)
- jwt (token based authentication for e.g. nextcloud, rocket.chat ...).
From my point of view, we should start with internal/public. Then from there we see what is possible with some kind of "switch" in an env file.
In the end: if we need different jitsi settings to satisfy different use cases, we need to install them separately. By the way: the same is true for Greenlight (the BigBlueButton frontend).Pronouns: he/him | Primary language: German
-
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- public (open to all / without authentication).
- internal (only ldap users)
- internal/public (only ldap users can initiate a conference, then guests are allowed)
- jwt (token based authentication for e.g. nextcloud, rocket.chat ...).
From my point of view, we should start with internal/public. Then from there we see what is possible with some kind of "switch" in an env file.
In the end: if we need different jitsi settings to satisfy different use cases, we need to install them separately. By the way: the same is true for Greenlight (the BigBlueButton frontend).@luckow said in Authentication support?:
From my point of view, we should start with internal/public.
Exactly. +1
-
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- public (open to all / without authentication).
- internal (only ldap users)
- internal/public (only ldap users can initiate a conference, then guests are allowed)
- jwt (token based authentication for e.g. nextcloud, rocket.chat ...).
From my point of view, we should start with internal/public. Then from there we see what is possible with some kind of "switch" in an env file.
In the end: if we need different jitsi settings to satisfy different use cases, we need to install them separately. By the way: the same is true for Greenlight (the BigBlueButton frontend).@luckow said in Authentication support?:
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- internal/public (only ldap users can initiate a conference, then guests are allowed)
That ressembles much as my point of view too, for what would be primary needs to start with.
By the way: the same is true for Greenlight (the BigBlueButton frontend).
Yep, and AFACS that app works pretty well.
BTW, may I put a double Kudos! Here as well as for the recent 7.1 version work from our super folks @girish and @nebulon which are among the best software engineers I've seen and worked with online in my 20 and dust on the 'information superhighway' career lol
Thanks for your dedication guys, really.
Ignorance is not an excuse anymore!
https://AutomateKit.com -
@luckow said in Authentication support?:
@jan-reinhardt As I understand it, there are several options that are not compatible with each other:
- internal/public (only ldap users can initiate a conference, then guests are allowed)
That ressembles much as my point of view too, for what would be primary needs to start with.
By the way: the same is true for Greenlight (the BigBlueButton frontend).
Yep, and AFACS that app works pretty well.
BTW, may I put a double Kudos! Here as well as for the recent 7.1 version work from our super folks @girish and @nebulon which are among the best software engineers I've seen and worked with online in my 20 and dust on the 'information superhighway' career lol
Thanks for your dedication guys, really.@micmc I totally agree that internal/public would be perfect. But if this is not yet possible imho public is much better than internal because I can use the public jitsi server immediatly to work with my clients (this is what I did over the last two weeks and it performed great). The 'internal only' version means that I have to use Zoom etc. again...
-
@micmc I totally agree that internal/public would be perfect. But if this is not yet possible imho public is much better than internal because I can use the public jitsi server immediatly to work with my clients (this is what I did over the last two weeks and it performed great). The 'internal only' version means that I have to use Zoom etc. again...
@jan-reinhardt As a quick (dirty) workaround: add a user guest with the password guest to your Cloudron ldap and only allow this user to access your jitsi instance. Tell your clients that they must use guest:guest for authentication.
-
@jan-reinhardt As a quick (dirty) workaround: add a user guest with the password guest to your Cloudron ldap and only allow this user to access your jitsi instance. Tell your clients that they must use guest:guest for authentication.
-
For some reason the LDAP authentication isn't working for me. I tried a fresh install of package v.0.2.0 and v0.3.0 on my server (v7.1.2) but my Jitsi instance is still public.
@hakunamatata have tried to actually start a meeting? With version 0.3 anyone can still access the page where you can create a meeting but when you actually join the meeting it asks for authentication.
-
@hakunamatata have tried to actually start a meeting? With version 0.3 anyone can still access the page where you can create a meeting but when you actually join the meeting it asks for authentication.
@avatar1024 This was the missing link! Yes I am prompted for authentication after I start a meeting. Thanks for the clarification!
-
So the latest package v0.4.0 now has LDAP enabled and fixes the guest mode. Each conference can be started by an authenticated user and then guests can join.
Optional LDAP will probably come as well.
@nebulon There appear to be App upgrade issues.
From all the Jitsi updates, the app updates into a non responding state.
It may be a combo of the fixed port at 10000 and addon changes.
This also makes it impossible to have more than one instance installed, if one were to test/troubleshoot ;-/
What I found works is uninstalling the app, then reinstalling, but that doesn't help fix the bug of it not upgrading properly.
See the Jitsi support email if you want to log in and check things out.
-
@nebulon There appear to be App upgrade issues.
From all the Jitsi updates, the app updates into a non responding state.
It may be a combo of the fixed port at 10000 and addon changes.
This also makes it impossible to have more than one instance installed, if one were to test/troubleshoot ;-/
What I found works is uninstalling the app, then reinstalling, but that doesn't help fix the bug of it not upgrading properly.
See the Jitsi support email if you want to log in and check things out.
@robi unfortunately jitsi as such does not support port changes, so this needs to be possible upstream.
For upgrades, as always with unstable apps, we don't care of migration. I can tell you already that likely the next jitsi update today will also require a reinstall. It just makes little sense to deal with config file or data migration while we haven't settled on the storage way yet.
