Openfire Meetings - focus user and ofmeet-focus host?

Michal7 · October 28, 2016, 7:56pm

Hi,

I’m trying to configure Openfire to use Openfire Meetings plugin, but still get some error with focus user (and focu host and other focus-related issues). Here is my config:

Openfire 4.0.3
Active Directory (LDAP) integration
Openfire Meetings 0.3.9

User authentication with AD works like a charm. I’ve created two accounts in AD dedicated for Openfire - one is for ldap.adminDN and the other is for this magic FOCUS user.

As far as I can understand, it doesn’t have to be ‘focus’ name of this user, am I right? There is attribute called “Focus JID” and “Focus Password” so it could be any of my users. Of course it has granted admin rights for ‘conference’ service and it can create rooms in that service. No mather how i call yhis user (I even tried FOCUS) the problem still exists: When I enter the

https://my_server:7443/ofmeet/?r=roomname

I can’t see any video nor audio. In the right lower corner dispalus error:

ofmeet-focus.mydomain.int - not available. Retry in… seconds

What is this ofmeet-focus.mydomain.int?? In terror log I can see

2016.10.28 21:46:18 INFO [pool-15-thread-2]: org.jivesoftware.openfire.session.LocalOutgoingServerSession[Create outgoing session for: mydomain.int to ofmeet-focus.mydomain.int] - Unable to create new session: Cannot create a plain socket connection with any applicable remote host.

2016.10.28 21:46:18 WARN [pool-15-thread-2]: org.jivesoftware.openfire.session.LocalOutgoingServerSession[Authenticate local domain: ‘mydomain.int’ to remote domain: ‘ofmeet-focus.mydomain.int’] - Unable to authenticate: Fail to create new session.

2016.10.28 21:46:50 WARN [pool-15-thread-3]: org.jivesoftware.openfire.net.SocketUtil - Unable to create a socket connection to XMPP domain ‘ofmeet-focus.mydomain.int’ using remote host: ofmeet-focus.mydomain.int:5269. Cause: ofmeet-focus.mydomain.int (a full stacktrace is logged on debug level)

2016.10.28 21:46:50 WARN [pool-15-thread-3]: org.jivesoftware.openfire.net.SocketUtil - Unable to create a socket connection to XMPP domain ‘ofmeet-focus.mydomain.int’: Unable to connect to any of its remote hosts.

Where can I change this ofmeet-focus thing? what is it used for?

under https://my_server:7443/ofmeet/config I can see something like:

var config = {

hosts: {

    domain: 'mydomain.int',

    muc: 'conference.mydomain.int',

    bridge: 'ofmeet-jitsi-videobridge.mydomain.int',

    call_control: null,

    focus: 'ofmeet-focus.mydomain.int',

},

but I can’t see where I could change those vars. And should I…?

Please, could anyone explain me all those things with focus user and host? What is this and how does it not work?

Dele_Olajide · October 29, 2016, 9:42am

Download latest version of plugin and read documentation from here GitHub - igniterealtime/community-plugins: Home for Openfire plugins that are not included in the core set of plugins

Michal7 · November 2, 2016, 6:50pm

Ok, I think it was a problem with the naming convention of focus user - name@XMPPdomain instead of name@ADdomain. Now users can enter the room, they can chat, they can see their own video, but no video of other users. When they connect “directly” through Jitsi or other XMPP client they can see video and audio. What can be wrong?

And one very important question about authentication: while users enters the room they have to log in (browser displays authentication request), but on the user list they appears as ofmeet1234 (random login) - is it possible to use their real names? and is it possible to restrict room creation? In openfire I have disabled room creation, but when I login to ofmeet I can give any room name, and this room is created and others can enter this room. This not very safe and I’d like to prohibit this behaviour.

Dele_Olajide · November 3, 2016, 12:09pm

Michal7 · November 4, 2016, 1:33pm

Ok,

now I know it’s working - I just was able to “enter” any room by typing it’s name in URL so i though it is created on the server. Now I can see, that when I enter such room that is not created on the server, it exists only in my browser - even if other user types the same room name, we cannot comunicate.

It was not so easy to discover this, because I can’t make any video or audio connection - When a few users enters one room (created earlier on the server), they cam see that someone else is on the room, they can type chat messages, but they can see only it’s own video. I have no idea where the problem is. I’ve read somewhere, that such problems could be in Chrome with Windows 10. Is it true?

Michal7 · November 6, 2016, 10:00pm

There is one more strange thing: in documentation at github there is a screenshot with meetings summary:

My meetings summary is always empty - even if there are people in conference room (no audio nor video - as I’ve mentioned earlier). Is it normal?? In user list of the room at server I can see only real participants - should there also be a focus user?

Dele_Olajide · November 7, 2016, 10:37am

Empty means your messaging and signalling is working and all participants can enter chat room and chat, but no videobridge was created for the room. You need to look at Openfire log files to see why.

i suggest you use plugin version 0.3.27 and above. It has better logging

Michal7 · November 7, 2016, 1:18pm

Delle, Thank you very much for your engagement (and patience too ) but I still can’t get it working: Which log should i check? In C:\Openfire\plugins\ofmeet\log i have only binary .pcap binary files.

In error log nothing wrong, in debug log i have only

When I Create Wideo Conference from Jitsi Client, it appears on conference summary. When I enter the same conference room by Chrome - the list is empty. Where should I look for logs of ofmeet?

Michal7 · November 7, 2016, 2:10pm

In Error Log I can see:

"

2016.11.07 14:59:56 org.jivesoftware.openfire.ldap.LdapGroupProvider - Could not find user in LDAP focus858385253034300

2016.11.07 14:59:56 org.jitsi.jicofo.ChatRoomRoleAndPresence - Focus must be a moderator!

2016.11.07 14:59:56 org.jitsi.jicofo.JitsiMeetConference - net.java.sip.communicator.service.protocol.OperationFailedException: Failed to join the room

net.java.sip.communicator.service.protocol.OperationFailedException: Failed to join the room

"

In LDAP i have other user configured (and also configured on Settings tab) - why some focus(randomnumbers) try to enter the room? And second line is strange - my focus user (this one from LDAP) id room owner - how to grant him Moderator role?? When first user enters the room, I can see that my focus user enters and leaves the room a few times.

Dele_Olajide · November 7, 2016, 4:50pm

Make sure the password for the user created in ldap is set in Ofmeet. goto to group chat service settings and select the default “Conference” service and edit the room administrators. Add the full Jid of your focus user.

restart your Openfire server and confirm the focus user appears in the sessions list as connected and logged in

now try a meeting with the same URL from two chrome tabs. You should see your meeting in the meeting summary with 2 participants. If not check log files again

Michal7 · November 8, 2016, 9:18am

I’ve set everything just like you said:

Focus user settings:

Conference group chat settings:

room settings:

User sessions (this anonymous one is strange):

chrome:

And now some logs:

info.log:

2016.11.08 09:27:39 org.jitsi.jicofo.openfire.FocusComponent - Focus request for room: video@conference.mydomain.int

2016.11.08 09:27:40 org.jitsi.jicofo.FocusManager - Created new focus for video@conference.mydomain.int@mydomain.int conferences count: 1 options:

channelLastN: -1

adaptiveLastN: false

enableFirefoxHacks: false

adaptiveSimulcast: false

bridge: ofmeet-jitsi-videobridge.mydomain.int

openSctp: true

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketReader init

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketReader startup

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketWriter startKeepAliveProcess

2016.11.08 09:27:40 XMPPConnection - XMPPConnection login

2016.11.08 09:27:40 org.jitsi.jicofo.JitsiMeetConference - Reg state changed: RegistrationStateChangeEvent[ oldState=Unregistered; newState=RegistrationState=Registered; reasonCode=-1; reason=null]

2016.11.08 09:27:40 org.jitsi.jicofo.JitsiMeetConference - Registered: XmppProtocolProvider(focus)

2016.11.08 09:27:40 org.jitsi.jicofo.JitsiMeetConference - Joining the room: video@conference.mydomain.int

2016.11.08 09:27:40 org.jitsi.impl.protocol.xmpp.ChatRoomImpl - before join as

2016.11.08 09:27:40 org.jitsi.impl.protocol.xmpp.ChatRoomImpl - joinAs focus null null

2016.11.08 09:27:40 org.jitsi.impl.protocol.xmpp.OperationSetColibriConferenceImpl - Nothing to expire - no conference allocated yet

2016.11.08 09:27:40 org.jitsi.impl.protocol.xmpp.ChatMemberImpl - Thread[Smack Listener Processor (1),5,main]JID: null received for: video@conference.mydomain.int/xmpp_test1-95

2016.11.08 09:27:40 org.jitsi.impl.protocol.xmpp.ChatMemberImpl - Thread[Smack Listener Processor (1),5,main]JID: null received for: video@conference.mydomain.int/focus

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketReader shutdown

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketWriter cleanup

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketReader cleanup

2016.11.08 09:27:40 XMPPConnection - SmackConnection - close

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketReader shutdown

2016.11.08 09:27:40 XMPPConnection - OpenfirePacketReader cleanup

2016.11.08 09:27:40 org.jitsi.impl.protocol.xmpp.XmppProtocolProvider - XMPP provider Jabber:focus@mydomain.int/focus924848778047100@172.20.112.199 disconnected

2016.11.08 09:27:40 org.jitsi.jicofo.FocusManager - Disposed conference for room: video@conference.mydomain.int conference count: 0

2016.11.08 09:27:41 org.jitsi.videobridge.openfire.Config - Config servlet

2016.11.08 09:27:51 org.jitsi.jicofo.openfire.FocusComponent - handleIQSet

<property name="bridge" value="ofmeet-jitsi-videobridge.mydomain.int"/>

<property name="channelLastN" value="-1"/>

<property name="adaptiveLastN" value="false"/>

<property name="adaptiveSimulcast" value="false"/>

<property name="openSctp" value="true"/>

<property name="enableFirefoxHacks" value="false"/>

error.log

2016.11.08 09:27:40 org.jivesoftware.openfire.ldap.LdapGroupProvider - Could not find user in LDAP focus924848778047100

2016.11.08 09:27:40 org.jitsi.jicofo.JitsiMeetConference - net.java.sip.communicator.service.protocol.OperationFailedException: Failed to join the room

net.java.sip.communicator.service.protocol.OperationFailedException: Failed to join the room

at org.jitsi.impl.protocol.xmpp.ChatRoomImpl.joinAs(ChatRoomImpl.java:200)

at org.jitsi.impl.protocol.xmpp.ChatRoomImpl.joinAs(ChatRoomImpl.java:290)

at org.jitsi.impl.protocol.xmpp.ChatRoomImpl.join(ChatRoomImpl.java:249)

at org.jitsi.jicofo.JitsiMeetConference.joinTheRoom(JitsiMeetConference.java:342)

at org.jitsi.jicofo.JitsiMeetConference.maybeJoinTheRoom(JitsiMeetConference.java: 324)

at org.jitsi.jicofo.JitsiMeetConference.registrationStateChanged(JitsiMeetConferen ce.java:1119)

at org.jitsi.jicofo.ProtocolProviderHandler.registrationStateChanged(ProtocolProvi derHandler.java:123)

at net.java.sip.communicator.service.protocol.AbstractProtocolProviderService.fire RegistrationStateChanged(AbstractProtocolProviderService.java:176)

at net.java.sip.communicator.service.protocol.AbstractProtocolProviderService.fire RegistrationStateChanged(AbstractProtocolProviderService.java:130)

at org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.register(XmppProtocolProvider .java:171)

at org.jitsi.jicofo.util.RegisterThread.run(RegisterThread.java:38)

Caused by: forbidden(403)

at org.jivesoftware.smackx.muc.MultiUserChat.getConfigurationForm(MultiUserChat.ja va:577)

at org.jitsi.impl.protocol.xmpp.ChatRoomImpl.joinAs(ChatRoomImpl.java:158)

… 10 more

2016.11.08 09:27:40 org.jitsi.impl.protocol.xmpp.OperationSetJingleImpl - Received an error: code=403 message=null

2016.11.08 09:27:40 net.java.sip.communicator.util.UtilActivator - An uncaught exception occurred in thread=Thread[Thread-149,5,main] and message was: null

java.lang.NullPointerException

at org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.register(XmppProtocolProvider .java:178)

at org.jitsi.jicofo.util.RegisterThread.run(RegisterThread.java:38)

I hope this is enough for analyst

Dele_Olajide · November 8, 2016, 11:12am

Thank you for the log file messages. Yes I can now see what happened.

Jitsi jicifo code (focus user component) is dynamically creating unique new focus users for every conference. As you are using ldap (a Read-only user data store), the creation fails, the user is never created and room join fails

Does not look like any easy problem to solve.

The only recommendation I can make is to wait for the new 0.4.x branch of Ofmeet. Jitsi have changed this behaviour in their latest code.

I will look at the code when I am free to see what could be done In the mean time

Michal7 · November 8, 2016, 11:25am

Thank you very much. At least I know it’s not my fault

For testing purposes I could create another instance with local authentication. Does focues user (those stated in settings tab) have to been granted admin rights for whole Openfire to create those temporary focus users? Or just for the conference service?

Dele_Olajide · November 8, 2016, 12:41pm

No, just the conference room service. With local authentication, the plugin creates the user and does the permission automatically

Michal7 · November 8, 2016, 4:44pm

You are right - I’ve set up another server with local authentication and now everything works fine. The only thing is that plugin creates focus user and it cannot be changed - if I change it (manualy create another user, set its Jid and password in settings, add the same permissions as originally created user) - then everything just stops working. It HAS TO be focus - other names are not working. I only hope that password generated for that user is random, not hardcoded

Once again, thank you very much for your help.

Dele_Olajide · November 8, 2016, 6:18pm

I think you might need to restart Openfire for the new name to take effect. Password is random and not hard coded. Changing password may require a restart as well

Michal7 · November 8, 2016, 8:05pm

I’ve tried using various names, and only focus@mydomain is working. And what is more, i reverted to my LDAP authentication, created user focus in LDAP and… IT’S WORKING!

Funny thing is that previously, focus user couldn’t create nor enter any room… and now, even if it has no rights to create room (but it has admin rights for conference service), temporary rooms are created

_nix · May 10, 2018, 8:54am

Openfire 4.2.3. I use SSO. focus user don’t connect and focus JID don’t change.
If I delete settings:
sasl.gssapi.config C:\Program Files (x86)\Openfire\conf\gss.conf
sasl.gssapi.debug false
sasl.gssapi.useSubjectCredsOnly false
sasl.mechs GSSAPI
sasl.realm LAB.LOCAL then focus login successfully

speedy · May 10, 2018, 8:58pm

this is a known issue, and will likely be fixed in the next release. You might be able to work around this issue by running your openfire service with the focus user account.