powered by Jive Software

User authentication using OfMeet

Hello,

Is there a way to enable user authentication in OfMeet to using the OpenFire user database? Using CANDY is an option, but I prever the OfMeet UI.

When I disable anonymous logins in OpenFire, OfMeet can still create anonymous user sessions.

When I disable room creation in OpenFire, OfMeet can still create conference rooms.

Thanks!

Is there a way to enable user authentication in OfMeet to using the OpenFire user database?

Not without coding some Javascript and designing a login screen in HTML. Call Strophe connect method with user JID and password

When I disable anonymous logins in OpenFire, OfMeet can still create anonymous user sessions.

When I disable room creation in OpenFire, OfMeet can still create conference rooms.

I will raise a Jira ticket. Is this with websockets or bosh?

Hi Dele,

This is with websockets.

Thanks again!

Thanks. The websockets plugin is not checking openfire settings. I will create a ticket for that as well.

Hi It was just what I was wondering.

The really important thing that is missing as far as i see is to block room creation to anonymous users, now if i link my server with a standard chrome browser pointing to the right path i can create a conference room with the extention I want.

Regards

The next version of ofmeet in development (1.3) now has the ability to protect the whole web site with a simple username/password configurable from Openfire admin web console.

Later on, we should be able to add normal XMPP user authentication like Candy does.

Fantastic!

I did some more tests on the platform and apart e relative instability I did find a problem, well not a problem but an issue due to the necessity of a stun support I think.

My test configuration is:

-OF Server on public IP: Jingle nodes, Rayo and Jitsivideobridge plugin installed

  • Client on “inside LAN” that reach the OF server without necessity of natting (it access to the server with its private ip)

  • Client outside the lan that access the OF server passing by a public IP.

Trying to create a OF Meet by jitsi videobridge the attempt fails apparently because the client placed outside the lan tries to contact the client on the inside lan using it’s private IP.

I did find that this did not occur on plugins like Jappix (on the code it seems to be enable to use google stun servers) or if both the clients use Jitsi SIP client with STUN and Jinglenodes options enabled.

Is it possible to enable one of these method on OFMeet?

Regards

Giorgio

Trying to create a OF Meet by jitsi videobridge the attempt fails apparently because the client placed outside the lan tries to contact the client on the inside lan using it’s private IP.

That should not be happening. Each client makes a media (SRTP with DTLS) connection wih the Jitsi Videobridge engine directly and not with each other. That is why the bridge needs a public IP address to be accesible by all clients.

With ofmeet, the signalling is also between clients and the Jitsi Videobridge plugin that acts as a proxy focus point and relays COLBRI messages to the Jitsi Videobridge engine.

JItsi Videobridge is behaving like Jingle nodes to relay media between multiple clients.

Dele,

i’ll do another test and I’ll dump the debug if you are interested in. I’m sure it works on Jappix and on Jisti client usign jinglenodes (I just saw the logs), with ofmeet nope to have it working.

I’ll send you all asap i can.

Regards

Dele I did recheck all.

I did modify the config.js as requested (ofmeet):

var config = {

hosts: {

domain: ‘myserver.mydomain.it’,

muc: ‘conference.myserver.mydomain.it’, // FIXME: use XEP-0030

bridge: ‘jitsi-videobridge.myserver.mydomain.it’ // FIXME: use XEP-0030

},

useIPv6: false, // ipv6 support. use at your own risk

useNicks: false,

useWebsockets: true,

resolution: “360”,

bosh: window.location.protocol + “//” + window.location.host + ‘/http-bind/’ // FIXME: use xep-0156 for that

};

I also di insert all the three entries in the hosts file but i do not think it is useful.

Trying to repeat the connection between the client placed outside and the client in the inside lan no A/V connection is created.

I do confirm that the server has rayo, jinglenodes and websockets plugin installed.

The only strange thing is that even if I am on a public ip directly the machine seems not able to do a public ip check of jinglenodes (but they seems to work because doing a connection with Jitsi in the same config the clients cann connect each other properly).

Regards

Hi Dele,

just to complete a little more what i see in my testing environment.

I did place wireshark on the pc placed on the internet and i did find that there are requests like this:

297
45.871060000
192.168.0.100
195.135.201.241
STUN
142
Binding Request user: 4k552:4YYgiAjXUyHOdBSO

This normally happens in case there is no possibility for a direct contact because the clients are behind a NAT.

Furthermore, the OF server we have installed does not provide STUN, we are working on a node that can work as stun server but it would be a different machine from the OF server.

Is there any place in the webapp where i can place the stun settings? on the Jmeet app a line is present.

Thanks a lot, regards

Giorgio