Problem with logging in with profile button

[adolhunter1]

Hi, Jitsi developers, first of all, thank you so much for creating such a wonderful project.

I have been using Jitsi meet to host conferences. Everything worked fine for me. However, I have a problem with logging in.

I am using LDAP authentication method and docker-jitsi-meet stable-5765-1 version and my custom web front end.

I have no problem creating a room and starting meeting.

However, when a guest user tries to log in using the LDAP credentials into a created room, the application does not grant the moderator rights correctly. Below is the log when I try to do that.

2021-05-17T19:51:58.004Z [modules/xmpp/xmpp.js] <P._initStrophePlugins>:  P2P STUN servers:  
[{…}]
Logger.js:154 2021-05-17T19:51:58.007Z [modules/xmpp/xmpp.js] <P.connectionHandler>:  (TIME) Strophe connecting:	 16346.169999975245
content.bundle.js:523 Uncaught TypeError: Cannot read property 'source' of null
    at handleMessages (content.bundle.js:523)
react_devtools_backend.js:2557 2021-05-17T19:51:58.688Z [modules/xmpp/XmppConnection.js] <u._maybeEnableStreamResume>:  Stream resume enabled, but WebSockets are not enabled
Logger.js:154 2021-05-17T19:51:58.690Z [modules/xmpp/strophe.ping.js] <d.startInterval>:  XMPP pings will be sent every 10000 ms
Logger.js:154 2021-05-17T19:51:58.690Z [modules/xmpp/xmpp.js] <P.connectionHandler>:  (TIME) Strophe connected:	 17028.980000002775
Logger.js:154 2021-05-17T19:51:58.690Z [modules/xmpp/xmpp.js] <P.connectionHandler>:  My Jabber ID: [email protected]/2-0kmCJX
react_devtools_backend.js:2557 2021-05-17T19:51:58.847Z [modules/xmpp/strophe.jingle.js] getting turn credentials with extdisco:2 failed, trying extdisco:1 
react_devtools_backend.js:2557 2021-05-17T19:51:59.006Z [modules/xmpp/strophe.jingle.js] getting turn credentials failed 
react_devtools_backend.js:2557 2021-05-17T19:51:59.007Z [modules/xmpp/strophe.jingle.js] is mod_turncredentials or similar installed and configured?

and here is the log from the web container on server

99.30.13.201 - - [17/May/2021:19:54:03 +0000] "POST /http-bind?room=undefined HTTP/2.0" 200 544 "https://example.meet.com/123" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36"
99.30.13.201 - - [17/May/2021:19:54:04 +0000] "POST /http-bind?room=undefined HTTP/2.0" 200 199 "example.meet.com" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36"

I checked the redux store and the "features/base/connection".connection.options.bosh is also "/http-bind?room=undefined" after attempting to login, but before I try to login the value of the field is '/http-bind?room=whateverNameIWant', which is correct

[saghul]

IIRC we fixed this one in the latest stable release. Can you please give that a try?

[adolhunter1]

@saghul Did you mean the jitsi-meet front end or the docker-jitsi-meet latest release? I have tried the docker-jitsi-meet 5870 version and the :unstable images, none of them seemed to work. Maybe you were referring to issue #1018, but that was not my situtation. For me, I can start the conference no problem, it's just that the later participants cannot promote them to moderator right by logging in from the three dot-profile menu.

[saghul]

Yep, I meant 5870.

We don't have a good way to test LDAP to be honest, so any help you can provide pinpointing the issue will go a long way.

Do you see any errors in the console when you try to login from the profile?

[adolhunter1]

Yep, I meant 5870.

We don't have a good way to test LDAP to be honest, so any help you can provide pinpointing the issue will go a long way.

Do you see any errors in the console when you try to login from the profile?

No, no error messages in the console, just the warning messages I have attached in the OP.

I have tried a couple of things, in this snippet in LoginDialog.js, I see that authRequired is being mapped to _conference. However, when I check my redux store, I don't even have a state variable like this. This then leads to the _onLogin method calling connect(jid, password) instead of authenticateAndUpgradeRole(jid, password, conference). I tried to map the _conference prop from the APP.store.getState()["features/base/conference"].conference method and the guest can get moderator rights, but then I cannot actually create a conference for a new room; when I login like that, the authentication required dialog keeps popping up every 2 seconds.

If you could tell me what the proper way to fix this is I can work on that and contribute.@saghul

function _mapStateToProps(state) {
    const {
        error: authenticateAndUpgradeRoleError,
        progress,
        thenableWithCancel
    } = state['features/authentication'];
    const { authRequired } = state['features/base/conference'];
    const { hosts: configHosts } = state['features/base/config'];
    const {
        connecting,
        error: connectionError
    } = state['features/base/connection'];

    return {
        ..._abstractMapStateToProps(state),
        _conference: authRequired,
        _configHosts: configHosts,
        _connecting: Boolean(connecting) || Boolean(thenableWithCancel),
        _error: connectionError || authenticateAndUpgradeRoleError,
        _progress: progress,
        _styles: ColorSchemeRegistry.get(state, 'LoginDialog')
    };
}

[netzwerkgoettin]

Hi,

running 5870 Docker setup and nearly same problem – but I don't use LDAP, I create prosody users.

• user goes to Settings -> Profile
• user clicks on Login
• user provides wrong credentials: user gets no error, login form remains open, error in Firefox console: 2021-06-09T21:33:28.947Z [connection.js] CONNECTION FAILED: connection.passwordRequired
• user clicks on cancel -> user is sent to close page and leaves the conference (which is a bug in my opinion, cancel should cancel the login process, not the whole conference)
• user provides correct credentials: prosody seems to recognize the user as valid, user is authenticated but does not gain moderator rights
• does not depend on Browser: Brave, Chrome, FF, Vivaldi, all the same effect
• it was working before, upgrading to 5870 crashed it

Regards,
Marianne

Log from prosody Docker container:

c2s5576909942c0                                              info	Client connected
c2s5576909942c0                                              info	Authenticated as [email protected]

Console Log Firefox:

@atlaskit/modal-dialog: Deprecation warning - Use of the footer prop in ModalDialog is deprecated. Please compose your ModalDialog using the 'components' prop instead Content.js:160:16
2021-06-09T21:35:41.170Z [modules/xmpp/xmpp.js] <_initStrophePlugins>:  P2P STUN servers:  
Array [ {…} ]
Logger.js:154:22
2021-06-09T21:35:41.173Z [modules/xmpp/xmpp.js] <connectionHandler>:  (TIME) Strophe connecting:	 13551 Logger.js:154:22
2021-06-09T21:35:41.494Z [modules/xmpp/XmppConnection.js] <_maybeEnableStreamResume>:  Enabling XEP-0198 stream management Logger.js:154:22
2021-06-09T21:35:41.494Z [modules/xmpp/XmppConnection.js] <_maybeStartWSKeepAlive>:  WebSocket keep alive interval: 60000ms Logger.js:154:22
2021-06-09T21:35:41.495Z [modules/xmpp/XmppConnection.js] <_maybeStartWSKeepAlive>:  Scheduling next WebSocket keep-alive in 86620.97450451064ms Logger.js:154:22
2021-06-09T21:35:41.495Z [modules/xmpp/strophe.ping.js] <startInterval>:  XMPP pings will be sent every 10000 ms Logger.js:154:22
2021-06-09T21:35:41.495Z [modules/xmpp/xmpp.js] <connectionHandler>:  (TIME) Strophe connected:	 13874 Logger.js:154:22
2021-06-09T21:35:41.495Z [modules/xmpp/xmpp.js] <connectionHandler>:  My Jabber ID: [email protected]/_3zWT8Wh Logger.js:154:22
2021-06-09T21:35:41.558Z [modules/xmpp/strophe.jingle.js] <getStunAndTurnCredentials/<>:  getting turn credentials with extdisco:2 failed, trying extdisco:1 
<iq id="1a67bb72-c9c0-4fd4-9fd0-eb1d8d5a3426:sendIQ" type="error" from="meet.jitsi" xmlns="jabber:client" to="[email protected]/_3zWT8Wh">
Logger.js:154:22
2021-06-09T21:35:41.593Z [modules/xmpp/strophe.jingle.js] <getStunAndTurnCredentials/</<>:  getting turn credentials failed 
<iq id="18f0165b-5ada-463b-aea5-f2cdd1ed4b5f:sendIQ" type="error" from="meet.jitsi" xmlns="jabber:client" to="[email protected]/_3zWT8Wh">
Logger.js:154:22
2021-06-09T21:35:41.594Z [modules/xmpp/strophe.jingle.js] <getStunAndTurnCredentials/</<>:  is mod_turncredentials or similar installed and configured?

[ghost]

I have the same problem, I'm using docker-jitsi-meet-stable-6433, It's solved?
https://community.jitsi.org/t/jitsi-docker-based-ldap-moderator-left-no-guest-becomes-a-moderator-and-no-one-can-authenticate/107405

[ghost]

Hello @saghul , Is this issue fixed?

[saghul]

I don't think so, we have nothing specific to fix it.

Can you reproduce this with the normal internal auth? I don't have an LDAP setup to test with.

[ghost]

I'll test it without LDAP, and let you know!

[ghost]

Hello @saghul , I tested with internal auth, I confirm I got the same issue:

guest can not login via setting --> profile --> authentication, here console logs

and If the guest clicks on cancel He will be existed from the meeting and returns back to main page of jitsi.

[ghost]

@saghul , it seems there is bug in docker image, the authentication of guest user doesn't work anymore neither with internal nor with LDAP authentication.
in addition if moderator left the room, when He tries to join, He enters as guest too, we have a situation that no one in the room becomes moderator!

[saghul]

Thanks for the report! One more question: the host can login just fine, correct?

[ghost]

yes, the Host can login perfectly.

[ghost]

Hello @saghul, is there any progress in this issue?
Thanks!

[saghul]

Nope, sorry we haven't gotten to it yet.

[ClundXIII]

Is this an issue specifically with LDAP or can I circumvent this by using a different authentication method?

[ghost]

this is general issue not to LDAP only even if an internal auth has an issue, it's a bug should be fixed by the nice guys of jitsi.

[ghost]

Hello @saghul, is there any update?
Thanks!

[saghul]

Please stop asking. Whenever I get to it I'll post an update.

[ghost]

Thanks for your replay.
I'm not pushing you, I'm just asking if there is any news!

[0xnor0]

@Zarawee thanks, i saw the same error and thought my configuration was wrong. I use the ubuntu packages, not Docker.
I also have the problem that the moderator rights are not handed over to a guest who is not logged in when he leaves the conference. Nobody is a moderator after the previous moderator has left the conference. I configured the "Secure Domain" and LDAP-Auth via SASL. Due to the problem that no guest can authenticate themselves afterwards and receive moderator rights, the conference cannot be continued meaningfully.

Can you confirm this error too or do I still have an error somewhere in my configuration?

edit: without authentification, the moderator rights are granted successfully to another participant when the current moderator leaves the conference.

[c-zolotko]

I'm on 6865 docker and I'm still getting the same issue.

My workaround is just to create a room then login moderator as a host then move back into an already created room to be a moderator.

[MakMas]

I have the same problem in stable-8252 docker.

Obtaining session-id...

[bigcammy]

I just updated to stable-8319 docker and I am having the same problem. Cannot login via Settings->Profile using LDAP.

Obtaining session-id and hangs.

[jphovila]

I have a somewhat similar issue, however mine is a manual installation running on FreeBSD -- not the dockerized version. Built-in authentication, no LDAP. May be related to jitsi/lib-jitsi-meet#2203

[PyraPOD]

Same issue here with self-hosted version on Ubuntu 22.04 server.

[jphovila]

I'm leaning towards the assumption that the issue would be specifically in the web user interface (Jitsi Meet), instead of something being wrong with the server-side / back-end configurations. Can't be 100% sure though, since this is my first serious Jitsi installation, and it's been more than a bit challenging to figure out how all the pieces fit together. That said, I don't find any issues on the back-end side any more, and the only error messages I see are the ones in the browser developer console.

[jphovila]

I'm leaning towards the assumption that the issue would be specifically in the web user interface (Jitsi Meet), instead of something being wrong with the server-side / back-end configurations. Can't be 100% sure though, since this is my first serious Jitsi installation, and it's been more than a bit challenging to figure out how all the pieces fit together. That said, I don't find any issues on the back-end side any more, and the only error messages I see are the ones in the browser developer console.

I do see this pattern repeating in the Prosody logs while the disconnection => automatic reconnection cycle keeps going:

mod_bosh        info    New BOSH session, assigned it sid '2a813923-d28d-4b18-8d45-367441be4a81'

bosh2a813923-d28d-4b18-8d45-367441be4a81        info    Authenticated as [email protected]

focus.jitsi.my.domain:component  warn    Component not connected, bouncing error for: <iq id='e4330028-2cca-43f7-ba7d-ec06eb5f2d46:sendIQ' type='set' to='focus.jitsi.my.domain' from='[email protected]/6vqKE8_H8hYr' xml:lang='en'>

mod_bosh        info    New BOSH session, assigned it sid '1f4b3d31-896e-4437-905e-8ea0dfd972e6'

I'm not sure but shouldn't the authenticated as refer to auth.jitsi.my.domain instead of just jitsi.my.domain? (The part my.domain is of course different from what I actually have.)

[damencho]

focus.jitsi.my.domain:component warn Component not connected, bouncing error for:

Jitsi-meet does not use components for more than 3 years now ... Apparently you have a pretty old deployment.

[jphovila]

focus.jitsi.my.domain:component warn Component not connected, bouncing error for:

Jitsi-meet does not use components for more than 3 years now ... Apparently you have a pretty old deployment.

Many of the installation and configuration documents and guides have not been updated to reflect this change.

I did finally figure it out from the bits and pieces of more up to date information scattered here and there.

As far as I can see, the back-end component configurations should (finally) be ok now. Both Jicofo and Jitsi-Videobridge are now connecting to Prosody -- earlier, only Jicofo connected properly. Making Jitsi-Videobridge connect had to do with the expired (Component based) configuration which had to be updated.

I'm still experiencing the issue of always getting disconnected after attempting to start a meeting. It happens with both BOSH and WebSockets based sessions. With both of them, the error message (from browser developer tools console) is the same: [modules/xmpp/moderator.js] <Ir._handleError>: Failed to get a successful response, giving up. Error: Failed to get a successful response, giving up.

In Prosody logs, I can see that the clients do get connected and authenticated properly, for example: bosh5727e349-d42d-4d52-b2b1-4beda48c13df info Authenticated as [email protected]

I'm now trying to hunt down, where exactly the communications break. First obvious suspect would of course be my Nginx configuration, how ever that too should be ok, and I don't see any traces of problems in Nginx logs.

Anyways, my previous estimate that "the issue would be specifically in the web user interface (Jitsi Meet), instead of something being wrong with the server-side / back-end configurations" probably was not correct.

[damencho]

I guess you are missing these

https://github.com/jitsi/jitsi-meet/blob/609942654a3a892474f56b2e837ce3552092855a/debian/jitsi-meet-prosody.postinst#L157

https://github.com/jitsi/jitsi-meet/blob/609942654a3a892474f56b2e837ce3552092855a/debian/jitsi-meet-prosody.postinst#L213

[damencho]

The latest configs and way to setup is to check the debian folder and postinst scripts.
If that is too much to check, you can always spin up an Ubuntu or Debian and install latest and take the configs, but still some stuff like the roster you will be missing...

[PyraPOD]

I am using the most updated version for my self-hosted installation. I still have this problem. Wonder why