401 unauthorized when I start a room

[bpetit]

Hi,

Just made a fresh install from bbb-install with greenlight. Worked perfectly.

Then I rebooted the server and once back, when I try to start a room, I have this page, after a waiting page with 3 dots:

I'm admin on greenlight.

bbb-conf --check returns :

BigBlueButton Server 2.2.5 (1848) Kernel version: 4.11.0-14-generic Distribution: Ubuntu 16.04.6 LTS (64-bit) Memory: 12316 MB CPU cores: 8

/usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties (bbb-web) bigbluebutton.web.serverURL: https://myhosname.example.com defaultGuestPolicy: ALWAYS_ACCEPT svgImagesRequired: true

/etc/nginx/sites-available/bigbluebutton (nginx) server name: myhosname.example.com port: 80, [::]:80 port: 443 ssl bbb-client dir: /var/www/bigbluebutton

/var/www/bigbluebutton/client/conf/config.xml (bbb-client) Port test (tunnel): rtmp://myhosname.example.com red5: myhosname.example.com useWebrtcIfAvailable: true

/opt/freeswitch/etc/freeswitch/vars.xml (FreeSWITCH) local_ip_v4: 92.243.10.3 external_rtp_ip: stun:stun.freeswitch.org external_sip_ip: stun:stun.freeswitch.org

/opt/freeswitch/etc/freeswitch/sip_profiles/external.xml (FreeSWITCH) ext-rtp-ip: $${local_ip_v4} ext-sip-ip: $${local_ip_v4} ws-binding: :5066 wss-binding: 92.243.10.3:7443

/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml (record and playback) playback_host: myhosname.example.com playback_protocol: https ffmpeg: 4.2.2-1bbb1~ubuntu16.04

/etc/bigbluebutton/nginx/sip.nginx (sip.nginx) proxy_pass: 92.243.10.3

/usr/local/bigbluebutton/bbb-webrtc-sfu/config/default.yml (Kurento SFU) kurento.ip: 92.243.10.3 kurento.url: ws://127.0.0.1:8888/kurento localIpAddress: 92.243.10.3 recordScreenSharing: true recordWebcams: true codec_video_main: VP8 codec_video_content: VP8

/usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml (HTML5 client) build: 874 kurentoUrl: wss://myhosname.example.com/bbb-webrtc-sfu enableListenOnly: true

Potential problems described below

greelight conf check gave:

docker run --rm --env-file .env bigbluebutton/greenlight:v2 bundle exec rake conf:check

Checking environment: Passed Checking Connection: Passed Checking Secret: Passed

I think I found a relevant log message:

/var/log/syslog:Apr 26 09:41:18 bbb-wbssc-01-prs systemd_start.sh[1504]: #033[31merror#033[39m: {"logCode":"authenticatedhandlercomponent_setreason","logDescription":"Encountered error while trying to authenticate","extraInfo":{"reason":{"error":401,"description":"Authentication timeout."},"validUser":"valid"},"userInfo":{"sessionToken":"5gyxgdbnbw04rx4c","meetingId":"44f7334ce2716b9724bcc67def0617d74d941336-1587834854922","requesterUserId":"w_ytvrbag3zhmd","fullname":"Administrator","confname":"test","externUserID":"gl-vxwctehrypnx","uniqueClientSession":null}} /var/log/syslog:Apr 26 09:41:19 bbb-wbssc-01-prs systemd_start.sh[1504]: #033[31merror#033[39m: {"logCode":"startup_client_usercouldnotlogin_error","logDescription":"User could not log in HTML5, hit 401","extraInfo":{"validUser":"valid"},"userInfo":{"sessionToken":"5gyxgdbnbw04rx4c","meetingId":"44f7334ce2716b9724bcc67def0617d74d941336-1587834854922","requesterUserId":"w_ytvrbag3zhmd","fullname":"Administrator","confname":"test","externUserID":"gl-vxwctehrypnx","uniqueClientSession":null}}

I replaced the hostname to not expose my organization domain name, but it is properly configured with the real one, including TLS.

Any idea ?

Thanks

[feschoppe]

I got the exact same issue after a reboot of my server. I made a fresh install last week and today I made a reboot and then I also got the screen 401 when starting a room.

[bpetit]

I was able to make greenlight working again by rerunning the install process with bbb-install. This feels like a dirty workaround and obviously is not the solution, but just to mention.

[jakiro2017]

I was able to make greenlight working again by rerunning the install process with bbb-install. This feels like a dirty workaround and obviously is not the solution, but just to mention.

Did the reinstall upgrade bbb as well?

[bleaktradition]

I had the same issue but it disappeared after I disabled unattended upgrades on Ubuntu. Someone mentioned it on a different page but I don't remember where.

[bpetit]

I was able to make greenlight working again by rerunning the install process with bbb-install. This feels like a dirty workaround and obviously is not the solution, but just to mention.

Did the reinstall upgrade bbb as well?

I didn't check the exact version the first time sorry.

[IncubusRK]

You can use workaround from issue #9466 Set allowRequestsWithoutSession=true in /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties

[borhanreo]

I have the problem

[TheHolyLoli]

same just installed BBB and this is what i get from fresh installation

[JosebaNr]

Same issue for me, a fresh install of bionic-230-dev on a fresh Ubuntu 18.04.5 VM with the BBB API demo yields this error when accessing any room. Reconnecting/re-entering the session doesn't have any effect

[borhanreo]

Need to add domain/subdomain name https://xyz.xyz.com

[JosebaNr]

Need to add domain/subdomain name https://xyz.xyz.com

You mean that domain/subdomain properties are required to have a working environment? Doesn't it work by omitting that property and using local IP addresses? I want to setup a local development environment to develop html5 client changes and I don't really need nor want to register a FQDN to work locally.

[borhanreo]

Need to add domain/subdomain name https://xyz.xyz.com

You mean that domain/subdomain properties are required to have a working environment? Doesn't it work by omitting that property and using local IP addresses? I want to setup a local development environment to develop html5 client changes and I don't really need nor want to register a FQDN to work locally.

You can. But i was faced the same issue in local. when i use aws ec2 machine and configure domain with ssl certificate then bbb work properly my end

[JosebaNr]

Need to add domain/subdomain name https://xyz.xyz.com

You mean that domain/subdomain properties are required to have a working environment? Doesn't it work by omitting that property and using local IP addresses? I want to setup a local development environment to develop html5 client changes and I don't really need nor want to register a FQDN to work locally.

You can. But i was faced the same issue in local. when i use aws ec2 machine and configure domain with ssl certificate then bbb work properly my end

Indeed, I just tried installing it with a domain and SSL and it seems to work. Thanks.