Android app: cant join meeting on community Jitsi instance without logging in through Google, Facebook, or Microsoft (Github) [PART II]

[Franco-Sparrow]

What happened?

@saghul @exercismnow Hi guys, I opened this issue, following this one you had before

I am opening this issue because is not working for me eather on Jitsi Meet Android App 24.2.2 nor 23.4.0, with Jitsi Meet server 2.0.9457-1. The app was downloaded from the Play Store. I am not using auth, it is a self-hosted server on public network. I can join using mobile browser on Desktop mode, but not able to do it using the app. I configured the app to join meetings with the name Franco (mobile), I invite myself with a link invitation (made from my PC desktop browser) and the apps keeps saying that there is no moderator in the room, that I have to wait for one or become in the moderator. There is indeed a moderator in the room, my other account which created the room using my Desktop browser on my PC.

I was able to joing with the Android app, but I had to become in the moderator and invite others (my laptop) to the room. I dont know if other Android could have same problem if try to joing without moderator permissions

PS: the iOS app works, but not the Android app (big problem here, as this is most used)

Platform

• [ ] Chrome (or Chromium based)
• [ ] Firefox
• [ ] Safari
• [ ] Other desktop browser
• [ ] Android browser
• [ ] iOS browser
• [ ] Electron app
• [X] Android mobile app
• [ ] iOS mobile app
• [ ] Custom app using a mobile SDK

Browser / app / sdk version

Android app 24.2.2 and 23.4.0

Relevant log output

No response

Reproducibility

• [ ] The problem is reproducible on meet.jit.si

More details?

if I try to access to the invitation

If I set the URL o name of the room, it stays forever waiting for the moderator:

[saghul]

Can you please share your server's URL so we can test?

[Franco-Sparrow]

Can you please share your server's URL so we can test?

Hi Sir

This is my server

https://meet.parallaxnet.com/

[saghul]

Looks like you have XMPP auth enabled in your server.

Can you please share your Prosody config?

[saghul]

To be clear, the auth in your server has nothing to do with the app or the Firebase auth we use on meet.jit.si.

You might have enabled XMPP with by mistake. With that auth mechanism you can create users in the local Prosody instance and have them authenticate to your server.

[Franco-Sparrow]

Hi @saghul

Sorry for the late reply, I was sleeping. To connect to the server and become a moderator you need an admin account, previously created with the prosody. If I just want to join an existence meet, created from a Desktop browser, where there is already a moderator inside, and has invited me with a shared link, or I know the full link to the meet...it just doesn't work from the Android App.

This is the config in the prosody:

I have created an admin account with prosody, so you can test this by yourself.

prosodyctl register saghul meet.parallaxnet.com saghuladmin123
general             warn        Lua 5.1 has several issues and support is being phased out, consider upgrading

Thanks in advance, and let me know the results of your tests, please :)

[saghul]

Hum, I see. We must have broken guest login :-/

@Calinteodor can you PTAL?

[Calinteodor]

I managed to test with a standard authentication configured instance and I am not able to reproduce your issue. Everything works as expected. Can you send us your config.js and your full prosody configuration?

Thank you!

[Franco-Sparrow]

Hi @Calinteodor Let me share my server files. Please take note that this server was installed via apt repos on Ubuntu 22.04.

/etc/prosody/conf.avail/meet.parallaxnet.com.cfg.lua
/etc/jitsi/meet/meet.parallaxnet.com-config.js
/etc/jitsi/jicofo/sip-communicator.properties

server-files.zip

Iptable rules:

#-----
# RAW
#-----

-P PREROUTING ACCEPT
-P OUTPUT ACCEPT
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags SYN,PSH SYN,PSH -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags SYN,URG SYN,URG -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags RST,ACK RST -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags PSH,ACK PSH -j DROP
-A PREROUTING -i eth0 -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP
-A PREROUTING -i eth0 -m addrtype --src-type UNSPEC -j DROP
-A PREROUTING -i eth0 -m addrtype --src-type BLACKHOLE -j DROP
-A PREROUTING -i eth0 -m addrtype --src-type UNREACHABLE -j DROP
-A PREROUTING -i eth0 -m addrtype --src-type LOCAL -j DROP
-A PREROUTING -i eth0 -m addrtype --src-type BROADCAST -j DROP
-A PREROUTING -i eth0 -m addrtype --src-type MULTICAST -j DROP

#--------
# MANGLE
#--------

-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-A PREROUTING -i eth0 -m conntrack --ctstate INVALID -j DROP

#--------
# FILTER
#--------

-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m conntrack --ctstate NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -s 199.231.161.151/32 -p tcp -m conntrack --ctstate NEW -m tcp -m multiport --dports 10050,10051 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -p tcp -m conntrack --ctstate NEW -m tcp -m multiport --dports 80,443,3478,4443,5349,5600,40000:65535 -j ACCEPT
-A INPUT -p udp -m conntrack --ctstate NEW -m udp -m multiport --dports 3478,10000,25958,40000:65535 -j ACCEPT

#-----
# NAT
#-----

-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT

PS: Could you also please, let me know which ports do I need to open for Jitsi Meet, to make it work no only for the clients using web brouser, but with the apps too? I think I have unnecessary ports opened.

Thanks in advance :)

[saghul]

The apps and browser use the same ports.

[Franco-Sparrow]

I managed to test with a standard authentication configured instance and I am not able to reproduce your issue. Everything works as expected. Can you send us your config.js and your full prosody configuration?

Thank you!

Hi Sir

Did you find anything wrong on my configuration?

[Franco-Sparrow]

May I have a follow up on this please?

[saghul]

The config looks ok in general. We have a jitsi-anonymous auth type which extends anonymous with some Jitsi session data, but that is mostly used for WS IIRC, so you should be fine since you use BOSH.

I wonder if something got broken with the deprecated Jicofo config. Could you test migrating to jicofo.conf rather than using the properties file?

[Franco-Sparrow]

Hi Saul, thanks for your reply

I will try to follow the official documentation, to configure jicofo.conf rather than properties file. Will let you know.

Thanks in advance

El lun, 24 jun 2024, 4:44 a. m., Saúl Ibarra Corretgé < @.***> escribió:

The config looks ok in general. We have a jitsi-anonymous auth type which extends anonymous with some Jitsi session data, but that is mostly used for WS IIRC, so you should be fine since you use BOSH.

I wonder if something got broken with the deprecated Jicofo config. Could you test migrating to jicofo.conf rather than using the properties file?

— Reply to this email directly, view it on GitHub https://github.com/jitsi/jitsi-meet/issues/14846#issuecomment-2185942601, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANRJPN65GVEDYPHPM6LDI6DZI7L5PAVCNFSM6AAAAABJRG7I6OVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOBVHE2DENRQGE . You are receiving this because you authored the thread.Message ID: @.***>

[Franco-Sparrow]

@saghul Hi Sir, sorry for the late update

Related with what you suggested to me, to edit the deprecated jicofo config file instead the properties file...what should I edit here?

/etc/jitsi/jicofo/jicofo.conf

# Jicofo HOCON configuration. See reference.conf in /usr/share/jicofo/jicofo.jar for
#available options, syntax, and default values.
jicofo {
  xmpp: {
    client: {
      client-proxy: "focus.meet.parallaxnet.com"
      xmpp-domain: "meet.parallaxnet.com"
      domain: "auth.meet.parallaxnet.com"
      username: "focus"
      password: "MxBEgXwBUg3kRLF3"
    }
    trusted-domains: [ "recorder.meet.parallaxnet.com" ]
  }
  bridge: {
    brewery-jid: "JvbBrewery@internal.auth.meet.parallaxnet.com"
  }
}

The /etc/jitsi/jicofo/

org.jitsi.jicofo.auth.URL=XMPP:meet.parallaxnet.com

You said that my config looks OK, that I should try with the deprecated jicofo.conf file. I am following latest jitsi documentation.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.