How to limit a Jitsi local server to only create rooms from within UNA?
I don't want guests/strangers using my Jitsi local server for their own meetings, I need to limit access to only from within UNA.
Is there a way to do this?
-
Following
-
Following
-
Once you have Jitsi set up on your own server nobody else besides your website should be able to have access to it if u configured it correctly.
-
When you setup the server, you set up a domain(subdomain) for Jitsi (and also specify that domain in the UNA config of Jitsi). If someone finds out that domain (very easy to do, especially if they're a member), they don't need to be registered and logged in on UNA to just go to that domain and automatically create a room.
If I close direct access to that domain it also doesn't let UNA access Jitsi no more.
There should be a way to limit access to the Jitsi server to only logged in members of UNA, and close it to the rest of the world.
-
You must have done the free version with the Jitsi watermark. I believe there's a way to get rid of the watermark and make it yours. I know they offer the service here to set up private seperate server for you. Why did you use a subdomain for Jitsi instead of your own domain? Are you using your server as just a portal or as a closed server?
-
You must have done the free version with the Jitsi watermark. I believe there's a way to get rid of the watermark and make it yours. I know they offer the service here to set up private seperate server for you. Why did you use a subdomain for Jitsi instead of your own domain? Are you using your server as just a portal or as a closed server?
Will, I installed it on my server. I am using a subdomain of my own domain. I don't have a Jitsi watermark. You misunderstand the problem.
-
Unless your server is hosting other websites then it should be a closed server and you shouldn't have to worry about anonymous people getting access to it if it's not the free Jitsi portal version that's using Jitsi server
-
Unless your server is hosting other websites then it should be a closed server and you shouldn't have to worry about anonymous people getting access to it if it's not the free Jitsi portal version that's using Jitsi server
We are literally hosting social networks. Thousands of users. Not exactly "anonymous".
I am posting a valid concern: anyone can open video chats on our server by visiting the URL of the subdomain. Request - how to make it so that nobody can do that, and jitsi is only accessible through that UNA popup.
-
Have you disabled guest users?
-
Have you disabled guest users?
That's exactly what I need to do, which is why I created this thread.
How does Jitsi tell apart who is a guest, and who is a logged-in user on my UNA installation.
-
Great question. Is the solution really so complicated? Where do you disable guest users, for a start?
Why not disable other members who do not have a certain status? Just like you can do with regard to adding groups or posting video, creating polls, etc?
If such an arrangement or settings do not exist maybe someone can create a module which would give Jitsi a few more security controls.
If a community was large - dozens of conferences happening simultaneously would surely slow the site down. Some ability to schedule things would be helpful.
What a sick feeling if trespassers were using your site and your bandwidth to do or to plan to do things which you don't approve of. Or things which... might hurt others? Yes, these same "guests" could register and likely get away with it... Still a little more control or the ability to moderate might be useful.
-
Great question. Is the solution really so complicated? Where do you disable guest users, for a start?
Why not disable other members who do not have a certain status? Just like you can do with regard to adding groups or posting video, creating polls, etc?
If such an arrangement or settings do not exist maybe someone can create a module which would give Jitsi a few more security controls.
If a community was large - dozens of conferences happening simultaneously would surely slow the site down. Some ability to schedule things would be helpful.
What a sick feeling if trespassers were using your site and your bandwidth to do or to plan to do things which you don't approve of. Or things which... might hurt others? Yes, these same "guests" could register and likely get away with it... Still a little more control or the ability to moderate might be useful.
Exactly, you can have a lot of control if you lock it behind a paywall (premium level), for example.
Controlling that on UNA's side that's not a big deal, just set the privileges according to the user level, but all that doesn't transfer to the actual Jitsi server - it will still create you a room if you visit the correct URL regardless of your membership status within the local UNA installation.
-
Hello!
Jitsi Meet allows to close the server for guests with password and login. This ability can be applied using different ways. So, one of them it is just to set password and login for the server and all guests will have to login with password and login when they open the room using UNA room link or create the room directly on your server. Also It is possible to login only the first member with password/login and the all other members who open the room by the link will be joined without login. Example how to do this: https://www.youtube.com/watch?v=SWsO3_roGTw
I suppose, all these options with passwords/login are not compatible for Jitsi Una integration and the most comfortable way is to use JWT authentication. It allows to login user to the server using generated token, thus it is possible to open the rooms for the users who already logged to the UNA and ask for login persons who open the server without login in UNA. Plugin details https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/tokens.md
JWT integration requires changes in current Jitsi UNA integration and you should have your own Jitsi meet server with additional installed plugins. -
Hello!
Jitsi Meet allows to close the server for guests with password and login. This ability can be applied using different ways. So, one of them it is just to set password and login for the server and all guests will have to login with password and login when they open the room using UNA room link or create the room directly on your server. Also It is possible to login only the first member with password/login and the all other members who open the room by the link will be joined without login. Example how to do this: https://www.youtube.com/watch?v=SWsO3_roGTw
I suppose, all these options with passwords/login are not compatible for Jitsi Una integration and the most comfortable way is to use JWT authentication. It allows to login user to the server using generated token, thus it is possible to open the rooms for the users who already logged to the UNA and ask for login persons who open the server without login in UNA. Plugin details https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/tokens.md
JWT integration requires changes in current Jitsi UNA integration and you should have your own Jitsi meet server with additional installed plugins.Hi, thank you for your reply.
When you say "requires changes in current Jitsi UNA integration" - do you mean like core code modifications, that would make the plugin/una not possible to update anymore? I already have our own jitsi meet server. I can see the details there about how to add token checks, but where do you configure tokens to be automatically generated for logged in UNA users that start a videochat?
-
Interested on this too, following...