Description

Hi, for security reason (to be not responsible for the content of other users may using our public service, as German law states…) we put a basic http auth before our jitsi meet server. In general its just working fine, when accessing the site it asks in a little pop-up for user name and password and after that continues loading the create conference page or the conference itself. But on the mobile app it only shows connection interrupted, reconnecting dialog without anything else. For the reference, its the latest android app from play store (20.1.0 from community.jitsi.org ), latest Debian, latest jitsi-meet package(s) from https://download.jitsi.org stable/

Current behavior

just some constant reloading connection dialog:

https://imgur.com/a/V4Cudif

Expected Behavior

some dialog that asks for username and password like when opening it in browser. Cache the password for at least 24h (best until it dose not work any more) and everything will be fine

https://imgur.com/a/iILJBmX

Possible Solution

Steps to reproduce

install an debian with jitsi meet, create a .htpasswd file and embed it to /etc/nginx/sites-enabled/meet.example.de.conf like this

server_names_hash_bucket_size 64;

server {
    listen 80;
    server_name meet.example.de;
    return 301 https://$host$request_uri;
}
server {
    listen 443 ssl;
    server_name meet.example.de;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";

    add_header Strict-Transport-Security "max-age=31536000";

    ssl_certificate /etc/ssl/meet.example.de.crt;
    ssl_certificate_key /etc/ssl/private/meet.example.de.key;

    root /usr/share/jitsi-meet;
    ssi on;
    index index.html index.htm;
    error_page 404 /static/404.html;

    location = /config.js {
        alias /etc/jitsi/meet/meet.example.de-config.js;
    }

    location = /external_api.js {
        alias /usr/share/jitsi-meet/libs/external_api.min.js;
    }

    #ensure all static content can always be found first
    location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
    {
        add_header 'Access-Control-Allow-Origin' '*';
        alias /usr/share/jitsi-meet/$1/$2;
    }

    # BOSH
    location = /http-bind {
        proxy_pass      http://localhost:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }

    location ~ ^/([^/?&:'"]+)$ {
        try_files $uri @root_path;
          auth_basic           "Nur fuer Firmenname-Personal";
          auth_basic_user_file /etc/jitsi/.htpasswd;
    }

    location @root_path {
        rewrite ^/(.*)$ / break;
          auth_basic           "Nur fuer Firmenname-Personal";
          auth_basic_user_file /etc/jitsi/.htpasswd;

    }
}

then check if it works in browser with basic auth, works here, and check it within the app, you should see just the reconnecting as above.

Environment details

see above

thanks a lot in advance and keep up the good work

lhpi

PS: sry, for some reason when i try to upload a screenshot here it just returns Something went really wrong, and we can’t process that file. so i used imgur Edit: And just after tried to post, got some your browser did something unexpected page, clicking again on new issue and all that comes afterwards i am now also able to upload again, so i added the screenshots up here so imgur urls are redundant now…