JItsi COnference FOcus is a server side focus component used in Jitsi Meet conferences.
Java Shell Other
Switch branches/tags
stable/jitsi-meet_3135 stable/jitsi-meet_2988 jitsi-meet_3232 jitsi-meet_3231 jitsi-meet_3230 jitsi-meet_3229 jitsi-meet_3228 jitsi-meet_3227 jitsi-meet_3226 jitsi-meet_3225 jitsi-meet_3224 jitsi-meet_3223 jitsi-meet_3222 jitsi-meet_3221 jitsi-meet_3220 jitsi-meet_3219 jitsi-meet_3218 jitsi-meet_3217 jitsi-meet_3216 jitsi-meet_3215 jitsi-meet_3214 jitsi-meet_3213 jitsi-meet_3212 jitsi-meet_3211 jitsi-meet_3210 jitsi-meet_3209 jitsi-meet_3208 jitsi-meet_3207 jitsi-meet_3206 jitsi-meet_3205 jitsi-meet_3204 jitsi-meet_3203 jitsi-meet_3202 jitsi-meet_3201 jitsi-meet_3200 jitsi-meet_3199 jitsi-meet_3198 jitsi-meet_3197 jitsi-meet_3196 jitsi-meet_3195 jitsi-meet_3194 jitsi-meet_3193 jitsi-meet_3192 jitsi-meet_3191 jitsi-meet_3190 jitsi-meet_3189 jitsi-meet_3188 jitsi-meet_3187 jitsi-meet_3186 jitsi-meet_3185 jitsi-meet_3184 jitsi-meet_3183 jitsi-meet_3182 jitsi-meet_3181 jitsi-meet_3180 jitsi-meet_3179 jitsi-meet_3178 jitsi-meet_3177 jitsi-meet_3176 jitsi-meet_3175 jitsi-meet_3174 jitsi-meet_3173 jitsi-meet_3172 jitsi-meet_3171 jitsi-meet_3170 jitsi-meet_3169 jitsi-meet_3168 jitsi-meet_3167 jitsi-meet_3166 jitsi-meet_3165 jitsi-meet_3164 jitsi-meet_3163 jitsi-meet_3162 jitsi-meet_3161 jitsi-meet_3160 jitsi-meet_3159 jitsi-meet_3158 jitsi-meet_3157 jitsi-meet_3156 jitsi-meet_3155 jitsi-meet_3154 jitsi-meet_3153 jitsi-meet_3152 jitsi-meet_3151 jitsi-meet_3150 jitsi-meet_3149 jitsi-meet_3148 jitsi-meet_3147 jitsi-meet_3146 jitsi-meet_3145 jitsi-meet_3144 jitsi-meet_3143 jitsi-meet_3142 jitsi-meet_3141 jitsi-meet_3140 jitsi-meet_3139 jitsi-meet_3138 jitsi-meet_3137 jitsi-meet_3136 jitsi-meet_3135
Nothing to show
Clone or download

README.md

Jicofo

JItsi COnference FOcus is a server side focus component used in Jitsi Meet conferences.

Overview

Conference focus is mandatory component of Jitsi Meet conferencing system next to the videobridge. It is responsible for managing media sessions between each of the participants and the videobridge. Whenever new conference is about to start an IQ is sent to the component to allocate new focus instance. After that special focus participant joins Multi User Chat room. It will be creating Jingle session between Jitsi videobridge and the participant. Although the session in terms of XMPP is between focus user and participant the media will flow between participant and the videobridge. That's because focus user will allocate Colibri channels on the bridge and use them as it's own Jingle transport.

Quick install (from the start)

To start quickly with Jicofo it is recomended to install Jitsi Meet using quick install instruction which should install and configure 'jicofo' debian package next to 'jitsi-meet'.

Download

You can download Debian/Ubuntu binaries:

Manual Prosody configuration

Jicofo requires special 'owner' permissions in XMPP Multi User Chat to manage user roles. Because of that it needs adminsitrator credentials to start. By default Jitsi Meet uses XMPP domain with anonymous login method(jitsi.example.com), so additional VirtualHost has to be added to Prosody configuration(etc\prosody\prosody.cfg.lua):

VirtualHost "auth.jitsi.example.com"
    authentication = "internal_plain"

Next step is to create admin user that will be used by Jicofo to log in:

sudo prosodyctl register focus auth.jitsi.example.com focuspassword

Include focus user as one of server admins:

admins = { focus@auth.jitsi.example.com }

Add XMPP focus component:

Component "focus.jitsi.exmaple.com"
    component_secret="focus_secret"

Restart Prosody:

sudo prosodyctl restart

If we use 'focus.jitsi.example.com' where 'jitsi.example.com' is our main domain we don't need to modify config.js in Jitsi Meet. Application will try to add 'focus' prefix to our domain and find focus component there. To specify different name for focus component you need to modify config.js file in Jitsi Meet. Assuming that we want to use 'special_focus.jitsi.example.com' then config.js should look like following:

var config = {
    hosts: {
        domain: 'jitsi.example.com',
        muc: 'conference.jitsi.example.com',
        bridge: 'jitsi-videobridge.jitsi.example.com',
        focus: 'special_focus.jitsi.example.com'
    },
    ...

Running Jicofo from distribution package

  1. Build distributon package using ant target for your OS: "dist.lin", "dist.lin64", "dist.macosx", "dist.win" or "dist.win64"
  2. Packge will be placed in 'dist/{os-name}' folder.
  3. Extract distribution package to the folder of your choice.
  4. Assuming Prosody has been configured using "Manual configuration for Prosody" 'jicofo' run script should be executed with following arguments:
    ./jicofo.sh --domain=jitsi.exmaple.com --secret=focus_secret --user_domain=auth.jitsi.example.com --user_name=focus --user_password=focuspassword

Run arguments descripton

  • --domain=DOMAIN sets the XMPP domain
  • --host=HOST sets the hostname of the XMPP server (default: --domain, if --domain is set, localhost otherwise)
  • --port=PORT sets the port of the XMPP server (default: 5347)
  • --subdomain=SUBDOMAIN sets the sub-domain used to bind focus XMPP component (default: focus)
  • --secret=SECRET sets the shared secret used to authenticate focus component to the XMPP server
  • --user_domain=DOMAIN specifies the name of XMPP domain used by the focus user to login
  • --user_name=USERNAME specifies the username used by the focus XMPP user to login. (default: focus@user_domain)
  • --user_password=PASSWORD specifies the password used by focus XMPP user to login. If not provided then focus user will use anonymous authentication method

Secure domain

It is possible to allow only authenticated users for creating new conference rooms. Whenever new room is about to be created Jitsi Meet will prompt for user name and password. After room is created others will be able to join from anonymous domain. Here's what has to be configured:

1 In Prosody:

a) Enable authentication on your main domain:

VirtualHost "jitsi-meet.example.com"
    authentication = "internal_plain"

b) Add new virtual host with anonymous login method for guests:

VirtualHost "guest.jitsi-meet.example.com"
    authentication = "anonymous"
    c2s_require_encryption = false

2 In Jitsi Meet config.js configure 'anonymousdomain':

var config = {
    hosts: {
            domain: 'jitsi-meet.example.com',
            anonymousdomain: 'guest.jitsi-meet.example.com',
            ...
        },
        ...
}

3 When running Jicofo specify your main domain in additional configuration property. Jicofo will accept conference allocation requests only from authenticated domain.

-Dorg.jitsi.jicofo.auth.URL=XMPP:jitsi-meet.example.com

If you have Jicofo installed from the Debian package this should go directly to /etc/jitsi/jicofo/sip-communicator.properties file:

org.jitsi.jicofo.auth.URL=XMPP:jitsi-meet.example.com

To create users use the command:

prosodyctl register <username> jitsi-meet.example.com <password>

Certificates

Jicofo uses an XMPP user connection (on port 5222 by default), and since the upgrade to smack4 it verifies the server's certificate. In a default installation the debian installation scripts take care of generating a self-signed certificate and adding it to the keystore.

For situations in which the certificate is not trusted you can add it to the store by:

On Linux

sudo cp cert.pem /usr/local/share/ca-certificates/ 
sudo update-ca-certificates

On MacOS X

On Mac java uses its own keystore, so adding the certificate to the system one does not work. Add it to the java keystore with:

sudo keytool -importcert -file cert.pem -keystore /Library/Java//JavaVirtualMachines/jdk1.8.0_25.jdk/Contents/Home/jre/lib/security/cacerts

Note that if the XMPP server you are connecting to is a prosody instance configured with the jitsi-meet scripts, then you can find the certificate in:

/var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt