bigbluebutton-Github/bigbluebutton-web/grails-app/conf
Pedro Beschorner Marin 2fb26ff0cf Patch of improvements for bbb-web
This patch includes two improvements made for bbb-web. It tries to better isolate
the sessionToken's handling and session's validation, including logs for each one of
these steps; and removes maxParticipats control from registered users (that are no
longer removed from bbb-web collections) binding it to joined users or users that
reached the enter API call. The following adds more details about this last one:

User's regular flow to join a meeting goes around an API join call -> redis register event ->
redirect to client page -> API enter call -> redis join event. When the guest policy is ASK_MODERATOR,
non-moderators are registered and redirected to a guest lobby that polls for her/his guest status and
only enters the meeting after a moderator approval.
Using registered users as control to check how many participants are in a meeting is problematic because
non-approved guests are counted as participants and bbb-web has to find out when to ditch registered users
records to make a seat in a meeting available again. In other words, a meeting with maxParicipants
of 5 can get it's joins locked with a moderator and 4 waiting guests or bbb-web can wrongly drop a registered
user record on a reconnection inducing weird 401 responses from the API.

This change proposes to control maxParticipants both at join and enter API calls monitoring the number
of redis joined users. This also includes an extra buffer to capture users that called the enter API but
still don't have an user joined event.
User left events are now handled different holding the user data before removing from the joined users collection
and only releasing after verifying that the user didn't reconnected.

Both user left timeout `usersTimeout` and entered user timeout `enteredUsersTimeout` can be configured at properties.
2020-09-28 09:59:52 -03:00
..
spring Patch of improvements for bbb-web 2020-09-28 09:59:52 -03:00
application.conf - minor cleanup 2019-04-30 12:30:59 -07:00
application.groovy Set content-type for presentation download, to prevent vulnerable files from being executed 2020-04-16 11:39:49 +12:00
application.yml Add secure tag to bbb-web JSESSIONID cookie 2020-09-22 16:11:53 -03:00
ApplicationResources.groovy - upgrade bigbluebutton-web to grails 2.3.6 2014-02-25 15:46:06 +00:00
bigbluebutton.properties Patch of improvements for bbb-web 2020-09-28 09:59:52 -03:00
BigBlueButtonFilters.groovy - set also the status response 2017-08-08 14:06:53 -07:00
BuildConfig.groovy Update bigbluebutton-web to gradle 5.1 (Work In Progress) 2019-01-09 21:06:09 +01:00
logback.xml - put log into single line 2019-02-09 09:43:29 -08:00
WebXmlConfig.groovy bbb-web: Added WebXmlConfig.groovy in order to remove warning on plugins:webxml:1.4.1 2016-01-14 16:33:16 -05:00