Hi all,
At present I am using Openvidu 2.16 on premise deployment. It is using turnadmin to generate coturn user name and password which is passed in openvidu token. It is extracted in Openvidu-browser api and configured in WebRTC peer connection. The problem with this approach is that some time it fails to delete TURN credential. After going through Coturn docs, I came to know that I can use “Time Limited Long Term Credential” by enabling --use-auth-secret in config and use TURN Rest API to generate time limited(default 24 hours) long term credentials. I can implement it for WebRTC clients by simply getting the turn credential embedded in the OpenVidu tokens. My problem is how to pass this credential to back end Kurento server ? At present kurento server has a fixed TURN user name and password which is configured in Coturn config file using --lt-cred-mech . Coturn server does not allow both --lt-cred-mech and --use-auth-secret to be used simultaneously.
The problem with this approach is that some time it fails to delete TURN credential.
If that is true, that is a problem. How can we replicate this issue?
I cannot say exactly when does it happens, but I can find a number of user name and password hanging around in database table. May be this happen when user abruptly close connection. I will verify it and update you about this. For quick fix, I have written a python script to clear the table in the night daily.
@pabloFuente I am creating two tokens one for audio video and one for screen sharing. So total 2 TURN credentials are being generated and passed in token. I found that Openvidu back end is just deleting only one TURN credential after closure of the session. One more thing, I have tweaked the back end code and coturn service a bit and using Postgresql database to store the TURN credentials as I was already using Postgresql for other purpose like user authentication, meeting scheduling etc.