The diagram below shows how calls are authenticated in single Meeting Server deployments using a Windows, OS X or iOS app (client).
App user logs in.
- Logging in triggers the client to do a DNS SRV lookup on _xmpp_client_tcp.example.com.
- DNS server returns the XMPP server address.
- App authenticates to the XMPP server.
- XMPP server communicates with the Call Bridge for authentication.
- Call Bridge checks with LDAP server that the user exists and authenticates the password.
In split deployments, where for instance the Call Bridge and XMPP Server reside on a Core server, and the TURN server, Load Balancer and Web Bridge reside on an Edge server, the authentication process varies as follows:
Step 2: DNS server returns the address of the Load Balancer,
Step 3: The client connects to the Load Balancer which authenticates with the XMPP server via the TLS trunk.
For more information on split deployments see the Scalability and Resilience Deployment Guide.