Openfire and Spark : unable to connect

0
votes

We installed the last version (4.2.3) of Openfire on locahost to test it before run in production in our local domain.

When we try to connect with Spark 2.7.7, Spark 2.8.3 or even tried another client like Jitsi 2.10.5550, it responds "wrong username or password".

https://i.imgur.com/G4o4iry.png

  • Server is up and running.
  • Administration interface available on port 9090
  • It is correctly linked to our Active Directory database.
  • Firewall is disabled on local machine
  • Tried to connect both from localhost and another computer on same LAN.

Raw sent packets :

<stream:stream to="demo-300" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" version="1.0">
<starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
<stream:stream to="demo-300" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" version="1.0">
<iq id="nmonD-0" type="get"><query xmlns="jabber:iq:auth"><username>cba</username></query></iq>
<iq id="nmonD-1" type="get"><ping xmlns='urn:xmpp:ping' /></iq>

Raw received packets : 

<?xml version='1.0' encoding='UTF-8'?>
    <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="server.domain.local" id="p2cgyfth7" xml:lang="en" version="1.0">
    <stream:features>
        <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"></starttls>
        <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
            <mechanism>GSSAPI</mechanism>
        </mechanisms>
        <compression xmlns="http://jabber.org/features/compress">
            <method>zlib</method>
        </compression>
        <ver xmlns="urn:xmpp:features:rosterver"/>
    </stream:features>
    <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>

<?xml version='1.0' encoding='UTF-8'?>
    <stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="server.domain.local" id="p2cgyfth7" xml:lang="en" version="1.0">
    <stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
        <mechanism>GSSAPI</mechanism>
    </mechanisms>
    <compression xmlns="http://jabber.org/features/compress">
        <method>zlib</method>
    </compression>
    <ver xmlns="urn:xmpp:features:rosterver"/></stream:features>

and on every minute : 

    <iq type="error" id="1rCcI-3" to="server.domain.local/p2cgyfth7">
        <ping xmlns="urn:xmpp:ping"></ping>
        <error code="401" type="auth">
            <not-authorized xmlns="urn:ietf:params:xml:ns:xmpp-stanzas"/>
        </error>
    </iq>

Server configuration :

https://i.imgur.com/R6QWg7p.jpg

Does anyone can help me?

1
active-directoryconnectionopenfirejitsi

1 Answers

0
votes

Solution is to change sasl.mechs setting to PLAIN instead of GSSAPI

https://i.imgur.com/Wd0vTRX.png

But I don't really know why! Because on client side, it uses GSSAPI poperty to connect to server !