SSO/spark.properties question

Jonah_Ferguson · December 7, 2012, 11:19pm

I’m working towards deploying spark via GPO (windows 2008 server domain using AD) and a sign-on .bat file to copy the spark.properties file. I know this is old hat (apologize if duplicate post - I have looked for a recent answer to this question but can’t find it), but assuming SSO is working (works fine on my machine), how do you generalize the spark.properties file to distribute to other machines with working SSO? I have tried taking out the encrypted password and blanking out my username, but spark won’t connect. Any pointers? (My) working spark.properties is as follows:

#Spark Settings

#Fri Dec 07 17:04:55 CST 2012

pkiStore=JKS

trustStorePassword=

tabsOnTop=true

checkForBeta=false

stunFallbackHost=

isShowingRoleIcons=false

audioDevice=

lastUpdateCheck=1354046478776

defaultChatLengthTimeout=15

pkiEnabled=false

showPrevHistory=true

AvailableCodecs=

isMucHighNameOn=false

notifyOnOffline=false

autoAcceptMucInvite=false

offlineGroupVisible=true

showOfflineUsers=true

compressionOn=false

isMucRandomColors=true

protocol=SOCKS

ENCRYPTED PASSWORD HERE

xmppPort=5222

SystemTrayNotificationEnabled=false

sslEnabled=false

autoLoginEnabled=false

trustStorePath=

notifyOnOnline=false

chatNotificationOn=true

videoDevice=

passwordSaved=true

resource=Spark 2.6.3

showHistory=true

toasterPopup=false

username=USERNAMEHERE

showTypingNotification=false

ssoEnabled=true

timeFormat=HH:mm

ssoMethod=dns

hostAndPort=true

server=SERVERHERE

showEmptyGroups=true

jksPath=

stunFallbackPort=3478

buzzEnabled=true

xmppHost=SERVERHERE

isMucHighToastOn=false

SelectedCodecs=speex/rtp^ALAW/rtp^ULAW/rtp^gsm/rtp^ilbc/rtp^g723/rtp^

isShowJoinLeaveMessagesOn=true

timeout=10

proxyEnabled=false

windowTakesFocus=false

isMucHighTextOn=false

debuggerEnabled=false

timeDisplayed=true

Thanks!

M_Tejera · December 10, 2012, 9:31am

You need to erase username, password and passwordSaved lines.

In my case i didn’t get sso to work on spark trough dns, so i used kerberos authentication. A pain to get it to work, but it is working now.

For sso you only need three lines on the spark.properties

ssoEnabled=true

ssoMethod=METHOD (i’m using ssoMethod=file)

server=SERVER

In doubt add xmppHost=SERVER but i don’t use it.

In my case i use a vbs script to edit the file spark.properties on logon.

Jonah_Ferguson · December 10, 2012, 2:44pm

Thanks so much for replying.

Do the username, passwordsaved and password fields get dropped into your propeties file after you run? I tried the settings you suggested and I’m still not having any luck. When I check the spark.properties, the password and passwordsaved entries are still not in it. Any idea if they should be? When I restore the spark.properties shown above (with username, password, passwordsaved), it works again.

Jonah_Ferguson · December 10, 2012, 2:58pm

sounds like I should kerberos a try without dns:

http://community.igniterealtime.org/thread/37765

Jonah_Ferguson · December 10, 2012, 3:04pm

Are these the steps you followed to get kerberos sso working:

http://community.igniterealtime.org/docs/DOC-1362

?

M_Tejera · December 10, 2012, 4:51pm

Yep.

I had two problems during my setup, one because the keytab wasn’t properly created. After looking around i found there’s a tool included in the java runtime named kinit that helped me verify the keytab and it was wrong. I used the java ktab to re-create the keytab instead of the windows one mentioned in the doc, and testing came ok.

The second problem i mention the solution here http://community.igniterealtime.org/message/222939#222939

Jonah_Ferguson · December 10, 2012, 5:25pm

Awesome. Will give this a shot first chance I get. I’ll let you know how it goes.

Thanks again!