SSO don't work

Hello,

i tried a lot of howto’s to configure SSO, but i get always the message “Unable to connect using Single Sign on…” in Spark.

Openfire 3.6.4 ist installed on an Windows2003 SP2 32bit. The Client tested on WinXP 32bit and W7 64bit.

We have only one active directory domain (Windows 2003). Until the Setup in Openfire in configured quiet everything with default values, only the Active Directory settings in the wizard are set with individual values.

The manual login with an domainuser through spark works perfect. But i need sso to avoid saving the domainuser password on the client.

What log and config files are necessery for you to help me?

Kind regards

Hans

What Spark version are you using? I think it should be at least Beta 2 (or now RC1) for SSO to work. Though maybe you already know this if you have read all the howtos. Can’t help more, don’t know much about SSO.

Hi wroot,

i tried both versions. Now i post you the howtos i tried:

http://community.igniterealtime.org/docs/DOC-1362

http://community.igniterealtime.org/docs/DOC-1616

http://community.igniterealtime.org/docs/DOC-1060

Every try with reboots and new clean installations.

sincerly

Hans

Error.log:

at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:109)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

at java.lang.Thread.run(Unknown Source)

2010.12.07 17:58:48 [org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHand ler.java:135)

] Closing connection due to error while processing message: AHNlYmFzdGlhbnoA

java.util.NoSuchElementException

at java.util.StringTokenizer.nextToken(Unknown Source)

at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:109)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

at java.lang.Thread.run(Unknown Source)


warn.log

2010.12.07 18:02:25 Autocreating jiveID row for type ‘25’


info.log

2010.12.07 17:45:01 Openfire 3.6.4 [Dec 7, 2010 5:45:01 PM]

2010.12.07 17:45:02 Admin console listening at http://127.0.0.1:9090

2010.12.07 17:45:34 Missing database schema for openfire. Attempting to install…

2010.12.07 17:45:34 Database update successful.

2010.12.07 17:50:32 Publish-Subscribe domain: pubsub.sman12

2010.12.07 17:50:32 Mehrbenutzerchat Domain domain: conference.sman12

2010.12.07 17:50:43 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

2010.12.07 17:50:43 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

2010.12.07 17:50:43 SSL Socket (verschlüsselt) auf Port 5223 gestartet

2010.12.07 17:53:33 Publish-Subscribe domain: pubsub.sman12

2010.12.07 17:53:33 Mehrbenutzerchat Domain domain: conference.sman12

2010.12.07 17:53:34 Openfire 3.6.4 [07.12.2010 17:53:34]

2010.12.07 17:53:36 Adminkonsole lauscht auf:

http://sman12:9090

https://sman12:9091

2010.12.07 17:53:36 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

2010.12.07 17:53:36 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

2010.12.07 17:53:36 SSL Socket (verschlüsselt) auf Port 5223 gestartet

2010.12.07 17:54:24 Publish-Subscribe domain: pubsub.sman12

2010.12.07 17:54:24 Mehrbenutzerchat Domain domain: conference.sman12

2010.12.07 17:54:25 Openfire 3.6.4 [07.12.2010 17:54:25]

2010.12.07 17:54:27 Adminkonsole lauscht auf:

http://sman12:9090

https://sman12:9091

2010.12.07 17:54:27 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

2010.12.07 17:54:27 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

2010.12.07 17:54:27 SSL Socket (verschlüsselt) auf Port 5223 gestartet

2010.12.07 18:04:35 User Login Failed. PLAIN authentication failed

2010.12.07 18:04:45 User Login Failed. PLAIN authentication failed

2010.12.07 18:05:08 Publish-Subscribe domain: pubsub.sman12

2010.12.07 18:05:08 Mehrbenutzerchat Domain domain: conference.sman12

2010.12.07 18:05:10 Openfire 3.6.4 [07.12.2010 18:05:10]

2010.12.07 18:05:12 Adminkonsole lauscht auf:

http://sman12:9090

https://sman12:9091

2010.12.07 18:05:12 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

2010.12.07 18:05:12 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

2010.12.07 18:05:12 SSL Socket (verschlüsselt) auf Port 5223 gestartet

2010.12.07 18:05:20 User Login Failed. PLAIN authentication failed

2010.12.07 18:05:29 User Login Failed. PLAIN authentication failed

2010.12.08 08:54:31 Publish-Subscribe domain: pubsub.sman12

2010.12.08 08:54:31 Mehrbenutzerchat Domain domain: conference.sman12

2010.12.08 08:54:32 Openfire 3.6.4 [08.12.2010 08:54:32]

2010.12.08 08:54:35 Adminkonsole lauscht auf:

http://sman12:9090

https://sman12:9091

2010.12.08 08:54:35 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

2010.12.08 08:54:35 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

2010.12.08 08:54:35 SSL Socket (verschlüsselt) auf Port 5223 gestartet

2010.12.08 08:58:41 User Login Failed. PLAIN authentication failed


debug.log

2010.12.08 09:08:56 LdapManager: Creating a DirContext in LdapManager.getContext()…

2010.12.08 09:08:56 LdapManager: Created hashtable with context values, attempting to create context…

2010.12.08 09:08:56 LdapManager: … context created successfully, returning.

2010.12.08 09:08:56 LdapManager: Starting LDAP search…

2010.12.08 09:08:56 LdapManager: … search finished

2010.12.08 09:08:56 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: CN=“Test Test”,OU=“Administration”,OU=“b_intern”…

2010.12.08 09:08:56 LdapManager: Created context values, attempting to create context…

2010.12.08 09:08:56 LdapManager: Caught a naming exception when creating InitialContext

javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0]

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)

at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)

at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)

at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)

at javax.naming.InitialContext.init(Unknown Source)

at javax.naming.InitialContext.(Unknown Source)

at javax.naming.directory.InitialDirContext.(Unknown Source)

at org.jivesoftware.openfire.ldap.LdapManager.checkAuthentication(LdapManager.java :536)

at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:115)

at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:158)

at org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:87)

at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:112)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

at java.lang.Thread.run(Unknown Source)

when upgrade apache mina to 2.0.x for openfire ?

Can’t say when, so far can only file this as a task. OF-421

1 Like

OK,Thanks!

If u got configuration wrong, try what i wrote in response to this thread: http://community.igniterealtime.org/message/208650#208650

That was what helped me to get it up and running…