Smack 4.1.0 alpha6 - SASLError using DIGEST-MD5: not-authorized

Hi, I recently update smack from aplha5 to alpha6 and unfortunatelly I cannot login to our server anymore with exception SASLError using DIGEST-MD5: not-authorized.

Client using smack is Android phone. User name and password are 100% correct.

Due to API changes in alpha 6 I modify my code for conf & login:

XMPPTCPConnectionConfiguration.XMPPTCPConnectionConfigurationBuilder conf = XMPPTCPConnectionConfiguration.builder(); conf.setHost("my.server.com");
conf.setPort(12345);
conf.setServiceName("myservice");
conf.setDebuggerEnabled(false); // with true is crashing
conf.setUsernameAndPassword("username", "password");
conf.setResource("phone");
conf.setRosterLoadedAtLogin(true);
conf.setSendPresence(false);
conf.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled); // accept all certificate - just for testing
try {
    TLSUtils.acceptAllCertificates(conf);
} catch (NoSuchAlgorithmException e) {
} catch (KeyManagementException e) {
} // verify all hostname - just for testing
conf.setHostnameVerifier(new HostnameVerifier() {
    @Override
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
}); XMPPTCPConnection connection = new XMPPTCPConnection(conf.build());
...
connection.connect();
...
connection.login(); // throw exception SASLError using DIGEST-MD5: not-authorized
...

Gradle configuration:

dependencies {

compile “org.igniterealtime.smack:smack-android:4.1.0-alpha6”

compile “org.igniterealtime.smack:smack-tcp:4.1.0-alpha6”

compile “org.igniterealtime.smack:smack-extensions:4.1.0-alpha6”

compile “org.igniterealtime.smack:smack-debug:4.1.0-alpha6”

compile “org.igniterealtime.smack:smack-sasl-provided:4.1.0-alpha6”

}

Is it everything setup correctly?

Thank you for any help!

After a quick look it appears that there have been no changes to SASLDigestMD5Mechanism in smack-sasl-provided. Note that alpha7 is also available.

Thank you for quick reply! It looks like something is wrong with my setup in new API. Don’t you have any idea where should be problem?

Is it possible to force enable Android debugger? When I set conf.setDebuggerEnabled(true) app crashing with java.lang.IllegalArgumentException: Can’t initialize the configured debugger! (trying resolve some swing classes aka Failed resolution of: Ljavax/swing/JTabbedPane;, etc.)

When I set conf.setDebuggerEnabled(true) app crashing with java.lang.IllegalArgumentException: Can’t initialize the configured debugger! (trying resolve some swing classes aka Failed resolution of: Ljavax/swing/JTabbedPane;, etc.)

**Always **include a stacktrace with reporting unexpected exceptions. It should figure out automatically the right debugger for the platform.

Sorry, here is full stacktrace.

12-02 20:15:11.574
5637-5672/com.test E/MyApp-EXCEPTION﹕ Uncaught exception for thread MonitorService
java.lang.IllegalArgumentException: Can’t initialize the configured debugger!
at org.jivesoftware.smack.debugger.ReflectionDebuggerFactory.create(ReflectionDebu ggerFactory.java:88)
at org.jivesoftware.smack.SmackConfiguration.createDebugger(SmackConfiguration.jav a:200)
at org.jivesoftware.smack.AbstractXMPPConnection.initDebugger(AbstractXMPPConnecti on.java:804)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:645)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.initConnection(XMPPTCPConnection.j ava:584)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectUsingConfiguration(XMPPTCPC onnection.java:568)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectInternal(XMPPTCPConnection. java:822)
at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.ja va:326)
at com.test.communication.XmppConnection.connectAndAuth(XmppConnection.java:808)
at com.test.communication.XmppConnection.initConnection(XmppConnection.java:630)
at com.test.communication.XmppConnection.start(XmppConnection.java:384)
at com.test.communication.XmppConnection.xmppRequestStateChange(XmppConnection.jav a:483)
at com.test.service.MonitorService$ServiceHandler.handleMessage(MonitorService.jav a:199)
at android.os.Handler.dispatchMessage(Handler.java:102)
at android.os.Looper.loop(Looper.java:135)
at android.os.HandlerThread.run(HandlerThread.java:61)
Caused by: java.lang.reflect.InvocationTargetException
at java.lang.reflect.Constructor.newInstance(Native Method)
at java.lang.reflect.Constructor.newInstance(Constructor.java:288)
at org.jivesoftware.smack.debugger.ReflectionDebuggerFactory.create(ReflectionDebu ggerFactory.java:86)

at org.jivesoftware.smack.SmackConfiguration.createDebugger(SmackConfiguration.jav a:200)

at org.jivesoftware.smack.AbstractXMPPConnection.initDebugger(AbstractXMPPConnecti on.java:804)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:645)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.initConnection(XMPPTCPConnection.j ava:584)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectUsingConfiguration(XMPPTCPC onnection.java:568)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectInternal(XMPPTCPConnection. java:822)

at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.ja va:326)

at com.test.communication.XmppConnection.connectAndAuth(XmppConnection.java:808)

at com.test.communication.XmppConnection.initConnection(XmppConnection.java:630)

at com.test.communication.XmppConnection.start(XmppConnection.java:384)

at com.test.communication.XmppConnection.xmppRequestStateChange(XmppConnection.jav a:483)

at com.test.service.MonitorService$ServiceHandler.handleMessage(MonitorService.jav a:199)

at android.os.Handler.dispatchMessage(Handler.java:102)

at android.os.Looper.loop(Looper.java:135)

at android.os.HandlerThread.run(HandlerThread.java:61)

Caused by: java.lang.NoClassDefFoundError: Failed resolution of: Ljavax/swing/JTabbedPane;
at org.jivesoftware.smackx.debugger.EnhancedDebugger.createDebug(EnhancedDebugger. java:192)
at org.jivesoftware.smackx.debugger.EnhancedDebugger.(EnhancedDebugger.java: 181)

at java.lang.reflect.Constructor.newInstance(Native Method)

at java.lang.reflect.Constructor.newInstance(Constructor.java:288)

at org.jivesoftware.smack.debugger.ReflectionDebuggerFactory.create(ReflectionDebu ggerFactory.java:86)

at org.jivesoftware.smack.SmackConfiguration.createDebugger(SmackConfiguration.jav a:200)

at org.jivesoftware.smack.AbstractXMPPConnection.initDebugger(AbstractXMPPConnecti on.java:804)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:645)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.initConnection(XMPPTCPConnection.j ava:584)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectUsingConfiguration(XMPPTCPC onnection.java:568)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectInternal(XMPPTCPConnection. java:822)

at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.ja va:326)

at com.test.communication.XmppConnection.connectAndAuth(XmppConnection.java:808)

at com.test.communication.XmppConnection.initConnection(XmppConnection.java:630)

at com.test.communication.XmppConnection.start(XmppConnection.java:384)

at com.test.communication.XmppConnection.xmppRequestStateChange(XmppConnection.jav a:483)

at com.test.service.MonitorService$ServiceHandler.handleMessage(MonitorService.jav a:199)

at android.os.Handler.dispatchMessage(Handler.java:102)

at android.os.Looper.loop(Looper.java:135)

at android.os.HandlerThread.run(HandlerThread.java:61)

Caused by: java.lang.ClassNotFoundException: Didn’t find class “javax.swing.JTabbedPane” on path: DexPathList[[zip file “/data/app/com.test-1/base.apk”],nativeLibraryDirectories=[/data/app/com.test-1 /lib/arm, /vendor/lib, /system/lib]]
at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56)
at java.lang.ClassLoader.loadClass(ClassLoader.java:511)
at java.lang.ClassLoader.loadClass(ClassLoader.java:469)

at org.jivesoftware.smackx.debugger.EnhancedDebugger.createDebug(EnhancedDebugger. java:192)

at org.jivesoftware.smackx.debugger.EnhancedDebugger.(EnhancedDebugger.java: 181)

at java.lang.reflect.Constructor.newInstance(Native Method)

at java.lang.reflect.Constructor.newInstance(Constructor.java:288)

at org.jivesoftware.smack.debugger.ReflectionDebuggerFactory.create(ReflectionDebu ggerFactory.java:86)

at org.jivesoftware.smack.SmackConfiguration.createDebugger(SmackConfiguration.jav a:200)

at org.jivesoftware.smack.AbstractXMPPConnection.initDebugger(AbstractXMPPConnecti on.java:804)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.initReaderAndWriter(XMPPTCPConnect ion.java:645)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.initConnection(XMPPTCPConnection.j ava:584)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectUsingConfiguration(XMPPTCPC onnection.java:568)

at org.jivesoftware.smack.tcp.XMPPTCPConnection.connectInternal(XMPPTCPConnection. java:822)

at org.jivesoftware.smack.AbstractXMPPConnection.connect(AbstractXMPPConnection.ja va:326)

at com.test.communication.XmppConnection.connectAndAuth(XmppConnection.java:808)

at com.test.communication.XmppConnection.initConnection(XmppConnection.java:630)

at com.test.communication.XmppConnection.start(XmppConnection.java:384)

at com.test.communication.XmppConnection.xmppRequestStateChange(XmppConnection.jav a:483)

at com.test.service.MonitorService$ServiceHandler.handleMessage(MonitorService.jav a:199)

at android.os.Handler.dispatchMessage(Handler.java:102)

at android.os.Looper.loop(Looper.java:135)

at android.os.HandlerThread.run(HandlerThread.java:61)

Suppressed: java.lang.ClassNotFoundException: javax.swing.JTabbedPane
at java.lang.Class.classForName(Native Method)
at java.lang.BootClassLoader.findClass(ClassLoader.java:781)
at java.lang.BootClassLoader.loadClass(ClassLoader.java:841)
at java.lang.ClassLoader.loadClass(ClassLoader.java:504)
… 21 more
Caused by: java.lang.NoClassDefFoundError: Class not found using the boot class loader; no stack available

Remove smack-debug from your dependencies.

I try remove smack-debug from dependencies already, but without success. There is no exception, but also no debug info in log (with alpha5 everything works ok).

I also write sample app just for testing connection (and login) to openfire server. Alpha 5 show debug info, connect and login to server, alpha 6 just throw the exception:

org.jivesoftware.smack.sasl.SASLErrorException: SASLError using DIGEST-MD5: not-authorized

at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthenticati on.java:365)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPC onnection.java:1053)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$200(XMPPTCPCon nection.java:931)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnecti on.java:950)

How Can I download the latest alpha7 version? I do not see the version in mavenCentral nor oss.sonatype.org.

Thank you!

I’m sorry, I was a bit confused, alpha7 is only in the SNAPSHOT stage, which means you need to add the sonatype snapshot repository. Anyways, I took another look, and found that there was indeed a change between alpha5 and alpha6 related to DIGEST-MD5 from sasl-provided: Implemented MD5 just like the SHA1 util · 763f9c7 · igniterealtime/Smack · GitHub

But, it would expect the unit tests would catch any errors that could be introduced by this change on this level. But I can’t for sure, I guess I will first try if it still works for me, and report back. Thanks.

Confirmed: I was just able to login using sasl-provided DIGEST-MD5 on alpha6. So please re-check your credentials.

Thank you for your re-check. I absolutelly sure about credential. Here is sample code for alpha5 & alpha6

Both codes are testing on Android (4.x & 5.0), server is Openfire 3.9.3

alpha5 (works - login & show debug info in console):

dependencies {

compile “org.igniterealtime.smack:smack-android:4.1.0-alpha5”

compile “org.igniterealtime.smack:smack-tcp:4.1.0-alpha5”

compile “org.igniterealtime.smack:smack-extensions:4.1.0-alpha5”

}

ConnectionConfiguration conf = new ConnectionConfiguration("myserver.com", 5222, "myservice"); conf.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);
conf.setDebuggerEnabled(true); conf.setHostnameVerifier(new HostnameVerifier() {
    @Override
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
}); XMPPTCPConnection connection = new XMPPTCPConnection(conf); try {
    connection.connect();
} catch (Exception e) {
    e.printStackTrace();
} try {
    connection.login("LOGIN", "PASS", "RESOURCE");
} catch (Exception e) {
    e.printStackTrace
}

alpha6 (not works - throw the exception and no debug info):

dependencies {

compile “org.igniterealtime.smack:smack-android:4.1.0-alpha6”

compile “org.igniterealtime.smack:smack-tcp:4.1.0-alpha6”

compile “org.igniterealtime.smack:smack-extensions:4.1.0-alpha6”

}

XMPPTCPConnectionConfiguration.XMPPTCPConnectionConfigurationBuilder conf = XMPPTCPConnectionConfiguration.builder();
conf.setHost("myserver.com");
conf.setPort(5222);
conf.setServiceName("myservice"); conf.setUsernameAndPassword("LOGIN", "PASSWORD");
conf.setResource("RESOURCE"); conf.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled); conf.setHostnameVerifier(new HostnameVerifier() {
    @Override
    public boolean verify(String hostname, SSLSession session) {
        return true;
    }
}); XMPPTCPConnection connection = new XMPPTCPConnection(conf.build()); try {
    connection.connect();
} catch (Exception e) {
    e.printStackTrace();
} try {
    connection.login(); // here is the exception
} catch (Exception e) {
    e.printStackTrace();
}

Ok, please set “SmackConfiguration.DEBUG” to true, and provide

  • the relevant exchanged stream elements, i.e. the XMPP login sequence

  • the full exception incl stacktrace

for both versions. Note that the debug output may contain the password, so use a (simple) password you can destroy after the test.

I setup both DEBUG variables to TRUE in beta6, but still no debug info in console (in beta5 works fine)

SmackConfiguration.DEBUG_ENABLED = true;

conf.setDebuggerEnabled(true);

We have another similar report: login alpha6 fails

In order to tackle the problem please set “SmackConfiguration.DEBUG” to true, and provide

  • the relevant exchanged stream elements, i.e. the XMPP login sequence

  • the full exception incl stacktrace

Also please perform a positive test, as I was able to use DIGEST-MD5 with alpha6 and prosody. So create an account on a (public) prosody server and disable SCRAM-SHA-1 by calling

SASLAuthentication.blacklistSASLMechanism(“SCRAM-SHA-1”);

before performing the authentication. And report back if it works or not (assure that DIGEST-MD5 is actually used).

Also @Jan Sarson and @kirk please talk to each other to identity similarities between your setups that could trigger this.

Affected people could also use

git bisect start ad0921e18cca56dbfff09cee2530c7926ca1181f aecb3cc861d5baec2103474b2171320c2068354a

to create Smack artifacts, that you need to use in your setup, to determine which commit introduced this behavior.

Hi Flow, thank you! As I wrote before it is not possible to enabled DEBUG mode in alpha6 (on Android).

In meantime I perform a positive test with public prosody server:

XMPPTCPConnectionConfiguration.XMPPTCPConnectionConfigurationBuilder conf = XMPPTCPConnectionConfiguration.builder();
conf.setHost("twattle.net");
conf.setPort(5222);
conf.setServiceName("twattle.net"); SASLAuthentication.blacklistSASLMechanism("SCRAM-SHA-1");
AndPassword("testtest", "testtest"); conf.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);

I still can not login to our openfire server with DIGEST-MD5.

I am experiencing the same issues on android within my project as well.

Thanks for you reply Jan.

As I wrote before it is not possible to enabled DEBUG mode in alpha6 (on Android).
It is possible, but since alpha6 Smack uses JUL for logging. And per default JUL does not output log messages of level debug. So you need to either change the JUL settings to output also log messages of level FINE, or you could disable the JULDebugger with

SmackConfiguration.addDisabledSmackClass(“org.jivesoftware.smack.debugger.JulDeb ugger”)

which should cause the AndroidDebugger to get selected.

But anyway, I was able to successfully login with alpha6, DIGEST-MD5 on igniterealtime.org, which runs Openfire (3.10.0 alpha). As far as I can tell, Smack behaves standard conform.

Great! After disable JulDebugger, debug info is shown in console again :slight_smile:

login: testtest

password: testtest

D/SMACK﹕ SENT (0): <stream:stream xmlns='jabber:client' to='myservice' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
D/SMACK﹕ RECV  (0): <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="myhost" id="5b982e97" xml:lang="en" version="1.0">
D/SMACK﹕ RECV  (0): <stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"><required/></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism><mechanism>CRAM-MD5</mechanism></mechanisms></stream:features>
D/SMACK﹕ SENT (0): <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'></starttls>
D/SMACK﹕ RECV  (0): <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>
D/SMACK﹕ SENT (0): <stream:stream xmlns='jabber:client' to='myservice' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
D/SMACK﹕ RECV  (0): <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="myhost" id="5b982e97" xml:lang="en" version="1.0"><stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism><mechanism>CRAM-MD5</mechanism></mechanisms><auth xmlns="http://jabber.org/features/iq-auth"/></stream:features>
D/SMACK﹕ SENT (0): <auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='DIGEST-MD5'>=</auth>
D/SMACK﹕ RECV  (0): <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">cmVhbG09ImJhYnlhbS50YXBweXRhcHMuY29tIixub25jZT0iY2dWcWdWait1NjByMXVFRCtZV3BTMzRpUVpCdE0vWkpGWTBiQXJHdSIscW9wPSJhdXRoIixjaGFyc2V0PXV0Zi04LGFsZ29yaXRobT1tZDUtc2Vzcw==</challenge>
D/SMACK﹕ SENT (0): <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>dXNlcm5hbWU9InRlc3R0ZXN0IixyZWFsbT0iYmFieW1vbml0b3IzZyIsbm9uY2U9ImNnVnFnVmordTYwcjF1RUQrWVdwUzM0aVFaQnRNL1pKRlkwYkFyR3UiLGNub25jZT0iNlNFTUNMOUs5NE9Od1ZOOFMzVzZLNDN5MWo5YlJ0UnoiLG5jPTAwMDAwMDAxLHFvcD1hdXRoLGRpZ2VzdC11cmk9InhtcHAvYmFieW1vbml0b3IzZyIscmVzcG9uc2U9YTAwNWU1NDQ3YTVlOTFiZGFjZTI5OGU4Y2ZlZThjNTUsY2hhcnNldD11dGYtOA==</response>
D/SMACK﹕ RECV  (0): <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure>

But with my implementation I will nto be using SSL for the moment.

Maybe an example code snippet could be posted on the implementation of the configuration and logging into an accoun?