2 Replies Latest reply on May 19, 2017 11:09 AM by Craig Huckabee

    Offering Other SASL Modes to Clients

    David Mueller

      I've been trying to resolve a Nagios plugin 87736 "XMPP Cleartext Authentication" finding for a while. I have STARTTLS set to required so I couldn't figure out while I was getting this. Instructions I'd previously found for this plugin didn't seem to help, and setting sasl.mechs to EXTERNAL seemed to break things completely and my XMPP client couldn't connect. Most of my users are using Pidgin or Adium. This morning I noticed the "SASL Mechanisms" configuration GUI in the Registration & Login section and saw that only PLAIN and EXTERNAL were being offered to clients but all have the implementation available. What I can't figure out is how to make other modes offered to clients; I'm hoping if I can do that I can disable PLAIN and resolve the Nagios finding.

       

      My server is running on CentOS 6.9 64-bit:

      Openfire Version: 4.1.4 (installed from 64-bit RPM from Ignite Realtime website)

      Java Version: 1.8.0_131 Oracle Corporation -- Java HotSpot(TM) 64-Bit Server VM

      Appserver: jetty/9.2.z-SNAPSHOT

       

      Any suggestions would be appreciated. Thanks.