7 Replies Latest reply on Jan 14, 2011 2:03 AM by grok

    SSO don't work

      Hello,

      i tried a lot of howto's to configure SSO, but i get always the message "Unable to connect using Single Sign on..." in Spark.

      Openfire 3.6.4 ist installed on an Windows2003 SP2 32bit. The Client tested on WinXP 32bit and W7 64bit.

      We have only one active directory domain (Windows 2003). Until the Setup in Openfire in configured quiet everything with default values, only the Active Directory settings in the wizard are set with individual values.

      The manual login with an domainuser through spark works perfect. But i need sso to avoid saving the domainuser password on the client.

      What log and config files are necessery for you to help me?

       

      Kind regards

       

      Hans

        • Re: SSO don't work
          wroot

          What Spark version are you using? I think it should be at least Beta 2 (or now RC1) for SSO to work. Though maybe you already know this if you have read all the howtos. Can't help more, don't know much about SSO.

            • Re: SSO don't work

              Hi wroot,

              i tried both versions.  Now i post you the howtos i tried:

              http://community.igniterealtime.org/docs/DOC-1362

              http://community.igniterealtime.org/docs/DOC-1616

              http://community.igniterealtime.org/docs/DOC-1060

               

              Every try with reboots and new clean installations.

               

              sincerly

              Hans

                • Re: SSO don't work

                  Error.log:

                   

                  at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:109)

                  at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

                  at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

                  at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

                  at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                  at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                  at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

                  at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                  at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

                  at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

                  at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

                  at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

                  at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

                  at java.lang.Thread.run(Unknown Source)

                  2010.12.07 17:58:48 [org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHand ler.java:135)

                  ] Closing connection due to error while processing message: <auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">AHNlYmFzdGlhbnoA</auth>

                  java.util.NoSuchElementException

                  at java.util.StringTokenizer.nextToken(Unknown Source)

                  at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:109)

                  at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

                  at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

                  at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

                  at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                  at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                  at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

                  at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                  at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

                  at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

                  at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

                  at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

                  at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

                  at java.lang.Thread.run(Unknown Source)

                   

                   

                  ---------------------

                   

                   

                  warn.log

                   

                   

                  2010.12.07 18:02:25 Autocreating jiveID row for type '25'

                   

                   

                  ----------------------

                   

                  info.log

                   

                   

                  2010.12.07 17:45:01 Openfire 3.6.4 [Dec 7, 2010 5:45:01 PM]

                  2010.12.07 17:45:02 Admin console listening at http://127.0.0.1:9090

                  2010.12.07 17:45:34 Missing database schema for openfire. Attempting to install...

                  2010.12.07 17:45:34 Database update successful.

                  2010.12.07 17:50:32 Publish-Subscribe domain: pubsub.sman12

                  2010.12.07 17:50:32 Mehrbenutzerchat Domain domain: conference.sman12

                  2010.12.07 17:50:43 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

                  2010.12.07 17:50:43 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

                  2010.12.07 17:50:43 SSL Socket (verschlüsselt) auf Port 5223 gestartet

                  2010.12.07 17:53:33 Publish-Subscribe domain: pubsub.sman12

                  2010.12.07 17:53:33 Mehrbenutzerchat Domain domain: conference.sman12

                  2010.12.07 17:53:34 Openfire 3.6.4 [07.12.2010 17:53:34]

                  2010.12.07 17:53:36 Adminkonsole lauscht auf:

                  http://sman12:9090

                  https://sman12:9091

                  2010.12.07 17:53:36 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

                  2010.12.07 17:53:36 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

                  2010.12.07 17:53:36 SSL Socket (verschlüsselt) auf Port 5223 gestartet

                  2010.12.07 17:54:24 Publish-Subscribe domain: pubsub.sman12

                  2010.12.07 17:54:24 Mehrbenutzerchat Domain domain: conference.sman12

                  2010.12.07 17:54:25 Openfire 3.6.4 [07.12.2010 17:54:25]

                  2010.12.07 17:54:27 Adminkonsole lauscht auf:

                  http://sman12:9090

                  https://sman12:9091

                  2010.12.07 17:54:27 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

                  2010.12.07 17:54:27 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

                  2010.12.07 17:54:27 SSL Socket (verschlüsselt) auf Port 5223 gestartet

                  2010.12.07 18:04:35 User Login Failed. PLAIN authentication failed

                  2010.12.07 18:04:45 User Login Failed. PLAIN authentication failed

                  2010.12.07 18:05:08 Publish-Subscribe domain: pubsub.sman12

                  2010.12.07 18:05:08 Mehrbenutzerchat Domain domain: conference.sman12

                  2010.12.07 18:05:10 Openfire 3.6.4 [07.12.2010 18:05:10]

                  2010.12.07 18:05:12 Adminkonsole lauscht auf:

                  http://sman12:9090

                  https://sman12:9091

                  2010.12.07 18:05:12 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

                  2010.12.07 18:05:12 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

                  2010.12.07 18:05:12 SSL Socket (verschlüsselt) auf Port 5223 gestartet

                  2010.12.07 18:05:20 User Login Failed. PLAIN authentication failed

                  2010.12.07 18:05:29 User Login Failed. PLAIN authentication failed

                  2010.12.08 08:54:31 Publish-Subscribe domain: pubsub.sman12

                  2010.12.08 08:54:31 Mehrbenutzerchat Domain domain: conference.sman12

                  2010.12.08 08:54:32 Openfire 3.6.4 [08.12.2010 08:54:32]

                  2010.12.08 08:54:35 Adminkonsole lauscht auf:

                  http://sman12:9090

                  https://sman12:9091

                  2010.12.08 08:54:35 Serverinstanz (unverschlüsselt) auf Port 5269 gestartet

                  2010.12.08 08:54:35 Plain-Instanz (unverschlüsselt) auf Port 5222 gestartet

                  2010.12.08 08:54:35 SSL Socket (verschlüsselt) auf Port 5223 gestartet

                  2010.12.08 08:58:41 User Login Failed. PLAIN authentication failed

                   

                   

                  -----------------

                   

                   

                  debug.log

                   

                   

                  2010.12.08 09:08:56 LdapManager: Creating a DirContext in LdapManager.getContext()...

                   

                  2010.12.08 09:08:56 LdapManager: Created hashtable with context values, attempting to create context...

                   

                  2010.12.08 09:08:56 LdapManager: ... context created successfully, returning.

                   

                  2010.12.08 09:08:56 LdapManager: Starting LDAP search...

                   

                  2010.12.08 09:08:56 LdapManager: ... search finished

                   

                  2010.12.08 09:08:56 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: CN="Test Test",OU="Administration",OU="b_intern"...

                   

                  2010.12.08 09:08:56 LdapManager: Created context values, attempting to create context...

                   

                  2010.12.08 09:08:56 LdapManager: Caught a naming exception when creating InitialContext

                   

                  javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0]

                   

                  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)

                   

                  at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)

                   

                  at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)

                   

                  at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)

                   

                  at javax.naming.InitialContext.init(Unknown Source)

                   

                  at javax.naming.InitialContext.<init>(Unknown Source)

                   

                  at javax.naming.directory.InitialDirContext.<init>(Unknown Source)

                   

                  at org.jivesoftware.openfire.ldap.LdapManager.checkAuthentication(LdapManager.java :536)

                   

                  at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:115)

                   

                  at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:158)

                   

                  at org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:87)

                   

                  at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:112)

                   

                  at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

                   

                  at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

                   

                  at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                   

                  at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                   

                  at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

                   

                  at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

                   

                  at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

                   

                  at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

                   

                  at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

                   

                  at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

                   

                  at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

                   

                  at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

                   

                  at java.lang.Thread.run(Unknown Source)