Spark 2.5.3 Beta 1 BUG: SRV & SSO

Discussion created by DeeJay on May 21, 2007

Sorry for the cross-post but I figured this was a more appropriate forum.



It would seem that Spark does not work with SSO when using SRV records to identify the XMPP Server.


What should happen is:


1) Spark looks up the SRV records to identify the server address

2) Spark does a reverse lookup on the server address and uses that as the security principal (xmpp/reverselookup@REALM)


What actually happens is:


1) Spark does a reverse lookup on the domain name in which the SRV records exists and constructs the security principal from that (xmpp/reverselookupofdomain@REALM)


This breaks SSO in my environment (I configure my server to be the same as my internal AD domain).

Rather than identifying the correct server, it just does a lookup on the domain name, which actually returns a list of domain controllers for the domain. Obviously this isn''t good, as the security principal name changes every time I do it!