AnsweredAssumed Answered

Spark SSO Improvements

Question asked by dmflists on Sep 18, 2012
Latest reply on Oct 17, 2012 by Walter Ebeling



Currently there are several limitations to Spark's SSO implementation, especially on current windows systems like W7. There are currently two requirements:


1. Session keys need to be sent in the Kerberos TGT:

2. Spark needs to be run-as Administrator if UAC is enabled


Both of these requirements reduce the security of a user's system and in an enterprise envrionment these may not even be allowed.


I'm looking for an XMPP client with working SSO (on W7) and a good user experience around MUC's, I've been able to get Pidgin, Miranda-IM, and Spark working:


Pidgin - SSO requires external MIT Kerberos application which sometimes hangs and remote VPN users doesn't work seamlessly. The MUC interface is cluttered and has too many menus.

Miranda-IM- SSO works seamlessly, just click on "Use Domain Login", remote VPN users seamlessly reconnect once connected via VPN. However, the MUC interface is buried in several menus deep and isn't very user friendly.

Spark - SSO requires the previously mentioned security settings and I haven't tested over a VPN connection. The MUC interface works well, single menu to list the available chatrooms


Would it be possible to look at the way Miranda's SSO implementation works and integrate it with Spark to remove the current limitations? The source code is available here: