AnsweredAssumed Answered

SSO setup problem using Hazelcast plugin.

Question asked by Johnny on Dec 23, 2016
Latest reply on Dec 29, 2016 by Johnny

Hi all,


I have setup 2 Openfire servers as a cluster using the Hazelcast plugin.


Active directory:

First Openfire server:

Second Openfire server:

Common database:

Chat client vm:


I tried the guide at 28 Steps to Single Sign On for Openfire XMPP Server on Windows Server 2012 R2 with Spark and it's working fine for the first Openfire server at I can connect using the chat client at The debug console at shows that the keytab was used for the login.


The problem comes with trying to configure SSO for the secondary Openfire server at I created another AD account called xmpp-openfire2 and also used the steps to create a SPN and a keytab for that account. The keytab generated was then copied to the secondary Openfire server resources folder. The gss.conf was also updated to use the principle xmpp/ However, when trying to connect to using the chat client at, I am getting warning logs at the chat client that the Kerberos mechanism was not found on the server. The debug console at was also not throwing debug messages even though debug mode was enabled. I am kind of lost on how to enable SSO for the secondary server. Could I get some assistance with this please? I am pretty sure many folks here would want to know as well.


Thanks in advance.