So I’m using a custom integration that has been running fine.
Recently, to facilitate a single-automagic-signon with JappixMini, I decided to write tokenized authentication system and have Openfire authenticate against a new filed in my database named “chatkey”.
The problem is, that openfire seems to ONLY want to recognize the field “password” no matter what SQL I give it.
(I’ve tried both of the following)
SELECT chatkey FROM users WHERE username=? AND underage!='yes'
and
SELECT chatkey AS password FROM users WHERE username=? AND underage!='yes'
This is the error that I get from Openfire.
2013.08.31 20:49:49 org.jivesoftware.openfire.auth.JDBCAuthProvider - Exception in JDBCAuthProvider
com.mysql.jdbc.exceptions.MySQLSyntaxErrorException: Unknown column ‘chatkey’ in ‘field list’
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:936)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:2985)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1631)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:1723)
at com.mysql.jdbc.Connection.execSQL(Connection.java:3283)
at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:1332)
at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:1467)
at org.jivesoftware.openfire.auth.JDBCAuthProvider.getPasswordValue(JDBCAuthProvid er.java:296)
at org.jivesoftware.openfire.auth.JDBCAuthProvider.authenticate(JDBCAuthProvider.j ava:151)
at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:176)
at org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:102)
at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:120)
at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :274)
at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:179)
at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:181)
at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)
at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)
at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.lang.Thread.run(Unknown Source)
Also, as a side note… I WISH there was a way that I could select the password from 2 diff fields, eg, have the website authenticate against chatkey, and users still be able to authenticate against password, such as this…
SELECT CONCAT(password, chatkey) FROM users WHERE username=? and CONCAT(password, chatkey)=?
Because, then I would be able to still allow users to be able to login with standard clients, wthout them having to grab a chatkey first.
(reason for chatkey, is because I pass it to the jappix chat using an encrypted cookie value)