Can''t get anonymous login to work

I tried both the latest beta (3.1) and the stable (3.0.1). I tried multiple jabber clients including Spark. I just can’‘t seem to get anonymous login to work. I even tried adding to wildfire.xml. I don’'t see anything useful in debug.log.

When I captured packets using Ethereal I see that the client side is sending the "<auth mechanism=“PLAIN” xmlns=“urn:ietf:params:xml:ns:xmpp-sasl …” request, but Wildfire is sending back the “not-authrized” response. Any idea what I might be doing wrong?

thanks.

I have been trying to find more information on anonymous logins also but with no luck. Documentation says they are anonymous but exactly how do you connect anonymously. I am using FastPath and am worried that anyone can connect anonymously now from the Internet to my server.

Hey guys,

Regarding enabling/disabling anonymous clients to access Wildfire you can control that from the admin console. Just log into the admin console and click on “Registration & Login” to enable or disable the anonymous access.

Regarding on how to login using an anonymous user you can read the XEP-0175: Best Practices for Use of SASL ANONYMOUS. There you will see that you need to use the ANONYMOUS SASL mechanism instead of PLAIN.

Regards,

– Gato

OK, here is my question then. We have a jabber server that reqeited a secure SSL connection and only allowed registered users to join from anywhere on the internet. Now that we have Spark FastPath, anonymous logins must be enabled. This causes a problem because now any from anywhere can connect to our Wildfire server anonymously. Is there a method to only allow the FastPath service to connect anonymously so that not everyone in the world is able to?

Hey Joseph,

Are you using the webclient to let users/people make their questions? If you are not using it then there is no need to allow anonymous users. However, if you are using it then we would need to implement a new enhancement so that you can specify the list of valid IP address for anonymous users. Would that work for you?

Regards,

– Gato

Yes. My company is currently testing (and going to purchase most likely) FastPath to allow our customers to ask us questions and get support which requires us to have anonymous logins turned on. We have employees that need to login from outside our firewall while traveling meaning I cannot just close the ports to the jabber server. Therefore, it is currently not secure to allow anonymous logins in our current environment since anyone can connect anonymously from anywhere. The feature you mentioned is exactly what I need. That will allow me to specify to only allow anonymous connections from my tomcat server where FastPath is running. Thank you.

Joseph