I’ve been running our Openfire server for a few years now, on a Debian VM and authenticating users and admin login through Active Directory. Everything has been working perfectly fine until a couple of weeks ago, which I believe coincided with a Windows Server update.
The problem I’m having is regarding authentication with the web interface. Authentication with clients (Pidgin, Adium) seems to be working just fine, as our users are able to exchange messages, but the admin login throws a CSRF Failure! message.
After running systemctl restart openfire
I am able to login and it will work for a few more days until the error re-ocurrs.
The following lines from the logs are pertinent to my issue I believe, although I’m not sure how to proceed:
2020.03.31 10:44:08 WARN [TaskEngine-pool-4]: org.jivesoftware.openfire.ldap.LdapManager - Using unencrypted connection to LDAP service!
2020.03.31 10:45:25 WARN [Jetty-QTP-AdminConsole-27]: org.jivesoftware.openfire.ldap.LdapManager - Using unencrypted connection to LDAP service!
And here’s the log from our DC:
During the previous 24 hour period, some clients attempted to perform LDAP binds that were either:
(1) A SASL (Negotiate, Kerberos, NTLM, or Digest) LDAP bind that did not request signing (integrity validation), or
(2) A LDAP simple bind that was performed on a cleartext (non-SSL/TLS-encrypted) connection
Any ideas?