i’m using x509 certificates to authenticate. I was using some old version of Openfire. After upgrade is problem that Openfire is using CN but before was using SAN (subject alternative name).
Certificate before (older version):
Subject: C = XX, ST = XX, L = XX, O = XX, OU = XX, CN = XX, UID = 66070202-05ff-7196-7924-070308197241
X509v3 Subject Alternative Name:
othername: XmppAddr::66070202-05ff-7196-7924-070308197241@ZZ
Certificate now:
Subject: C = XX, ST = XX, L = XX, O = XX, OU = XX, CN = 66070202-05ff-7196-7924-070308197241, UID = 66070202-05ff-7196-7924-070308197241
X509v3 Subject Alternative Name:
othername: XmppAddr::66070202-05ff-7196-7924-070308197241@ZZ
Is there some option or other way to use SAN or UID in my case ?
Users are unable to log, they doesn’t exist in DB because main identificator is SAN.
2022.11.22 08:36:17 org.apache.mina.core.filterchain.IoFilterEvent - Firing a MESSAGE_RECEIVED event for session 747
2022.11.22 08:36:17 org.apache.mina.filter.codec.ProtocolCodecFilter - Processing a MESSAGE_RECEIVED for session 747
2022.11.22 08:36:17 org.jivesoftware.util.CertificateManager - CertificateManager: Common Name Mapping returned [FName SName]
2022.11.22 08:36:17 org.jivesoftware.openfire.auth.AuthorizationManager - AuthorizationManager: Trying Default Mapping.map(FName SName)
2022.11.22 08:36:17 org.jivesoftware.openfire.auth.DefaultAuthorizationMapping - DefaultAuthorizationMapping: No realm found
2022.11.22 08:36:17 org.jivesoftware.openfire.sasl.ExternalClientSaslServer - No username requested, using: FName SName
2022.11.22 08:36:17 org.jivesoftware.openfire.auth.AuthorizationManager - AuthorizationManager: Trying Default Policy.authorize(FName SName , FName SName)
2022.11.22 08:36:17 org.jivesoftware.openfire.auth.DefaultAuthorizationPolicy - DefaultAuthorizationPolicy: Checking authenID realm
2022.11.22 08:36:17 org.jivesoftware.openfire.auth.AuthorizationManager - AuthorizationManager: User FName SName not found org.jivesoftware.openfire.user.UserNotFoundException
org.jivesoftware.util.CertificateManager - CertificateManager: Common Name Mapping returned [FName SName] - value FName SName is from certificate CN - first name and surname of user