Amy1
January 29, 2008, 3:51pm
1
I’m running Openfire 3.3.4 with Spark 2.5.8. When trying to use SSO, the only thing that shows up in the logs is
WARNING: Exception in Login:
not-authorized(401)
at org.jivesoftware.smack.NonSASLAuthentication.authenticate(NonSASLAuthentication .java:94)
at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 227)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:341)
at org.jivesoftware.LoginDialog$LoginPanel.login(LoginDialog.java:828)
at org.jivesoftware.LoginDialog$LoginPanel.access$400(LoginDialog.java:196)
at org.jivesoftware.LoginDialog$LoginPanel$1.construct(LoginDialog.java:594)
at org.jivesoftware.spark.util.SwingWorker$2.run(SwingWorker.java:129)
at java.lang.Thread.run(Unknown Source)
No errors in the server log. I followed all the steps documented here http://www.igniterealtime.org/community/docs/DOC-1362
Please help! Thanks
I have a few questions:
What OS is the server running on (if windows, be specific XP, 2003 server, etc)?
What OS is the client running on?
If you answer windows to the questions above:
Did you create the krb5.ini file
Did you edit the client registry
Did you make the gss.conf
Did you modify your openfire.xml
Did you successfully make the keytab and deploy it to the Openfire server
Sorry for all the questions. I do not like answering questions with questions but I really do need more info to help.
Amy1
January 29, 2008, 4:22pm
3
Not a problem. I wasn’t sure what information you needed to know.
OS on server is Win2003 server
OS on client is Vista but most people will be using XP
And yes to all of your other questions. I even recreated the keytab using Java instead of Windows to see if that would help
Thanks again
Vista is a big problem child. Have you tried on XP client?
Amy1
January 29, 2008, 4:45pm
5
OK, I tried it on an XP client and I have the same results unfortunately
What is the error that you see when it fails?
Amy1
January 29, 2008, 4:55pm
7
The only error message displayed is: Unabled to connect using Single Sign-On. Please check your principal and server settings. The only log message is what I had posted previously
Logging in without SSO does work.