I am using Smack 3.0.4 with openfire 3.5.2.
On the client side (using smack) I am using ConnectionConfiguration to create the XMPPConnection in the following fashion:
ConnectionConfiguration config = new ConnectionConfiguration(host, port, serviceName);
config.setSelfSignedCertificateEnabled(true);
config.setReconnectionAllowed(true);
config.setCompressionEnabled(false);
config.setSASLAuthenticationEnabled(true);
config.setSecurityMode(ConnectionConfiguration.SecurityMode.enabled);
When I don’t resolve the “host”, then the XMPPConnection and underlying objects will perform a DNS lookup and when I login everything connects just fine.
String host = “billj-1”; // Note this resolves to 47.102.157.252
int port = 5222;
String serviceName = “billj-1”;
Note that the openfire server name is configured as “billj-1”.
However if I resolve the hostname myself and pass the IP for the host then I get a SASL Exception on the openfire server.
String host = “47.102.157.252”;
int port = 5222;
String serviceName = “billj-1”;
2008.08.19 01:56:36 NIOConnection: startTLS: using c2s
2008.08.19 01:56:36 SASLAuthentication: SaslException
javax.security.sasl.SaslException: DIGEST-MD5: digest response format violation. Nonexistent realm: 47.102.157.252
at com.sun.security.sasl.digest.DigestMD5Server.validateClientResponse(Unknown Source)
at com.sun.security.sasl.digest.DigestMD5Server.evaluateResponse(Unknown Source)
at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :282)
This format / behavior for the ConnectionConfiguration constructor seems to be allowed:
/**
* Creates a new ConnectionConfiguration using the specified host, port and
* service name. This is useful for manually overriding the DNS SRV lookup
* process that’s used with the {@link #ConnectionConfiguration(String)}
* constructor. For example, say that an XMPP server is running at localhost
* in an internal network on port 5222 but is configured to think that it’s
* “example.com” for testing purposes. This constructor is necessary to connect
* to the server in that case since a DNS SRV lookup for example.com would not
* point to the local testing server.
*
* @param host the host where the XMPP server is running.
* @param port the port where the XMPP is listening.
* @param serviceName the name of the service provided by an XMPP server.
*/
public ConnectionConfiguration(String host, int port, String serviceName) {
init(host, port, serviceName);
}
Note that if I turn off SASL Auth (“config.setSASLAuthenticationEnabled(false);”) then the connection / login is successful when I specify the host IP (as expected).
I can’t seem to find the mechanism to specify the realm to use with Smack. Is this something that is broken in Smack? (shouldn’t it be using the realm from the returned challenge?) Or is there some mechanism to specify acceptable realms on the openfire server?
Thanks