powered by Jive Software

Make user.scramHashedPasswordOnly configurable


We have a couple of legacy devices which require some old obsolete SASL mechanisms in order to login and which in turn require that the user.scramHashedPasswordOnly is set to false.
We extensively use Openfire’s autosetup feature which takes properties present in the openfire.xml file and add them as system properties in the database. But due to the fact that the user.scramHashedPasswordOnly property is set (to true) before system properties are copied, the XML property is never copied into the system properties in the database.

We would like to either have the user.scramHashedPasswordOnly to be not set at all during setup or if that isn’t possible, that it is set after XML properties are copied into system properties.

Best regards

That makes sense. The source code even hints at making that configurable. I’ve raised [OF-2284] Make 'user.scramHashedPasswordOnly' setting configurable - Ignite Realtime Jira to track this issue.