Norman NTLM not working with 3.5.0 2008-02-19

3.4.5 + Norman ( http://norman.rasmussen.co.za/dl/sasl-sspi/ ) working fine

3.5.0 + Norman -

2008.02.20 21:23:27 [org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHand ler.java:134)

]

Closing connection due to error while processing message: <auth

xmlns=‘urn:ietf:params:xml:ns:xmpp-sasl’

mechanism=‘NTLM’>TlRMTVNTUAABAAAAB7IIogUABQAsAAAABAAEACgAAAAFA SgKAAAAD1NXQU5QQVBJUg==</auth> java.lang.NullPointerExceptio n at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :230) at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:147) at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:132) at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53) at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648) at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58) at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:180) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53) at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648) at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239) at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51) at java.lang.Thread.run(Unknown Source)

Hey victorae,

Good catch! For Openfire 3.5.0 the way SASL works was modified to follow more the Java style. That means that Norman’s code would need to be modified to provide an NTLM SaslServer. I don’t think it’s going to be much work to implement it the new way. Let me know if you need any help getting this change done.

Thanks,

– Gato

dombiak_gaston,

I wathed out svn and didn’t find any changes in Sasl part of openfire’s API from 3.4.x to 3.5.x

So I think it’s more likely Openfire’s bug, but not a feature.

I can’t find any drastic change between 3.4.5 and 3.5.0 (can you point me to the changes in FishEye?).

Are you sure you re-installed the security provider into the jre/lib/security file after upgrading Openfire?

security.provider.9=sun.security.mscapi.SunMSCAPI

security.provider.10=net.za.darkskies.security.sasl.SSPIProvider

mmm, looks good. I asume that the sasl-sspi.jar file is still in openfire/lib too?

I haven’t tested the plugin with 3.5.0 yet (don’t have it downloaded yet), so this is blind debugging at the moment

ok,

if “I wathed out svn and didn’t find any changes in Sasl part of openfire’s API from 3.4.x to 3.5.x”

Let’s postpone then a question up to an output of release 3.5.0

Ahhh, I saw 3.5.0 tagged in SVN, but there’s no release yet. Also no beta release. I will wait for a public 3.5.0 before looking furthur I think.

i’m install 3.4.5 + patch 6.2+fix 3.3.0 , ntlm work

download http://www.igniterealtime.org/builds/openfire/dailybuilds/openfire_2008-03-10.zi p 3.6.0 Alpha ,

unpack in same directory where 3.4.5, edit openfire.BAT and run. all work but not ntlm

run openfire.EXE from 3.4.5 , starting 3.6.0 Alpha, ntlm working (add, 7.1 + 3.6.0a work fine)

Why have built in Kerberos, but have not built in NTLM? At me a network

with the mixed workstations 98/2000/xp,

on the some workstation memory 128mb, I cannot

introduce everywhere Spark…

So it works when you run the .exe but not the .bat? It sounds like your PATH or CLASSPATH isn’t correct then.

Kerbeos is part of Java (not Openfire), for some reason Sun decided not to implement NTLM in Java for windows. That is exactly what the ntlm provider is. It plugs the gap where Sun have not written code. The Openfire plugin is tiny and just to enable unsupported mechanisms.

>So it works when you run the .exe but not the .bat? It sounds like your PATH or CLASSPATH isn’t correct then.

The second message in topic has entered me into a mistake,

I am sorry.