Openfire 3.5 Sparkweb Login Issues

I just upgraded from 3.3.1 to 3.5 and everything upgraded just fine. But now when I open sparkweb I get a message that says it couldn’t load config value for the prolicy file url.

I really don’t know what the policy url is supposed to be or how to edit it. Help would be appreciated since working https sparkweb was something I was really looking forward to.


hmm, so its just me. I was hoping since I still had a valid enterprise license that this still might get looked at

I’m going to be looking into this. I was just home having a relaxing evening rather than at work when you posted

I am also having this problem after an upgrade and the installation of a 30 day 25 user demo license. thanks.

mine is a full valid license good till July. I imagine it is looking for something similar to this because the parameters it tells me it can’t find look similar to the ones listed on that link. I couldn’t ever get that to work to customize it and no one could ever really tell me exactly where to put the file and how to use it. hopefully if this is something jive included in the new release they can help us out and document how to set it up.

This issue appears to be a change of mine that wasn’t intended to be in the release, but slipped in, in such a way that it didn’t show up in the test configuration. It’ll be fixed in 3.5.1.

is there any work around?

You would need to pull the swf file out of the jar and run it from an html page along the lines of the one at

so technically I should be able to copy SparkWeb.swf to a web directory and put an identical index.html file to yours and it should work? because it doesn’t

I did a wget on your index.html and put it and the SparkWeb.swf in the same folder of an apache dir and the html file load but is blank and doesn’t do anything. the SparkWeb.swf also load from Apache but gives the same error.

help is appreciated.

Yeah, I should have been more specific there. You’ll need the files listed in the attached picture, and you may need to set the policyFileURL (as described in the document linked earlier) to “xmlsocket://yourdomain:5229”, which is the default setting for it.

well, thats a little better. now I am getting this in the logs

TLS was required by the server and connection was

never secured. Closing connection :

org.jivesoftware.openfire.nio.NIOConnection@148bb1a MINA Session

I require a secure connection to connect to my openfire server. I have tried every combo of socket and https for the connection type and policy file url and can’t seem to get it to work. thanks for th ehelp so far and looking forward to a reply

since I am setting this up on my test server I can do all the playing I want. What I have found is that if I have the server set to require a secure connection I can’t get sparkweb to load. changing openfire to insecure connections and it works. Since I have it in apache I can have apache server it as ssl and that works, but then the connection goes SSL-SSL-PLAINTEXT (CLIENTSPARKWEBOPENFIRE) and I would prefer ssl all the way thru. I have posted about sparkweb and ssl previously and was hoping it would work.

here is the relavant part of my index.html file:

function jive_sparkweb_getConfig()


return {

server: “tbcvm002”,

location: window.location.href,

connectionType: “socket”,

autologin: “false”,

policyFileURL: “xmlsocket://tbcvm002:5229”

what do I need to change in that for sparkweb to connect to openfire using ssl?

so is sparkweb ssl not currently possible?

maybe someone could help me get secure http binding working then since no one seems to know how to get sparkweb to do ssl on its on.

when I change the connection settings to connection type http, https, http-bind, or https-bind and provide the correct path and port it doesn’t work. In the openfire logs it says tls is required and the connection wasn’t secured.

this also happens regardless of if I am accessing sparkweb (thru apache) using http or https.

So currently sparkweb is completly non-functional when requiring a secure connection. Are there any plans to extend sparkweb to work when secure connections are required?

hopefully I will hear from someone since I can’t be the only one trying to use sparkweb in a secure only environment.

I am also looking to put spark web in , but as with jledhead I want it to be secure.

Is there any plans to put out an advisory about securing sparkweb security or lack of being able to do so.



This is working in my local testing. I’ll see if I can do some more thorough testing tomorrow.

I did a wget and downloaded your files from your …/…/projects/sparkweb/ and it doesn’t work when served from apache or if I move it to the openfire dir. I changed one parameter in the index.html for the servername to point to my server name. when in apache as http or http it doesn’t work for me. when openfire serves it as https it just sits there and hangs and doesn’t report any errors. all other methods say tls was required but not supplied.

so has the enterprise forum been abandonded already? I have 2 posts (fastpath username is the other) that are pretty much getting ignored. it would just be nice to know if this is what we can expect. hopefully someone can help.

This has always been a volunteer-ish kinda support forum; if you’re looking for guaranteed response I would definitely recommend contacting Jive’s support people. We do what we can, but we’ve got a lot of stuff on our plates.

I guess it doesn’t matter now since its opensource, but when I paid $$ for my openfire licenses I was told my money put me in a forum support level (like a contract) . Since it was paid for I wouldn’t have thought that meant on a volunteer basis. Sorry.