powered by Jive Software

Openfire 3.9.2 has been released

The Igniterealtime Community is pleased to announce that the release of Openfire version 3.9.2 is available for download!

Openfire is a real time collaboration (RTC) server licensed under the Open Source Apache license. It uses the only widely adopted open protocol for instant messaging, XMPP (also called Jabber). Openfire is incredibly easy to setup and administer, but offers rock-solid security and performance.

This release contains a large number of fixes (70 Jira issues resolved) aimed at increasing stability, security and XMPP standards compliance. A full changelog can be found here. Some of the highlights of this release are:

[ OF-103] - [MUC] Allow nicknames to be used more than once in the same room by a single user

[ OF-114] - Clearing cache can lock up MUC

[ OF-455] - Some unicode pattern in status message can break the session connection

[ OF-669] - Visually failed first login to Admin Console

[ OF-714] - Add ability to encrypt properties so they are encrypted in the db and do not appear in the admin console.

[ OF-745] - Use TLS-dialback even if that mechanism is not advertised

[ OF-757] - Allow s2s message of subdomain of XMPP domain when no components are found

[ OF-569] - Add deluser adhoc command

[ OF-764] - Group chat history (MUC) should match configuration after server restart

[ OF-771] - MUC service should flush recent history before shutting down

[ OF-125] - Restrict discovery of rooms based on users membership

[ OF-297] - fix: mutual roster deletion problem

[ OF-770] - CVE-2014-2741 Uncontrolled Resource Consumption with XMPP-Layer Compression

[ OF-722] - Openfire should save XEP-0184 delivery receipts as offline message

[ OF-758] - Add support for XEP-0280 “Message Carbons”

This is the first release of Openfire after our migration of code development to Github. We’d encourage interested developers to fork Openfire and send pull requests! It is best for you to create a dedicated branch on your fork to submit the eventual pull request from. Please note that we are not syncing the github repository to the previous openfire subversion repository hosted on igniterealtime.

Here are MD5sums for the downloads available.


openfire_3_9_2.exe (original with pack issue)
openfire_3_9_2.exe (updated)

As always, we welcome your feedback, suggestions, tips, hints, questions and other contributions in the Igniterealtime Community Forums. Please do not respond to this blog post with questions.


I have never seen such coordinated push to release in Openfire before (even when still managed by Jive ). Great work Now, starting searching for bugs

1 Like

Well done guys. Matt Tucker is reading this somewhere and smiling sweetly

Tried to install on Terminal Server 2003 and receives the following on-screen pop-up message:

Use this installer http://bamboo.igniterealtime.org/artifact/OPENFIRE-NIGHTLYWINDOWS/shared/build-1 302/Project-Windows-distribution-files/openfire_3_9_2.exe

The one on the downloads page should be updated at some point (Amazon cloud taking long to refresh).

This install broke LDAP for me. Not sure if that happens with anyone else.

You are scaring me. Just started install/update using Woot’s instruction above…

Do not start discussing issues here. It is hard to keep track on different issues on one comments page. One issue - one forum thread, please.

Installation completed but received the following error when starting openfire service:

java.lang.IllegalArgumentException: MALFORMED

at java.util.zip.ZipCoder.toString(Unknown Source)

at java.util.zip.ZipFile.getZipEntry(Unknown Source)

at java.util.zip.ZipFile.access$900(Unknown Source)

at java.util.zip.ZipFile$1.nextElement(Unknown Source)

at java.util.zip.ZipFile$1.nextElement(Unknown Source)

at java.util.jar.JarFile$1.nextElement(Unknown Source)

at java.util.jar.JarFile$1.nextElement(Unknown Source)

at sun.misc.URLClassPath$JarLoader.validIndex(Unknown Source)

at sun.misc.URLClassPath$JarLoader.getResource(Unknown Source)

at sun.misc.URLClassPath$JarLoader.getResource(Unknown Source)

at sun.misc.URLClassPath.getResource(Unknown Source)

at java.net.URLClassLoader$1.run(Unknown Source)

at java.net.URLClassLoader$1.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at java.net.URLClassLoader.findClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

at org.jivesoftware.openfire.starter.JiveClassLoader.(JiveClassLoader.java:5 3)

at org.jivesoftware.openfire.starter.ServerStarter.start(ServerStarter.java:108)

at org.jivesoftware.openfire.starter.ServerStarter.main(ServerStarter.java:58)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

at java.lang.reflect.Method.invoke(Unknown Source)

at com.exe4j.runtime.LauncherEngine.launch(Unknown Source)

at com.exe4j.runtime.WinLauncher.main(Unknown Source)

at com.install4j.runtime.launcher.WinLauncher.main(Unknown Source)

I then restarted the service and got the following:

Openfire 3.9.2 [May 1, 2014 1:58:07 PM]

Admin console listening at:



Starting Client Control Plugin

Starting Monitoring Plugin

From here on, nothing else happens and users cannot log in. They receive an error that their password is not correct…

Ok wroot. Will discuss in another thread. My appologies

Follow this thread about LDAP issue http://community.igniterealtime.org/message/238697#238697

No problems. Also, it’s wRoot

Thanks wroot, will check that link…

Updated link for the community thread discussing the LDAP issue: http://community.igniterealtime.org/message/238696#238696

so, which link we should use for downloading new openfire 3.9.2

is it compatible for windows 7 and windows server 2003?

The link on the Downloads page is now refreshed, so you can download from there. Or you can wait for 3.9.3, which should be released this weekend probably (it has fixes for LDAP, groups with spaces and other).


After upgreade Openfire to 3.9.2 I’ve got problem with editing long named groups:


Problem accessing /group-edit.jsp. Reason:

Group with name SI±+INFORMATYCY not found.

Caused by:

org.jivesoftware.openfire.group.GroupNotFoundException: Group with name SI±+INFORMATYCY not found.

at org.jivesoftware.openfire.group.DefaultGroupProvider.getGroup(DefaultGroupProvi der.java:116)

at org.jivesoftware.openfire.group.GroupManager.getGroup(GroupManager.java:330)

at org.jivesoftware.openfire.group.GroupManager.getGroup(GroupManager.java:309)

at org.jivesoftware.openfire.admin.group_002dedit_jsp._jspService(group_002dedit_j sp.java:141)

at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:547)

at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1359)

at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:11 8)

at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)

at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1330)

at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:74)

at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1330)

at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:50)

at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1330)

at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:78)

at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1330)

at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:164)

at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1330)

at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:478)

at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)

at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:520)

at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:22 7)

at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:94 1)

at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:409)

at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:186 )

at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:875 )

at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)

at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandler Collection.java:250)

at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.jav a:149)

at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)

at org.eclipse.jetty.server.Server.handle(Server.java:349)

at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:441)

at org.eclipse.jetty.server.HttpConnection$RequestHandler.headerComplete(HttpConne ction.java:919)

at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:582)

at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:218)

at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:51 )

at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.jav a:586)

at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java :44)

at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:598 )

at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:533)

at java.lang.Thread.run(Unknown Source)

This should be fixed in 3.9.3. You can find a workaround here

Should be the same issue as in my last message above.

I also noticed problems with rooster list contacts when using older version of Spark example 2.6.3 ?

Contacts are not showing in older version of Spark.

sounds all good, but i’m frozen since 3.7, the http interface is broken in all later version which was an showkiller for update.

i didnt test the last version as i given the hope up

more: the http interface lack the function to set permissions in room since ever, not even seen both of this issues ever mentioned in the revision History