Openfire, Jappix and new accounts = no go

Claudiu_Curca · February 21, 2011, 10:40pm

Hello there,

I have Openfire 3.6.4 installed and I wanted to set up Jappix as an alterante means of use by the users.

All went well for a while. I set up Apache redirection and the BOSH server built-into Openfire (port 7070/7071) so that Jappix can communicate. All seems well, except for one tiny detail.

New users created via the “Register” option cannot log in using Jappix unless they first log in using another client (such as Pidgin). Same goes for a user created using the Openfire admin console.

In the debug log, the following error is generated by Openfire when a new user tries to log in:

========================================

2011.02.22 00:22:09 SASLAuthentication: SaslException
javax.security.sasl.SaslException: Expecting comma or linear whitespace after quoted string: "utf-8"
at com.sun.security.sasl.digest.DigestMD5Base.parseDirectives(DigestMD5Base.java:7 21)
at com.sun.security.sasl.digest.DigestMD5Server.evaluateResponse(DigestMD5Server.j ava:242)
at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :296)
at org.jivesoftware.openfire.SessionPacketRouter.route(SessionPacketRouter.java:58 )
at org.jivesoftware.openfire.http.HttpSession.sendPendingPackets(HttpSession.java: 611)
at org.jivesoftware.openfire.http.HttpSessionManager$HttpPacketSender.run(HttpSess ionManager.java:373)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:636)

=======================================

Has anyone else experienced this issue? Can anyone provide some insight?

PS: Jappix boards discussion: http://codingteam.net/project/jappix/forum/show/4379

Claudiu_Curca · February 21, 2011, 11:59pm

After dumping the requests made to the BOSH server and decoding them from base64, I’m even more confused.

================

username=“claudiu”,realm=“coderollers.com”,nonce=“pOjJdozLisxm9YwOjmA3I88CP+Uwxp cFdNTbnJQm”,cnonce=“akUGTepsigIzuA”,nc=“00000001”,qop=auth,digest-uri=“xmpp/code rollers.com”,response=“cf228c26e400f6a3d3892675b91c44c7”,charset=“utf-8”

================

username=“silvia”,realm=“coderollers.com”,nonce=“K3KdOwiFgFv06yrtH6YGymnYNMP8ta+ eS4ds+tKb”,cnonce=“4uqxzOgI6b1TCE”,nc=“00000001”,qop=auth,digest-uri=“xmpp/coder ollers.com”,response=“9e56eebe2618722d7d26eea1844741ba”,charset=“utf-8”

================

For example, the user “claudiu” can log in with no problems but the user “silvia” cannot, and throws the Exception shown in the above post. Despite this, there’s doesn’t seem to be anything wrong with the second response that would cause that exception.

Claudiu_Curca · February 22, 2011, 1:16am

As a temporary solution, I hacked the file src/java/org/jivesoftware/openfire/net/SASLAuthentication.java and eliminated the problem throwing the exception. It seems to be caused by an “invisible” trailing character in the response, most probably caused by Jappix.

At the line 296, just before

===

byte[] challenge = ss.evaluateResponse(data);

===

I entered the following code:

===

String foo = new String(data);
foo = foo.substring(0, foo.lastIndexOf(""") + 1);

data = foo.getBytes();

This will eliminate all trailing characters (visible or not) after the last double quote ("). I know, it’s an ugly hack, not elegant at all, but at least now all my users can log in using Jappix.

I will post this on the Jappix boards and see why the response gets malformated, but I think some kind of sanity check should be done in Openfire itself too in the future.

Feel free to post your opinions.

Claudiu_Curca · February 22, 2011, 2:10pm

Hmm… apparently, this caused problems with some clients which did not properly quote all responses (Psi, for example).

Here’s the better way to do it:

===

String foo = new String(data);
int i;
for(i = 0; i < foo.length(); ++i)
{
if(foo.charAt(i) < 32 || foo.charAt(i) > 127)
break;
}
foo = foo.substring(0, i);
data = foo.getBytes();

This will erase all trailing non-ascii characters from the response string. Hopefully, it will not break anything.

Jaime1 · June 17, 2011, 10:24am

First, real nice the community enviroment.

Well, i try to do the same thing, but i am completelly lost on this…

http binds, bosh, and i also have the redfire plugin up (one more possible clashing)…

could somone make a dummy (step by step) guide on this?

which urls, ports etc …

(where to verify the logs. i didnt found anything on both sides).

i have openfire in one server and jappix in another, does this complicated stuff?

any help would be welcome!

Best regards,

ps: nice “chat with:” “friends” “this page” stuff! mostly im starting a project about iming… i hope one day reach there!

Openfire, Jappix and new accounts = no go

data = foo.getBytes();

String foo = new String(data); int i; for(i = 0; i < foo.length(); ++i) { if(foo.charAt(i) < 32 || foo.charAt(i) > 127) break; } foo = foo.substring(0, i); data = foo.getBytes();

String foo = new String(data);
int i;
for(i = 0; i < foo.length(); ++i)
{
if(foo.charAt(i) < 32 || foo.charAt(i) > 127)
break;
}
foo = foo.substring(0, i);
data = foo.getBytes();