I installed OpenFire server on Red Hat Linux and customized the user, group, and authentication providers to use the list of users from my own database and to integrate with Central Authentication Service. I had this all working on windows, but I am now moving to a development server more similar to the box we intend to deploy on.
Although I was able to launch the admin console when I first installed (prior to customizing openfire.xml), I can no longer get into the admin console despite the fact I see no error messages either in the browser or in any of the log files. If I pass an invalid user or password, I get an authentication error as one would expect, but if I pass a valid user or password, it just takes me right back to the login page again … no error, but I don’'t see the admin console either. If I check the log files, I can see where the authentication is taking place and the user and password are both accepted as valid … but for some reason, the response to the browser is just the login page again.
Any idea why this might happen? I am using the same openfire.xml file, jar files, and custom classes that I used on windows (except for a couple of hostnames that changed in the config file) and it worked fine on windows. Is there any way to get still more debug info? … I already have the debug flag set in openfire.xml.
this could be a problem with cookies / trusted pages. There were some threads in the forum some time ago, I think that using Firefox or adding your Openfire server name to trusted sites within IE fixes this problem.
Just FYI. The behavior is exactly the same whether I use Firefox 2.0 or IE 7. I have even tried clearing all cookies, files, and even deleting any trusted websites from the the browser, but nothing changes the behavior.
The frustrating thing is that even though something is obviously wrong, I can’'t find even a single error in any of the log files to indicate what it is. Argghh!
I have determined that the problem is somehow related to my custom providers I have configured in openfire.xml.
If I comment out all of my providers and use only the default provider for authentication, users and groups, then I am able to log into the console without any problem. If I uncomment them, the authentication appears to succeed based on the log file output, but I never get any page displayed … just sends me right back to login page.
I have three custom providers … a custom authentication provider that allows authentication against CAS using the username and a CAS service ticket … and a custom provider for users and one for groups, each of which is just a JDBC provider that pulls the users and groups from my own database. All three of these providers are being used on Windows already and are working fine there … but they somehow cause a problem on Linux.
I am in the process of including the providers one by one to see if I can determine which one causes the problem. I will update this thread with more detail as it is available, but if anyone has any ideas why this might cause an issue or how I can get more information about where things are going wrong, I would appreciate it.
Problem solved. The problem was with the user provider. Although the code was correct, a view was somehow missed when creating the new database schema. After the user was authenticated correctly (by CAS which still using the old database that included the view), OpenFire tried to load the user using my user provider and the user was not found. This seems to have been the source of the problem … though it would certainly be nice if OpenFire logged some kind of error to say ‘‘user not found’’ or the like rather than just failing silently.