powered by Jive Software

SASL Authentication problem

I’m trying to implement a web chat but i receive some SASL Authentication error on my jsp pages.

The server i’m using is an open source XMPP server, wildfire(currently openfire).

I imported the smack api into the java bean (session) to connect and login to the XMPP server via my netbeans tomcat server.

When only a client log in at one time, there is no error. But when multiple users try to login in the same time, some of them will receive that error.

If you are using JwChat/JSJaC, then you need to use non-sasl authentication with OpenFire.

Details here http://zeank.in-berlin.de/2007/08/31/jsjac-v10-is-out/

I’ve imported the smack api into my javabean class, and setting the

scope to session on the client side. So that means the user login/sent message using

the tomcat server.

example: 5 people logon to my server via the

web chat client i made, then on the server side i will see 5 session

using the same IP (the ip of the tomcat server).

Whenever the

client perform an action(sending message etc.), i’ll use form action to

call a servlet to send message/presence/logout using the methods in the


I don’t know if this is the right way, to implement webchats, cause when i started implementing this, the jsjac lib is not yet avaliable.

Any one have any idea what is the problem?

This is a simplified architecture

Client <–-> Tomcat server <—> Wildfire server

Well, I use smack for a client, and JSJaC/JwChat for another.

smack should work using SASL, but OpenFire has a bug concerning compression (JM-1115).

Edit: if there’s anything in the logs, post excerpts. smack has a debug feature, have you used it? It allows you to see the packets sent/received. Use it as described in the documents

java -Dsmack.debugEnabled=true SomeApp

I enabled the debugger, and try sending a custom iq packet when the client login. And display the data inside the packet on the jsp page (the packet contain “connection successfully created” as the body of the iq).

On the tomcat log, i get the same error again.

But at the debugger, all packet were sent and able to receive the result packet. Even the connection that have the SASL error was also able to receive the result packet from server.

However, the connection that receive the SASL error was not able to show “connection successfully created” text on the browser.

It took me a while to figure out SASL in JsJaC, so I hope this post helps someone else in the future.

Not sure if this was fixed with jsjac 1.1 or one of the bug fixes I will list here, but I was able to successfully get SASL auth working with JSJAC by doing the following:

  1. Use the latest JSJAC v1.1

  2. Make sure var JSJACHBC_USE_BOSH_VER is set to false

  3. Make sure var JSJAC_ALLOW_PLAIN is false to force secure sign in (optional)

  4. On line 359 (compressed, otherwise search for this line), change:


to be

response="’+response+’",charset=utf-8 ';

** NOTE - the difference between the two lines is the space after the 8. This eliminates the “unknown” characters associated with the utf-8 charset in jsjac and is RFC compliant. I understand this is more of a jsjac bug, but it does make it work properly with openfire 3.5.2


I noticed that you were using JsJac. I am trying to use it to connect to an XMPP server from a widget

I was wondering whether you could send me some sample code and whatever changes are necessary for it to work properly.

I have tried a lot, but I couldn’t get JsJac to work properly.




Maybe this is related:

I’ve tried my first steps with Smack 3.1.0 and I got the SaSL problem too. There’s a NPE in handling of the challenge received from the server. IIRC, it happens in Base64.encode() when accessing source.lenght (I don’t have the project here right now).

Note that I do not use any other library - just a test in a console Java app.