SASLAuthentication Problems: Nonexistent realm?

Openfire Openfire Support
1

I’'m running 3.2.2, can connect fine from spark localhost, but when I try to connect my CF event gateway it wont connect. The debug log says this (below) any idea where to start?

2007.03.17 14:11:32 SaslException

javax.security.sasl.SaslException: DIGEST-MD5: digest response format violation. Nonexistent realm:

at com.sun.security.sasl.digest.DigestMD5Server.validateClientResponse(Unknown Source)

at com.sun.security.sasl.digest.DigestMD5Server.evaluateResponse(Unknown Source)

at org.jivesoftware.wildfire.net.SASLAuthentication.handle(SASLAuthentication.java :312)

at org.jivesoftware.wildfire.net.StanzaHandler.process(StanzaHandler.java:138)

at org.jivesoftware.wildfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:131)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:703)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:62)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:192)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :250)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:305)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

2

Looks as if CF event gateways worked at some point with and older version of Jive Messenger. Here is the link: http://www.adobe.com/devnet/coldfusion/articles/imgateway_03.html

3

Hey Anthony,

Which client are you using? It seems that your client sent an empty realm in the response to the SASL challenge. Below you will see the relevant code used by Java 6 when validating DIGEST-MD5 response:

/* realm: exactly once if sent by server */
     negotiatedRealm = ((responseVal[REALM] != null) ?
         new String(responseVal[REALM], encoding) : "");
     logger.log(Level.FINE, "DIGEST83:Client negotiated realm: {0}",          negotiatedRealm);      if (!serverRealms.contains(negotiatedRealm)) {
         // Server had sent at least one realm
         // Check that response is one of these
         throw new SaslException("DIGEST-MD5: digest response format " +
          "violation. Nonexistent realm: " + negotiatedRealm);
     }

I’‘ve been trying to enable the log in Java 6 to print supported realms and also see realm sent by client during the challenge (although we know that it is an empty string or null value) but couldn’'t find a way to enable it.

Regards,

– Gato

Message was edited by: dombiak_gaston

4

Thanks for the reply Gato. We are trying to log in using coldfusion event gateways. (see link above)

One note about this issue which has be baffled is that I can log into the openfire server using the spark client localhost no problem. Connecting using CF localhost gives the SASL authentication error. BUT I can log on using CF if I am logging in using a CF server that is outside the LAN.

If this is an issue with CF I can maybe get someone over at adobe to look into this, of course the more verbose the info the better. But I am just puzzled that it would working using CF from outside the network, but inside it doesnt.

Can you maybe explain the process of “sending realms”, I’'m not even sure what realms even are.

Thanks,

Anthony

5

Hey Anthony,

My current understanding of this situation is that this is a CF problem. DIGEST-MD5 requires the client to present certain data to the sever so the server can authenticate the identity of the client. During this process the server will issue a challenge to the client and the client should reply with a response. Below you will find a copy of the format of the response:

digest-response  = 1#( username | realm | nonce | cnonce |
                          nonce-count | qop | digest-uri | response |
                          maxbuf | charset | cipher | authzid |
                          auth-param )        username         = "username" "=" <"> username-value <">
       username-value   = qdstr-val
       cnonce           = "cnonce" "=" <"> cnonce-value <">
       cnonce-value     = qdstr-val
       nonce-count      = "nc" "=" nc-value
       nc-value         = 8LHEX
       qop              = "qop" "=" qop-value
       digest-uri       = "digest-uri" "=" <"> digest-uri-value <">
       digest-uri-value  = serv-type "/" host [ "/" serv-name ]
       serv-type        = 1*ALPHA
       host             = 1*( ALPHA | DIGIT | "-" | "." )
       serv-name        = host
       response         = "response" "=" response-value
       response-value   = 32LHEX
       LHEX             = "0" | "1" | "2" | "3" |
                          "4" | "5" | "6" | "7" |
                          "8" | "9" | "a" | "b" |
                          "c" | "d" | "e" | "f"
       cipher           = "cipher" "=" cipher-value
       authzid          = "authzid" "=" <"> authzid-value <">
       authzid-value    = qdstr-val    username
      The user''s name in the specified realm, encoded according to the
      value of the "charset" directive. This directive is required and
      MUST be present exactly once; otherwise, authentication fails.    realm
      The realm containing the user''s account. This directive is
      required if the server provided any realms in the
      "digest-challenge", in which case it may appear exactly once and
      its value SHOULD be one of those realms. If the directive is
      missing, "realm-value" will set to the empty string when computing
      A1 (see below for details).

This text was copied from the DIGEST-MD5 spec. I think that having someone from CF that could help you see what is being included in the challenge from the server and the response made by CF would be the way to go. I tried to get that info from Openfire but failed to instruct Java to print that info.

Regards,

– Gato

6

Thanks gato, I have a request in at adobe to look at this issue. In the meantime are you aware of any way to watch that traffic as it happens to see the requests and responses as they happen? The CF server and OpenFire install are on the same box. I’'m just curious what exactly CF is returning.

7

Hey Anthony,

Sniffing traffic won’‘t be that easy since content will be encrypted. Easiest thing would be to either see DIGEST-MD5 traffic in Openfire or in CF. SASL logic is done by Java on our end so in order to see what Java is receiving and sending we would need to enable the log. I tried to do it today but couldn’'t find the correct setting to use. If CF devs can help you get that info then we should be fine. Otherwise, we can continue the hunt for the proper setting to use in Openfire to enable the log.

Regards,

– Gato

8

Gato,

You are my last hope man. Not having much luck from the CF front. Hopefully you can find that setting with will log what this volley looks like so we can know for once and for all who is to blame.

Any help you have would be perfect.

-Anthony

9

Hey Anthony,

No worries. I will later try to find a way to enable the log of Java so we can print that info. Anyway, I’'m almost sure it will print the info we already mentioned (ie. no realm included in DIGEST-MD5 response) and if that is the case you will end up contacting CF devs again so they can study why response does not include that piece of info.

Regards,

– Gato

10

I have been following this thread with Adobe too, and I have managed to get the following from the debug output in openFire 3.3.1 whilst trying to connect with ColdFusion.

2007.05.25 14:47:37 SaslException

javax.security.sasl.SaslException: DIGEST-MD5: digest response format violation. Nonexistent realm:

at com.sun.security.sasl.digest.DigestMD5Server.validateClientResponse(Unknown Source)

at com.sun.security.sasl.digest.DigestMD5Server.evaluateResponse(Unknown Source)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :281)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:144)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:132)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:703)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:62)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:200)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :266)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:326)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

11

I have upgraded to the release Candidate of ColdFusion 8 on labs.adobe.com and I now get the following errors:

I still get a SASL error from the OpenFire server:

2007.05.30 11:37:53 SaslException

javax.security.sasl.SaslException: DIGEST-MD5: digest response format violation. Nonexistent realm:

at com.sun.security.sasl.digest.DigestMD5Server.validateClientResponse(Unknown Source)

at com.sun.security.sasl.digest.DigestMD5Server.evaluateResponse(Unknown Source)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :281)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:144)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:132)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:703)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:62)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:200)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :266)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:326)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

ColdFusion exception reporting this:

1 “Error”,“Thread-35”,“05/30/07”,“11:38:22”,“Not connected to server.”

2 java.lang.IllegalStateException: Not connected to server.

3 at org.jivesoftware.smack.XMPPConnection.sendPacket(XMPPConnection.java:663)

4 at org.jivesoftware.smack.NonSASLAuthentication.authenticate(NonSASLAuthentication .java:54)

5 at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 219)

6 at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:384)

7 at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:349)

8 at com.zion.jbuddy.a.o.b(Unknown Source)

9 at com.zion.jbuddy.q.connect(Unknown Source)

10 at coldfusion.eventgateway.im.IMGateway.connect(IMGateway.java:766)

11 at coldfusion.eventgateway.im.XMPPGateway.start(XMPPGateway.java:84)

12 at coldfusion.eventgateway.EventServiceImpl$GatewayStarter.run(EventServiceImpl.ja va:1424)

and the coldfusion-out.log reads:

ava.lang.Exception: TLS negotiation has failed

at org.jivesoftware.smack.PacketReader.parsePackets(PacketReader.java:346)

at org.jivesoftware.smack.PacketReader.access$000(PacketReader.java:42)

at org.jivesoftware.smack.PacketReader$1.run(PacketReader.java:64)

java.lang.IllegalStateException: Not connected to server.

at org.jivesoftware.smack.XMPPConnection.sendPacket(XMPPConnection.java:663)

at org.jivesoftware.smack.NonSASLAuthentication.authenticate(NonSASLAuthentication .java:54)

at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 212)

at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:384)

at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:349)

at com.zion.jbuddy.a.o.b(Unknown Source)

at com.zion.jbuddy.q.connect(Unknown Source)

at coldfusion.eventgateway.im.IMGateway.connect(IMGateway.java:766)

at coldfusion.eventgateway.im.XMPPGateway.start(XMPPGateway.java:84)

at coldfusion.eventgateway.EventServiceImpl$GatewayStarter.run(EventServiceImpl.ja va:1424)

I have tried updating the ColdFusion smack.jar and received these errors:

“Error”,“Thread-23”,“05/30/07”,“13:50:25”,“class ““org.jivesoftware.smack.SSLXMPPConnection””’'s signer information does not match signer information of other classes in the same package”

java.lang.SecurityException: class “org.jivesoftware.smack.SSLXMPPConnection”’'s signer information does not match signer information of other classes in the same package

at java.lang.ClassLoader.checkCerts(ClassLoader.java:775)

at java.lang.ClassLoader.preDefineClass(ClassLoader.java:487)

at java.lang.ClassLoader.defineClass(ClassLoader.java:614)

at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)

at java.net.URLClassLoader.defineClass(URLClassLoader.java:260)

at java.net.URLClassLoader.access$000(URLClassLoader.java:56)

at java.net.URLClassLoader$1.run(URLClassLoader.java:195)

at java.security.AccessController.doPrivileged(Native Method)

at java.net.URLClassLoader.findClass(URLClassLoader.java:188)

at coldfusion.bootstrap.BootstrapClassLoader.loadClass(BootstrapClassLoader.java:2 21)

at java.lang.ClassLoader.loadClass(ClassLoader.java:251)

at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)

at com.zion.jbuddy.IClientFactory.factory(Unknown Source)

at coldfusion.eventgateway.im.XMPPGateway.start(XMPPGateway.java:58)

at coldfusion.eventgateway.EventServiceImpl$GatewayStarter.run(EventServiceImpl.ja va:1424)

Now the guys at Adobe are saying that :

"the latest version of smack.jar (3.0.2) has broken binary

compatibility with version 2.0, which is what we are shipping. Can’'t go that

route.

At this point it sounds like OpenFire is the problem here as it seems you

can connect to other XMPP servers. I would start working the problem at the

ignite realtime/Jive end. I am talking to our technology provider as well."

Can you guys look into this? It will be a huuuge disability for me not to be able to upgrade to ColdFusion 8.

12

Gato: Ive gotten JavaSASL logging working before. They describe how to do it here: http://java.sun.com/j2se/1.5.0/docs/guide/security/sasl/sasl-refguide.html#DEBUG

Hope that helps.

13

Has there been any progress on this?

I’ve also just upgraded to Coldfusion 8 and now get this error. It worked in Coldfusion 7.

Thoughts?

Here is my error log from OpenFire when trying to connect:

2007.08.30 12:15:12 SaslException

javax.security.sasl.SaslException: DIGEST-MD5: digest response format violation. Nonexistent realm:

at com.sun.security.sasl.digest.DigestMD5Server.validateClientResponse(Unknown Source)

at com.sun.security.sasl.digest.DigestMD5Server.evaluateResponse(Unknown Source)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :281)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:144)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:132)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:703)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:62)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:200)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :266)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:326)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

14

Id be willing to take a peek at it. Can you do some debugging output from the coldfusion side to output the xml being sent? Id like to see the full auth exchange

15

Here is my communication stream between Coldfusion and OpenFire:

<stream:stream to=“jabber.xxx.com” xmlns=“jabber:client” xmlns:stream=“http://etherx.jabber.org/streams” version=“1.0”>

<?xml version=‘1.0’ encoding=‘UTF-8’?>

<stream:stream xmlns:stream=“http://etherx.jabber.org/streams” xmlns=“jabber:client” from=“jabber.xxx.com” id=“10a52a9f” xml:lang=“en” version=“1.0”>

<stream:features>

<starttls xmlns=“urn:ietf:params:xml:ns:xmpp-tls”></starttls>

<mechanisms xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”>

<mechanism>DIGEST-MD5</mechanism>

<mechanism>PLAIN</mechanism>

<mechanism>ANONYMOUS</mechanism>

<mechanism>CRAM-MD5</mechanism>

</mechanisms>

<compression xmlns=“http://jabber.org/features/compress”>

<method>zlib</method>

</compression>

<auth xmlns=“http://jabber.org/features/iq-auth”/>

</stream:features>

<auth mechanism=“DIGEST-MD5” xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”></auth>

<challenge xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”>cmVhbG09ImphYmJlci5kZWFsZXJkZWxpdmV yeS5jb20iLG5vbmNlPSJqTURtYXM4SEhObmJ0NDVpSmJQYUdpODJDNzRFQUxDZ1dnL2x6K2hCIixxb3A 9ImF1dGgiLGNoYXJzZXQ9dXRmLTgsYWxnb3JpdGhtPW1kNS1zZXNz</challenge>

<response xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”>dXNlcm5hbWU9Im5vdGlmaWVyIixub25jZT0 iak1EbWFzOEhITm5idDQ1aUpiUGFHaTgyQzc0RUFMQ2dXZy9seitoQiIsbmM9MDAwMDAwMDEsY25vbmN lPSJLWlkyWW5NOGpTOD0iLGRpZ2VzdC11cmk9ImF1dGgvamFiYmVyLmRlYWxlcmRlbGl2ZXJ5LmNvbSI scmVzcG9uc2U9ODkyNzk5YzFmYmE5NzMwYjk4ZjY0MGZjMTAxMjIyYjgscW9wPWF1dGg=</respon se>

<failure xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”>

<not-authorized/>

</failure>

<presence id=“bRMf6-21” type=“unavailable”></presence>

</stream:stream>

16

Here is challenge decoded for you:

realm="jabber.dealerdelivery.com",nonce="jMDmas8HHNnbt45iJbPaGi82C74EALCgWg/lz+hB",qop="auth",charset=utf-8,algorithm=md5-sess

and the response:

username="notifier",nonce="jMDmas8HHNnbt45iJbPaGi82C74EALCgWg/lz+hB",nc=00000001,cnonce="KZY2YnM8jS8=",digest-uri="auth/jabber.dealerdelivery.com",response=892799c1fba9730b98f640fc101222b8,qop=auth

A few things to notice: The challenge specifies a realm, but the response does not. According to RFC 2831 the digest response must have the realm in it:

realm

The realm containing the user’'s account. This directive is

required if the server provided any realms in the

“digest-challenge”, in which case it may appear exactly once and

its value SHOULD be one of those realms. If the directive is

missing, “realm-value” will set to the empty string when computing

A1 (see below for details).

If its missing, you get the empty string by default. Which is why your errors says "invalid realm: " Looks like CF is broken.

17

Yes, that is the problem. Thanks for providing the insight. CF8 comes with a new smack.jar that has the bug in it that handles the XMPP communication. I rolled my smack.jar back to the one that came with CF7 and it works again. I submitted a bug to Adobe and expect a new smack.jar soon.

Cheers!

18

I had the same issue, using the latest Smack libraries (3.0.4). As already stated in a previous post, the problem seems to be with the realm value. The server sends a default realm value in the first challenge, but the client (Smack) responds with no realm.

The following Smack patch seems to fix the problem (it might not be the most robust solution, but it caters at least for a default realm value as sent by the server):

Index: source/org/jivesoftware/smack/sasl/SASLMechanism.java
===================================================================
--- source/org/jivesoftware/smack/sasl/SASLMechanism.java       (revision 10151)
+++ source/org/jivesoftware/smack/sasl/SASLMechanism.java       (working copy)
@@ -184,8 +184,8 @@
                 PasswordCallback pcb = (PasswordCallback)callbacks[i];
                 pcb.setPassword(password.toCharArray());
             } else if(callbacks[i] instanceof RealmCallback) {
-                //unused
-                //RealmCallback rcb = (RealmCallback)callbacks[i];
+               RealmCallback rcb = (RealmCallback)callbacks[i];
+               rcb.setText(rcb.getDefaultText());
             } else if(callbacks[i] instanceof RealmChoiceCallback){
                 //unused
                 //RealmChoiceCallback rccb = (RealmChoiceCallback)callbacks[i];

As far as I can see, this should be part of http://www.igniterealtime.org/issues/browse/SMACK-210

Can someone confirm this?

19 
username="notifier",nonce="jMDmas8HHNnbt45iJbPaGi82C74EALCgWg/lz+hB",

nc=00000001,cnonce="KZY2YnM8jS8=",digest-uri="auth/jabber.dealerdelivery.com",

**
**

> response=892799c1fba9730b98f640fc101222b8  how can prepare this.....
****

**
**

**
**





,qop=auth