Just a general query to see if this is “known” or if others have the same problem. 2.5.8 both SSO and Fastpath working no problem, remove that client and install 2.6.0, neither work. Trying to use SSO displays “Unable to determine” on the login screen and “Spark is unable to find the principal for Single Sign-On” under the Advanced settings. I’m using Openfire 3.5.2, LDAP / Active Directory for users - and I did nothing at all to get SSO working with 2.5.8. It just did, out of the box. Has the method in 2.6.0 changed?
Likewise, with Fastpath - in 2.5.8 I got a tab in Spark and I could answer incoming requests etc, now there’s no tab - and in Openfire (under Fastpath) it displays me as offline. However under Sessions it correctly displays me as online. I’m using Fastpath 4.0.0.
Anyway, no biggie, I appreciate it’s a beta but wondered if they’re bugs, or changes that require some config from me.
Some of the SSO logic has changed, what settings do you have on the SSO tab of the preferences?
My SSO and fastpath works fine with spark 2.6.0b1. I do not have the latest fastpath installed though. I am still running the previous version.
Hi Jay, it’s just set to the default - Use SSO via GSSAPI. Advanced is unchecked, but if I select it and use krb5.* or DNS it still fails the same way. I haven’t tried Realm or KDC as yet cos I don’t know what values to put in there . I’ll look into that, I don’t expect anyone to tell me - just wondered what if anything had changed between 2.5.8 and 2.6.0…
Done a bit more digging and it seems it may just be my client that suddenly can’t use SSO. Have gone back to 2.5.8 and that doesn’t work now either - however colleagues are fine on both 2.5.8 and 2.6.0. I will try on a different PC, logged in as my user. Strange that it should suddenly stop working for just me though - I certainly haven’t been fiddling about with Kerberos files / settings. Until this morning I wouldn’t even have known where to look… This is the error generated in openfire when I try and log in -
2008.08.21 17:28:36 [org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHand ler.java:135)] Closing connection due to error while processing message: AG5pY2suY2hhcGxpbgA=
at java.util.StringTokenizer.nextToken(Unknown Source)
at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:110)
at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :231)
at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)
It would be nice to know WHY SSO ever worked in the first place to be honest - I have done zero configuration on Openfire, the DCs, the clients, nothing. I just ticked the box in Spark when I first installed it, though that would be nice - and it worked. Shouldn’t complain but it worries me when I have no idea why something works.
Fastpath - seems to be a problem only if 2.6.0 is installed “fresh”. If it’s installed over the top of 2.5.8, it works. I’ll keep testing and try on a different PC but certainly that’s the case on mine…