powered by Jive Software

Spark Web connects to old version of Openfire, but not new?

I am very confused.

I have 2 installs of openfire:

Openfire 3.5.2

Openfire 3.6.0

I have installed sparkweb on apache on the same server as the 3.6.0 server, however I put in the details for the 3.6 server in the boxes at the prompt and it goes away and comes back without logging in. I then put the details of the 3.5.2 server in the prompts and it works first time. Even though the java script has the settings for the 3.6 server which doesnt work.

I have even commented out the javascript completely and it still connects the the 3.5.2 server, I presume there must be some default ports etc that it seems able to get to on the older version.

I have tried using socket and http but nothing works connecting it to the 3.6 server.

The port summary for the 3.6.0 is:

All addresses 5222 Client to Server The standard port for clients to connect to the server. Connections may or may not be encrypted. You can update the security settings for this port.
All addresses 5223 Client to Server The port used for clients to connect to the server using the old SSL method. The old SSL method is not an XMPP standard method and will be deprecated in the future. You can update the security settings for this port.
All addresses 9090 Admin Console The port used for unsecured Admin Console access.
All addresses 9091 Admin Console The port used for secured Admin Console access.
All addresses 8081 HTTP Binding The port used for unsecured HTTP client connections.
All addresses 7443 HTTP Binding The port used for secured HTTP client connections.
All addresses 3478 & 3479 STUN Service The port used for the service that ensures connectivity between entities when behind a NAT.
All addresses 5229 Flash Cross Domain Service that allows Flash clients connect to other hostnames and ports.

The port summary for the 3.5.2 is:

All addresses 5222 Client to Server The standard port for clients to connect to the server. Connections may or may not be encrypted. You can update the security settings for this port.
All addresses 5223 Client to Server The port used for clients to connect to the server using the old SSL method. The old SSL method is not an XMPP standard method and will be deprecated in the future. You can update the security settings for this port.
All addresses 9090 Admin Console The port used for unsecured Admin Console access.
All addresses 9091 Admin Console The port used for secured Admin Console access.
All addresses 8081 HTTP Binding The port used for unsecured HTTP client connections.
All addresses 7443 HTTP Binding The port used for secured HTTP client connections.
All addresses 3478 & 3479 STUN Service The port used for the service that ensures connectivity between entities when behind a NAT.
All addresses 5229 Flash Cross Domain Service that allows Flash clients connect to other hostnames and ports

There are no firewalls on either server.

Both servers are running linux.

Any advice would be appreciated.

Simon

You are not alone with such problem. You can check for other threads describing such problems. The strange thing is that it somehow works for others. I didnt manage to get it working. So one advice would be to wait for next SparkWeb release (don’t know when), or to use 3.5.2 server till that.

Cheers WROOT,

Glad i am not the only one.

it seriously weird that it randomly works for some people and not for others and that it connects the the old 3.5.2 without any configuration settings at all.

Cheers

Si

The reason why the SparkWeb login problem seems very random and inconsistent is because of changes to Adobe Flash Player at the same time as changes to Openfire and SparkWeb. From information posted by community members, this is a summary of what works with what.

Openfire 3.5.x works with SparkWeb 0.9 and Red5 Plugin SparkWeb 0.0.xx. If your Flash player is newer than Flash player 9,0,124,0, then you need to change the PolicyURL to xmlsocket otherwise you will get a not authorized error. Connection type socket works best.

Openfire 3.6.0 has changes which break the official SparkWeb 0.9. It however works with SVN SparkWeb, the version at www.igniterealtime (http://www.igniterealtime.org/sparkweb/SparkWeb.swf) and the Red5 Plugin SparkWeb 0.1.xx. Both http-bind and socket connections work ok. Make sure you are using xmlsocket and not the crossdomain.xml file for PolicyURL.

I have just tried to put sparkweb into Openfire’s own web server (/openfire/plugins/admin/webapp/). Also, i have replaced sparkweb.swf with that from the igniterealtime.org chat page and i didnt do any configuration in sparkweb.html. And it works. Well, i have tested it from the same machine, locally. I will have to test this in the production environment too. Though i was willing to keep SparkWeb in our internal IIS web server.

I have used the swf file from the igniterealtime.org website and this works more than it did before.

however when i test with multiple users loggging in and out it doesnt like it at all. I get authorisation errors.

Strangley my account works everytime.

I have also added :

To the SparkWeb.html, which should remove any cached swf content, which has helped, but not removed the the problem competely.

I am using the config file that was orignal with socket 5222.

Not sure what else to try at present, I dont want to go back to the old version really.

Cheers

Si

dele wrote:

If your Flash player is newer than Flash player 9,0,124,0, then you need to change the PolicyURL to xmlsocket otherwise you will get a not authorized error. Connection type socket works best.

Can you give an example of such a config? I don’t know how this xmlsocket line should look like. I have the crossdomain.xml in my webserver http://intranet/sparkweb/

Also, what my crossdomain.xml should look like if i want to use SparkWeb in my LAN? What should i specify instead of *.domain1? We have AD, so i have tried to put ourdomain.local or just ourdomain here. But i was using URL policyFileURL, not xmlsocket.

We are using Flash player 10.*

I am using flash 10 as well and this is my modified sparkweb config.

function jive_sparkweb_getConfig()
{

var username = getPageParameter(‘username’, ‘dele.olajide’);
var password = getPageParameter(‘password’, ‘’);
var autologin = getPageParameter(‘autologin’, ‘false’);
var webapp = getPageParameter(‘webapp’, ‘red5’);
var conn = getPageParameter(‘conn’, ‘socket’);

return {
httpLabel: “Mail”,
httpURL: “http://www.gowebtop.com/webtop/5477/main.lzr=swf8.swf”,
username: username,
password: password,
server: window.location.hostname,
port: conn == “socket” ? 5222 : window.location.port,
red5url: “rtmp:/sip”,
xmppurl: “rtmpt::8000/xmpp”,
webapp: webapp,
connectionType: conn,
** policyFileURL: “xmlsocket://” + window.location.hostname + “:5229”,**
webcamAvatar: “true”,
visualPresence: 60,
autologin: eval(autologin)
};
}

Dele, i appreciate your reply, but maybe you can explain that like for a dumb person?

I still don’t get this xmlsocket thingy. What should i put in place of that window.location.hostname? I see that folks are putting their domains there. But in my case my Openfire machine has no resolvable hostname. It’s only an IP (say 192.168.12.100). Openfire servername is “jiveserver”. And SparkWeb is located on some other machine (192.168.12.200). This time it has a resolvable name in the LAN (Win2003 server) - say its name is “intranet”. It has IIS service running and i have put sparkweb there. So it’s available by address http://intranet/sparkweb/ (i have changed main file’s name to index.php so it would launch automatically). So… SparkWeb is loading, but i cant login. The error is now a bit different than some time ago, but it still contains “not authorized”.

What should i put in that xmlsocket? My Openfire server’s IP? e.g.** policyFileURL “xmlsocket://192.168.12.100:5229”, or ****policyFileURL “xmlsocket://jiveserver:5229”, **?

Or should it be policyFileURL “xmlsocket://intranet:5229”, ? Do i need a crossdomain.xml file somewhere, in my sparkweb folder?

Maybe you can also explain what is this xmlsocket thing exactly for? I suppose this is to ensure that a connection to a flash application is allowed from the outside of the domain hosting that application. So, probably it should allow Openfire to speak to that flash application. So maybe it should be a 192.168.12.100:5229 after all.

Have a read of this knowledge note from Adobe (http://www.adobe.com/devnet/flashplayer/articles/fplayer9_security_04.html) which gives the background to the security changes to the Flash Player which is the root of the problems with SparkWeb socket connections.

Openfire is listening on port 5229. Do a telnet to your openfire sever on port 5229 and it will serve you the default crossdomain XML.

This is what is served from my server at red5.4ng.net

<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia

.com/xml/dtds/cross-domain-policy.dtd">

I assume this means allow any connection to port 5222 from any domain. I am not sure of what it will do with an IP address instead of a domain name, but we can always find out

To answer your question, I think it should be xmlsocket://192.168.12.100:5229

The other thing to note is that if the crossdomain XML is not recieved in 3 secs, Flash Player will give a not authourized error. Simply retry. This can happen on your first login after a server reboot..

Dele, thanks. I think i have found some kind of an explanation. It seems that i have already changed my policy line to what you have suggested few days ago. And that didnt work. But then i have tried to disable my firewall and it worked. Retrieving crossdomain.xml from a xmlsocket now requires a connection to a server’s 5229 port. So i have added such a rule to my iptables:

iptables -A INPUT -p tcp --dport 5229 -s 192.168.12.0/24 -j ACCEPT

Now it works the same with firewall turned on or off. Though i still can’t usually login on the first try. It takes 2-3 times before i can login successfully. Maybe that’s the issue with 3 seconds delay, that you have mentioned. But i dont understand why is it happening. This is a LAN, there shouldnt be a connection problems.

I have updated my old How-to document according to this new material.

http://www.igniterealtime.org/community/docs/DOC-1553

You are welcome. I don’t think we have got to the bottom of the problem yet. My analysis was based on bits of information I have picked up from the XIFF discussions and SparkWeb discussions here. I have just discovered that socket connection does not work at all with Firefox and Safari. It could be the different version of the Flash Player on my PC, but I am yet to investigate futher.

thanks for updating the how-to document.