Sparkweb login problems in SSO environment


we are running Spark 2.63 / Openfire 3.7 with Single Sign On over GSSAPI (Active Directory). Everything works perfect.

Now we want to implement Sparkweb for some users (It´s not necessary to run Sparkweb with SSO).

We cannot bind Sparkweb to http or https. The socket connection over 5222 works fine but when we switch to http or https the client couldn´t log in.

It seems that the problem is the SSO configuration on the OF server. When we delete the GSSAPI option

sasl.mechs GSSAPI

the Sparweb binded to http works perfect.

We can reproduce this on a test server. As soon as we are installing SSO on the OF server and the SASL.mechs entry is configured, the http binding of Sparkweb doesn´t work anymore regardless of wether Sparkweb runs over IIS or as a openfire plugin.


Adding PLAIN to the SASL.MECHS option worked. Our Spark Clients are still using the GSSAPI and the PLAIN mechanism is for the Sparkweb connection (binded to https) which don´t authenticate with SSO.

So our sasl.mechs property looks like this:

sasl.mechs GSSAPI,PLAIN