I’m running Openfire on Windows 2003 Server Std., I’ve setup openfire to Authenticate using LDAP and everything works fine. However I’ve decided I’d like to use SSO instead. Below are the steps I took to setup SSO, mainly taken from http://wiki.igniterealtime.org/display/WILDFIRE/Configuring*Openfire*for+Kerberos
First I created a Windows User in ADUC called xmpp-jabber
Next I created the keyfile on our Domain Controller
C:\keytabs>Ktpass princ xmpp/jabber.ad.mcbrideandson.com@AD.MCBRIDEANDSON.COM ma puser MCBRIDE\xmpp-jabber -pass ****passwordhere**** out xmpp.keytab -ptype KRB5_NT_PR INCIPAL Targeting domain controller: dell-dc.AD.McBrideandSon.com Using legacy password setting method Successfully mapped xmpp/jabber.ad.mcbrideandson.com to xmpp-jabber. Key created. Output keytab to xmpp.keytab: Keytab version: 0x502 keysize 88 xmpp/jabber.ad.mcbrideandson.com@AD.MCBRIDEANDSON.COM ptype 1 (KRB5_N T_PRINCIPAL) vno 14 etype 0x17 (RC4-HMAC) keylength 16 (0x38ce8e2ddcd3bd78889988 713a7172fc)
I then Copied the keyfile to C:\Program Files\Openfire\resources\jabber.keytab on the Member Server hosting The OpenFire server.
Next I created the gss file C:\Program Files\Openfire\conf\gss.conf File on the OpenFire server
com.sun.security.jgss.accept {
com.sun.security.auth.module.Krb5LoginModule
required
storeKey=true
keyTab=“C:/Program Files/Openfire/resources/jabber.keytab”
doNotPrompt=true
useKeyTab=true
realm=“AD.MCBRIDEANDSON.COM”
principal=“xmpp/jabber.ad.mcbrideandson.com@AD.MCBRIDEANDSON.COM”
debug=true;
};
Lastly I appended the text below to C:\Program Files\Openfire\conf\openfire.xml
<gssapi>
<debug>true</debug>
<config>C:\Program Files\Openfire\resources\conf\gss.conf</config>
<useSubjectCredsOnly>false</useSubjectCredsOnly>
</gssapi>
</sasl>
I stopped the OpenFire Service and opened the OpenFire Server via the Start Menu, and Clicked the Start Button within it’s window
The text below was shown in the output window of the OpenFire Server, this text is shown multiple times in the window but I posted only one instance of it to save room.
ERROR 11897 (): Error reading XML properties
org.dom4j.DocumentException: Error on line 135 of document : The markup in the document following the root element must be well-formed. Nested exception: The markup in the document following the root element must be well-formed.
at org.dom4j.io.SAXReader.read(SAXReader.java:482)
at org.dom4j.io.SAXReader.read(SAXReader.java:365)
at org.jivesoftware.util.XMLProperties.buildDoc(XMLProperties.java:464)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:112)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:61)
at org.jivesoftware.util.JiveGlobals.loadSetupProperties(JiveGlobals.java:771)
at org.jivesoftware.util.JiveGlobals.getXMLProperty(JiveGlobals.java:274)
at org.jivesoftware.util.Log.initLog(Log.java:76)
at org.jivesoftware.util.Log.<clinit>(Log.java:64)
at org.jivesoftware.util.XMLProperties.buildDoc(XMLProperties.java:467)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:112)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:61)
at org.jivesoftware.util.JiveGlobals.loadSetupProperties(JiveGlobals.java:771)
at org.jivesoftware.util.JiveGlobals.getXMLProperty(JiveGlobals.java:274)
at org.jivesoftware.util.JiveGlobals.isSetupMode(JiveGlobals.java:751)
at org.jivesoftware.util.JiveGlobals.getProperty(JiveGlobals.java:521)
at org.jivesoftware.openfire.XMPPServer.initialize(XMPPServer.java:286)
at org.jivesoftware.openfire.XMPPServer.start(XMPPServer.java:383)
at org.jivesoftware.openfire.XMPPServer.<init>(XMPPServer.java:148)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at org.jivesoftware.openfire.starter.ServerStarter.start(ServerStarter.java:93)
at org.jivesoftware.openfire.starter.ServerStarter.main(ServerStarter.java:49)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.exe4j.runtime.LauncherEngine.launch(Unknown Source)
at com.exe4j.runtime.WinLauncher.main(Unknown Source)
Nested exception:
org.xml.sax.SAXParseException: The markup in the document following the root element must be well-formed.
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseExcep tion(Unknown Source)
at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl$TrailingMiscDriv er.next(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(Unknown Source)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocu ment(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unkno wn Source)
at org.dom4j.io.SAXReader.read(SAXReader.java:465)
at org.dom4j.io.SAXReader.read(SAXReader.java:365)
at org.jivesoftware.util.XMLProperties.buildDoc(XMLProperties.java:464)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:112)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:61)
at org.jivesoftware.util.JiveGlobals.loadSetupProperties(JiveGlobals.java:771)
at org.jivesoftware.util.JiveGlobals.getXMLProperty(JiveGlobals.java:274)
at org.jivesoftware.util.Log.initLog(Log.java:76)
at org.jivesoftware.util.Log.<clinit>(Log.java:64)
at org.jivesoftware.util.XMLProperties.buildDoc(XMLProperties.java:467)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:112)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:61)
at org.jivesoftware.util.JiveGlobals.loadSetupProperties(JiveGlobals.java:771)
at org.jivesoftware.util.JiveGlobals.getXMLProperty(JiveGlobals.java:274)
at org.jivesoftware.util.JiveGlobals.isSetupMode(JiveGlobals.java:751)
at org.jivesoftware.util.JiveGlobals.getProperty(JiveGlobals.java:521)
at org.jivesoftware.openfire.XMPPServer.initialize(XMPPServer.java:286)
at org.jivesoftware.openfire.XMPPServer.start(XMPPServer.java:383)
at org.jivesoftware.openfire.XMPPServer.<init>(XMPPServer.java:148)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at org.jivesoftware.openfire.starter.ServerStarter.start(ServerStarter.java:93)
at org.jivesoftware.openfire.starter.ServerStarter.main(ServerStarter.java:49)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.exe4j.runtime.LauncherEngine.launch(Unknown Source)
at com.exe4j.runtime.WinLauncher.main(Unknown Source)
ERROR 11897 ():
java.io.IOException: Error on line 135 of document : The markup in the document following the root element must be well-formed. Nested exception: The markup in the document following the root element must be well-formed.
at org.jivesoftware.util.XMLProperties.buildDoc(XMLProperties.java:468)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:112)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:61)
at org.jivesoftware.util.JiveGlobals.loadSetupProperties(JiveGlobals.java:771)
at org.jivesoftware.util.JiveGlobals.getXMLProperty(JiveGlobals.java:274)
at org.jivesoftware.util.Log.initLog(Log.java:76)
at org.jivesoftware.util.Log.<clinit>(Log.java:64)
at org.jivesoftware.util.XMLProperties.buildDoc(XMLProperties.java:467)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:112)
at org.jivesoftware.util.XMLProperties.<init>(XMLProperties.java:61)
at org.jivesoftware.util.JiveGlobals.loadSetupProperties(JiveGlobals.java:771)
at org.jivesoftware.util.JiveGlobals.getXMLProperty(JiveGlobals.java:274)
at org.jivesoftware.util.JiveGlobals.isSetupMode(JiveGlobals.java:751)
at org.jivesoftware.util.JiveGlobals.getProperty(JiveGlobals.java:521)
at org.jivesoftware.openfire.XMPPServer.initialize(XMPPServer.java:286)
at org.jivesoftware.openfire.XMPPServer.start(XMPPServer.java:383)
at org.jivesoftware.openfire.XMPPServer.<init>(XMPPServer.java:148)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at org.jivesoftware.openfire.starter.ServerStarter.start(ServerStarter.java:93)
at org.jivesoftware.openfire.starter.ServerStarter.main(ServerStarter.java:49)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.exe4j.runtime.LauncherEngine.launch(Unknown Source)
at com.exe4j.runtime.WinLauncher.main(Unknown Source)
If I attempt to goto http://127.0.0.1:9090 it trys to go through the setup again, asking what language I would like and so forth, as if setup was never ran. Even though <setup>true</setup> is set in the xml.
If I remove the text I appended below and stop/start OpenFire, then goto the Web Interface everything works fine again, it does not attempt to run the setup.
It appears to me something is wrong in my XML file? Can anyone see what I’m doing wrong?