The server is not configured to support any available SASL mechanisms

Matt_Towers · January 26, 2010, 8:51pm

I just updated to the XIFF trunk and now am getting an error when I attempt to log in to Openfire from my client with the following error:

The server is not configured to support any available SASL mechanisms

Anyone seen this? Any ideas on how to address?

Thanks!

-Matt

Juga_Paazmaya · January 27, 2010, 9:32am

This is related to the change made in revision 11557 for “configureAuthMechanisms”.

if (useAnonymousLogin)
{
if (authClass == Anonymous)
{
break;
}
}
else
{
if (authClass != Anonymous)
{
break;
}
}

This was to make auth work even if the first available type is anonymous and useAnonumousLogin is false.

Hoes does your supported auth method list look like?

sectore · January 28, 2010, 2:52pm

Updated to r11327 and have the same issue described above. It works only, if I set connection.useAnonymousLogin = true; even if an user try to login with its username and password. But it does not make sense for me… Check out the code, please.

connection.username = "username";
connection.password = MD5.hash( "XXX" ); // Why do I need set useAnonymousLogin=true?
// If I ignore it, it failed with an error "The server is not configured to support any available SASL mechanisms"
connection.useAnonymousLogin = true; connection.server = "any_server_url";
connection.connect( XMPPConnection.STREAM_TYPE_STANDARD );

Any help very appreciated!

Thanks!

-Jens

–

www.websector.de

Matt_Towers · January 28, 2010, 5:40pm

I’m not sure what you mean by “supported auth method list”?

Via the Openfire Admin UI, my server is configured as follows:

Profile Settings: default

Inband Registration: false

Change Password: true

Anonymous Login: false

Client Conneciton Security: optional

Server Connection Security: optional

Server Certificates: self-signed RSA

My login code is as follows:

m_connection.username = jid.node;
m_connection.password = password;
m_connection.server = jid.domain;

m_connection.port = 5222;
m_connection.connect(XMPPConnection.STREAM_TYPE_STANDARD);

Is that what you were looking for?

Thanks much for your help,

-Matt

Juga_Paazmaya · January 29, 2010, 7:22am

I was referring to the XML returned by the server, which is prosessed by the “configureAuthMechanisms” method.

The logic seems to be somehow messy.

Anyhow it should go as follow:

useAnonymousLogin == true --> is it available in the list
If not, fail
useAnonymousLogin == false --> is there any other methods available in the list
Try the first one of those which is also in the list of “saslMechanisms” array.

Perhaps check for null is what was missing.

for each(var mechanism:XMLNode in mechanisms.childNodes)
{
authClass = saslMechanisms[mechanism.firstChild.nodeValue];
if (useAnonymousLogin)
{
if (authClass == Anonymous)
{
break;
}
}
else
{
if (authClass != Anonymous && authClass != null)
{
break;
}
}
}

Matt_Towers · January 29, 2010, 5:21pm

I logged on with PSI and captured what appears to be the relevant output from Openfire. Here’s what I got:

stream:features

 <starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"/>

 <mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl">

      <mechanism>DIGEST-MD5</mechanism>

      <mechanism>PLAIN</mechanism>

      <mechanism>CRAM-MD5</mechanism>

 </mechanisms>

 <compression xmlns="[http://jabber.org/features/compress](http://jabber.org/features/compress)">

      <method>zlib</method>

 </compression>

 <auth xmlns="[http://jabber.org/features/iq-auth](http://jabber.org/features/iq-auth)"/>

</stream:features>

Matt_Towers · February 3, 2010, 5:23pm

Any guesses on this one? Is that server config what should be expected?

Thanks!

-MCT

Matt_Towers · February 3, 2010, 6:09pm

Disregard that last reply. I inserted your suggestion and it worked fine.

Thanks!