Unable to connect using Single Sign-On


after January Windows updates Spark (2.9.4) giving this errors during loging in:

org.jivesoftware.smack.SmackException$NoResponseException: No response received within reply timeout. Timeout was 10000ms (~10s). While waiting for stream compression feature
at org.jivesoftware.smack.SmackException$NoResponseException.newWith(SmackException.java:93)
at org.jivesoftware.smack.SynchronizationPoint.checkForResponse(SynchronizationPoint.java:317)
at org.jivesoftware.smack.SynchronizationPoint.checkIfSuccessOrWait(SynchronizationPoint.java:160)
at org.jivesoftware.smack.tcp.XMPPTCPConnection.loginInternal(XMPPTCPConnection.java:408)
at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:546)
at org.jivesoftware.LoginDialog$LoginPanel.login(LoginDialog.java:1128)
at org.jivesoftware.LoginDialog$LoginPanel.access$900(LoginDialog.java:370)
at org.jivesoftware.LoginDialog$LoginPanel$3.construct(LoginDialog.java:910)
at org.jivesoftware.spark.util.SwingWorker.lambda$new$1(SwingWorker.java:139)
at java.lang.Thread.run(Unknown Source)

Does anybody have any idea how to fix this problem?

Thank you very much.

It looks like Windows fixed this in the latest updates, unfortunately I can’t verify that.

What Java are you using in Openfire and in Spark?

Perhaps these topics will help you:


Unfortunately Windows Updates looks like breaks this… I tried to rollback updates, but it didn´t help.

Strange is, that sometimes I can log in, but sometimes it giving mi this error. Before updates it worked normally without any issues.


Now the error is different (shorter), but the same scenario. Sometimes it pass through and I can normally login and sometimes it ending with this errror:

org.jivesoftware.smack.sasl.SASLErrorException: SASLError using GSSAPI: not-authorized
at org.jivesoftware.smack.SASLAuthentication.authenticationFailed(SASLAuthentication.java:292)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1200)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$1000(XMPPTCPConnection.java:1092)
at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1112)
at java.lang.Thread.run(Unknown Source)

OK, I solved my problem again by myself.

I needed to recreate a new keytab file with AES256-SHA1 encryption, after that it started working like a charm.

1 Like

SHA1,3DES,RC4 very old.
I’m glad you found a solution

Yes it is, but it is still a default microsoft option when you creating keytab.

Everybody who can have this problem after Windows Update (Especially Novemeber 2022 and later) recreate a new keytab file with this command:

ktpass /princ xmpp/openfireserver.domain.local@DOMAIN.LOCAL -mapUser xmpp-openfire@DOMAIN.LOCAL /pass * /crypto AES256-SHA1 /ptype KRB5_NT_PRINCIPAL /out c:\file.keytaab

and for those , who have a problem with SSO spark login - empty principal/username after updating windows 11 to 22H2 you need to add entries to the windows registry: