powered by Jive Software

Unable to login via WAN

Hi,

I’ve successfully setup Openfire and Spark IM client are able to login and chat locally.

I tried to NAT the local IP to a WAN IP. Tested it by putting in the WAN :9090 and :7070 both are accessible but whenever I used the application it just says

invalid username or password.

FYI: I’ve attached this to an ldap to use Windows credentials

I’m pretty sure Im missing something here.

Thanks

jepoy

Just an update, I tried to connect my laptop locally (within the network) and weird, it’s unable to login as well.

Though my credentials are being recognized interms of logging in the admin page but not on the IM client.

Thanks

jepoy

Another update, when I removed the IP address of the Openfire server and instead used the server name, it worked instead.

Kind of weird, isnt it that it should work more with IP address?

thanks

Jefferson

What version of Spark? 2.8.0 is using Smack 4 library, which doesn’t allow login when server’s name and SSL certificates name do not match. When you use IP address for server address it tries to match IP to your real server’s name.

Yes. 2.8.0, so is there a fix or workaround? I tried to host my external IP so that I won’t be using IP aadress instead use a domain name. When I ping the domain name, it point’s to the correct WAN IP but when I used the IM client, input the correct domain name, still invalid username and password

Thanks

jepoy

Do you have 5222 port forwarded? That’s what client uses. You can also try 2.7.7 version and see if it works better. Not sure if there will be a workaround for this as accepting not matching certificates is against security. In that case one might just disable TLS and use plain connections

To download 2.7.7 just replace the numbers in the download link url.

Yap I do have 5222 open in my firewall since I can login in local network. Ok, I can try on 2.7.7 but hopefully there’s a workaround on 2.8.0

Thanks

jepoy

And is it possible to show all exisiting Windows Accounts? I mean since this server is linked to our ldap, can it show all users regardless online or offline? or is it really has to be added manually?

thanks

jepoy

If your LDAP filter pulls AD groups with users, then you can go into Groups menu, open every group and enable sharing in contact list.

When I clicked on User/Group, I can see users in the “User” tab but nothing shows up on the “Group” tab.

Thanks

jepoy

When I clicked on the “Group” tab, it shows me an error message saying:

Not Allowed: The group account system is read-only.

thanks

jepoy

I’m not using AD integration myself, so can’t help more. I think this depends on how your ldap filter was set during setup. It should be able to show AD groups there.

There is a test build of 2.8.0 version which has an option to disable Certificate hostname verification (in the Advanced menu on the Login screen), which should allow you to login. http://download.igniterealtime.org/spark/dailybuilds/spark_2_8_0_886.exe

Btw, i think you should post your LDAP groups question in a separate thread so it don’t get overlooked because of your thread’s main issue.

I see, will test that test version of 2.8.0.

Apologies for the mixed up of topic. Let me create a different one for contacts/groups.

Thanks

jepoy

yap, version 2.8.0 build 886 has this option alright and I was able to login using IP address not just the servername or domain name

Thanks

jepoy

I’m also having the same problem.

Previous I was not getting this to work inside my lan but after a few tweaks I just got 2.8.0 running ok.

The problem now is connecting via WAN.

I’m using two apps. Normal Spark, 2.8 and 2.7.7, and Xabber for Android.

With 2.7.7 and Xabber I can login fine, for now. With Openfire 4.1 all is going to change.

With 2.8 I can’t. No matter what I do, I simply can’t login. Maybe cause Server for WAN (I’m using a ddns domain to point to my real server ip) differs from the one used over lan.

Hope that this can be fixed.