disable DIGEST-MP5 to xmpp4r connect with your openfire jabber server

February 21, 2008

in my typical love and hate relationship with opensource  (aka open sore) i stumbled over SASL induced configuration pains again today. To cut a long story short, just disable DIGEST-MD5 sasl out on the openfire jabber server and immediatly xmpp4r works like a charm for me.

How to disable digest md5 on Openfire? Not so easy to find out and in a beautiful amateuristic way lots of the advice you find is actually plain wrong.

Put this into your openfire.xml:

<sasl><mechs>PLAIN</mechs></sasl> 
<!-- but put it inside the <jive>...</jive> tags somewhere -->

, because when you know the name of the right openfire property, and are able to read(in openfire.xml):

    This file stores bootstrap properties needed by Openfire.
    Property names must be in the format: "prop.name.is.blah=value"
    That will be stored as:
        <prop>
            <name>
                <is>
                    <blah>value</blah>
                </is>
            </name>
        </prop>

,then you easily know that <sasl><mechanisms>....</mechanisms></sasl> is bogus.

you usually find your openfire.xml at ${OPENFIRE_HOME}/conf/openfire.xml. and you must restart the the server afterwards, like /etc/init.d/openfire restart.

there is another option, like making the xmpp4r implementation don't even try to use the digest-md5 mechanism which the openfire server offers. Just disabling DIGEST-Md5 acceptance at /opt/local/lib/ruby/gems/1.8/gems/xmpp4r-0.3.2/lib/xmpp4r/client.rb:108 in Jabber::Client.auth does work, but i will try to get it implemented a littel more selective before posting a xmpp4r fix here. Who knows, there even might be two SASL DIGEST-MD5 implementations on this planet which actually do match? i doubt it, an even then, i don't care. vote for alt.source.sasl-must-die-die-die and

have fun

Technorati Tags: , , , , ,

share this: