#jabber   #md5   #openfire   #ruby   #sasl   #sysadm   #xmpp   #xmpp4r

disable DIGEST-MP5 to xmpp4r connect with your openfire jabber server

February 21, 2008

in my typical love and hate relationship with opensource  (aka open sore) i stumbled over SASL induced configuration pains again today. To cut a long story short, just disable DIGEST-MD5 sasl out on the openfire jabber server and immediatly xmpp4r works like a charm for me.

How to disable digest md5 on Openfire? Not so easy to find out and in a beautiful amateuristic way lots of the advice you find is actually plain wrong.

Put this into your openfire.xml:

<!-- but put it inside the <jive>...</jive> tags somewhere -->

, because when you know the name of the right openfire property, and are able to read(in openfire.xml):

    This file stores bootstrap properties needed by Openfire.
    Property names must be in the format: "prop.name.is.blah=value"
    That will be stored as:

,then you easily know that <sasl><mechanisms>....</mechanisms></sasl> is bogus.

you usually find your openfire.xml at ${OPENFIRE_HOME}/conf/openfire.xml. and you must restart the the server afterwards, like /etc/init.d/openfire restart.

there is another option, like making the xmpp4r implementation don't even try to use the digest-md5 mechanism which the openfire server offers. Just disabling DIGEST-Md5 acceptance at /opt/local/lib/ruby/gems/1.8/gems/xmpp4r-0.3.2/lib/xmpp4r/client.rb:108 in Jabber::Client.auth does work, but i will try to get it implemented a littel more selective before posting a xmpp4r fix here. Who knows, there even might be two SASL DIGEST-MD5 implementations on this planet which actually do match? i doubt it, an even then, i don't care. vote for alt.source.sasl-must-die-die-die and

have fun

Technorati Tags: , , , , ,

share this: