Smack

SASL Authenticate Mechanisim uses XMPP domain instead of FQDN

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Critical Critical
  • Resolution: Fixed
  • Affects Version/s: 3.0.2
  • Fix Version/s: 3.0.4
  • Component/s: Core
  • Labels:
    None
  • Environment:

    Primarily will affect GSSAPI environments, but can affect any SASL authentication that requires the hostname.

  • Acceptance Test - Add?:
    No

Description

When performing SASL authentication, the SASLAuthentication object uses XMPPConnection.getServiceName() to supply to the SASLMechanisim.authenticate(user,host,pass) method (line 192). When using GSSAPI, the fully qualified domain name (FQDN) of the server is required for authentication. For servers where the FQDN of the server does not match the domain, authentication will fail.

This is related in nature to JM-952

Simple fix: Change to connection.getHost().

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Matt Tucker added a comment -

Hmm. Is this correct for other SASL mechanisms??

Show
Matt Tucker added a comment - Hmm. Is this correct for other SASL mechanisms??
Hide
Permalink
Matt Tucker added a comment -

Crap, it looks like we broke Google Talk, and possibly other domains that use DNS SRV records?

Show
Matt Tucker added a comment - Crap, it looks like we broke Google Talk, and possibly other domains that use DNS SRV records?
Hide
Permalink
Matt Tucker added a comment -

Thread that discusses this issue: http://www.igniterealtime.org/forum/thread.jspa?threadID=26681

Show
Matt Tucker added a comment - Thread that discusses this issue: http://www.igniterealtime.org/forum/thread.jspa?threadID=26681
Hide
Permalink
Matt Tucker added a comment -

Closing this one again based on fix and testing by Jay. We can rep-open again later if there are any problems.

Show
Matt Tucker added a comment - Closing this one again based on fix and testing by Jay. We can rep-open again later if there are any problems.

People

  • Assignee:
    Matt Tucker
    Reporter:
    Jay
Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:

Time Tracking

Estimated:
30m
Original Estimate - 30 minutes
Remaining:
30m
Remaining Estimate - 30 minutes
Logged:
Not Specified
Time Spent - Not Specified