I'm unable to authenticate to openfire using ldap creds when GSSAPI is available. SSO also does not work using kerberos. while trouble shooting, it appears that with smack 4, spark is using the hostname/serverName. With smack 3, it looks like its uses the serviceName.
for example. I'm using SRV records for domain.com that point to xmpp.domain.com. with spark under smack3, the kerberos request uses domain.com
spark under smack4, the request used the cname/host record xmpp.domain.com and authentication fails.