SASL Authenticate Mechanisim uses XMPP domain instead of FQDN
Description
When performing SASL authentication, the SASLAuthentication object uses XMPPConnection.getServiceName() to supply to the SASLMechanisim.authenticate(user,host,pass) method (line 192). When using GSSAPI, the fully qualified domain name (FQDN) of the server is required for authentication. For servers where the FQDN of the server does not match the domain, authentication will fail.
This is related in nature to
Simple fix: Change to connection.getHost().
Environment
Primarily will affect GSSAPI environments, but can affect any SASL authentication that requires the hostname.
Activity
Show:
MattM
June 8, 2007 at 12:37 AM
Closing this one again based on fix and testing by Jay. We can rep-open again later if there are any problems.
When performing SASL authentication, the SASLAuthentication object uses XMPPConnection.getServiceName() to supply to the SASLMechanisim.authenticate(user,host,pass) method (line 192). When using GSSAPI, the fully qualified domain name (FQDN) of the server is required for authentication. For servers where the FQDN of the server does not match the domain, authentication will fail.
This is related in nature to
Simple fix: Change to connection.getHost().