SASL Authenticate Mechanisim uses XMPP domain instead of FQDN

Description

When performing SASL authentication, the SASLAuthentication object uses XMPPConnection.getServiceName() to supply to the SASLMechanisim.authenticate(user,host,pass) method (line 192). When using GSSAPI, the fully qualified domain name (FQDN) of the server is required for authentication. For servers where the FQDN of the server does not match the domain, authentication will fail.

This is related in nature to

Simple fix: Change to connection.getHost().

Environment

Primarily will affect GSSAPI environments, but can affect any SASL authentication that requires the hostname.

Activity

Show:

MattM
June 8, 2007 at 12:37 AM

Closing this one again based on fix and testing by Jay. We can rep-open again later if there are any problems.

MattM
June 7, 2007 at 11:21 PM

Thread that discusses this issue: http://www.igniterealtime.org/forum/thread.jspa?threadID=26681

MattM
June 7, 2007 at 11:20 PM

Crap, it looks like we broke Google Talk, and possibly other domains that use DNS SRV records?

MattM
May 11, 2007 at 12:54 AM

Hmm. Is this correct for other SASL mechanisms??

Resize issue view side panel

Fixed

Details

Assignee

MattM

Reporter

Jay Kline

Original estimate

30m

Time tracking

No time logged30m remaining

Priority

Critical

Created May 10, 2007 at 10:50 PM

Updated June 8, 2007 at 12:37 AM

Resolved June 8, 2007 at 12:37 AM

SASL Authenticate Mechanisim uses XMPP domain instead of FQDN

Description

Environment

Activity

MattM June 8, 2007 at 12:37 AM

MattM June 7, 2007 at 11:21 PM

MattM June 7, 2007 at 11:20 PM

MattM May 11, 2007 at 12:54 AM