I’ve setup Openfire on a server at work for testing to replace our old jabberd server. Lots of nice features, and I hope to make the switch.
At first I setup Openfire to use a testing area of our LDAP tree, ‘ou=jabbers,dc=testing,dc=example,dc=com’. I added a few accounts for testing, everything went well.
I got ambitious and set it to use our main LDAP tree for Jabber, ‘dc=jabber,dc=example,dc=com’. At this point, user accounts stopped being able to log in. All of the accounts under ‘dc=jabber,dc=example,dc=com’ are actually aliases to our main list of accounts, ‘dc=accounts,dc=example,dc=com’. When I add an account under ‘dc=jabber,dc=example,dc=com’ that IS NOT an aliases, I can log into that account fine.
Here’s the information I’m getting from the Debug Log:
2008.02.07 22:14:30 NIOConnection: startTLS: using c2s
2008.02.07 22:14:36 XMPPCallbackHandler: NameCallback: testuser1
2008.02.07 22:14:36 XMPPCallbackHandler: VerifyPasswordCallback
2008.02.07 22:14:36 LdapManager: Trying to find a user’s DN based on their username. uid: testuser1, Base DN: dc=jabber,dc=example,dc=com…
2008.02.07 22:14:36 LdapManager: Creating a DirContext in LdapManager.getContext()…
2008.02.07 22:14:36 LdapManager: Created hashtable with context values, attempting to create context…
2008.02.07 22:14:36 LdapManager: … context created successfully, returning.
2008.02.07 22:14:36 LdapManager: Starting LDAP search…
2008.02.07 22:14:36 LdapManager: … search finished
2008.02.07 22:14:36 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: uid=“testuser1”,cn=“accounts”,dc=“example”,dc=“com”…
2008.02.07 22:14:36 LdapManager: Created context values, attempting to create context…
2008.02.07 22:14:36 LdapManager: Caught a naming exception when creating InitialContext
javax.naming.AuthenticationException: LDAP: error code 49 - Invalid Credentials
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82 )
at org.jivesoftware.openfire.ldap.LdapManager.checkAuthentication(LdapManager.java :463)
at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:111)
at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:149)
at org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:86)
at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:112)
at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :229)
at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:152)
at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:132)
at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)
at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:173)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)
at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java: 650)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.lang.Thread.run(Thread.java:595)
Anyone have any guidance on what to look at?
Thanks.