Instant Messaging client-server solution?

Russ Allbery rra at stanford.edu
Fri May 20 16:26:09 EDT 2011


Jaap Winius <jwinius at umrk.nl> writes:
> Quoting Dax Kelson <dkelson at gurulabs.com>:

>> We used Pidgin and OpenFire in our office. Works well. Was pretty
>> straightforward to configure.

> Really? It doesn't look so easy to me. The docs for both Openfire and
> Pidgin make no mention of GSSAPI or Kerberos. Most of the discussions on
> this subject seem to be a couple of years old or have to do with Windows
> environments.

> Then there's the Stanford IT Lab Blog article on Openfire. It's over  
> two years old, but seems to work with Openfire 3.7.0 on my system.  

Yes, that's how we set it up.

> However, I wasn't able to get Pidgin to communicate with it.

Pidgin just worked for us.  There is indeed no UI, which is remarkably
annoying.  But if you have Kerberos tickets already and you just leave the
password field in Pigdin blank, it will do a GSS-API authentication if the
server supports it.

https://itservices.stanford.edu/service/instantmessaging has our end-user
documentation.  We require GSS-API authentication be used, so this has the
details of how to configure the various clients we support.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list