Instant Messaging client-server solution?
Jaap Winius
jwinius at umrk.nl
Tue May 24 13:58:22 EDT 2011
Quoting Russ Allbery <rra at stanford.edu>:
> Ah, yeah, if there are forward/reverse DNS lookup problems, that might
> explain the difficulties.
Maybe, maybe not. Still not working for me. But, it's supposed to be a
Kerberized app, so a single interface is probably the right way to go.
> And yeah, we found this almost entirely opaque too. When it works, it
> just works, but if it doesn't work, it's remarkably difficult to get any
> sort of debugging information about why.
However, when it works, it's supposed to pick up a TGT and cache it in
a credentials file in /tmp, right? At the moment that's not happening
for me, even though in the admin console under System Properties it
says:
sasl.gssapi.config /etc/openfire/gss.conf (or jaas.conf)
sasl.gssapi.debug true
sasl.mechs GSSAPI
update.lastCheck 1306240531243
xmpp.auth.anonymous true
BTW, the Stanford IT Lab blog article on Openfire seems to suggest
that the additional code from MIT (which produces a single file,
mitopenfire.jar) is only necessary for the JAAS setup. Is that correct?
Cheers,
Jaap
More information about the Kerberos
mailing list