Server did not report any SASL mechanisms with smack 4.3.4 (#1407)

Unknown opened 5 years ago

I have a problem with… A clear and concise description of what the problem is.

Details (please complete the following information):

Tigase version: tigase-server-8.1.0-b10857
JVM flavour and version [e.g. AdoptOpenJDK11]
Operating system/distribution/version [e.g. Linux Ubuntu 18.04]

when i login with smack4.3.4 i get this error ,can you help me,thanks config.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled)

2020-09-06 18:50:33.098 5797-6691/com.huang.testxmpp W/SASLAuthentication: Server did not report any SASL mechanisms
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp I/wangqx: 192 xe=org.jivesoftware.smack.SmackException: No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: []. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: null. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp W/System.err: org.jivesoftware.smack.SmackException: No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: []. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: null. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.SASLAuthentication.selectMechanism(SASLAuthentication.java:361)
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:192)
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.tcp.XMPPTCPConnection.loginInternal(XMPPTCPConnection.java:403)
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:546)
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:520)
2020-09-06 18:50:33.099 5797-6691/com.huang.testxmpp W/System.err:     at com.huang.xmpp.XmppConnection.login(XmppConnection.java:226)
2020-09-06 18:50:33.100 5797-6691/com.huang.testxmpp W/System.err:     at com.huang.testxmpp.LoginActivity$4.run(LoginActivity.java:193)
2020-09-06 18:50:33.100 5797-6691/com.huang.testxmpp W/System.err:     at java.lang.Thread.run(Thread.java:929)
2020-09-06 18:52:21.986 5797-6132/com.huang.testxmpp D/SMACK: RECV (0): </stream:stream>
2020-09-06 18:52:21.987 5797-6132/com.huang.testxmpp I/XMPPTCPConnection: XMPPTCPConnection[not-authenticated] (0) received closing </stream> element. Server wants to terminate the connection, calling disconnect()
2020-09-06 18:52:21.992 5797-6131/com.huang.testxmpp D/SMACK: SENT (0): 
2020-09-06 18:52:21.992 5797-6131/com.huang.testxmpp D/SMACK: SENT (0): </stream:stream>
2020-09-06 18:52:21.994 5797-6131/com.huang.testxmpp W/XMPPTCPConnection: Exception writing closing stream element
    java.net.SocketException: Socket closed
        at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:124)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:161)
        at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221)
        at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291)
        at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295)

my config.tdsl

admins = [
       root
 ]
   'config-type' = 'default'
   debug = [ 'server' ]
   'default-virtual-host' = 'test.com'
  dataSource () {
      default () {
          uri = 'mongodb://tigase_user:xxx@localhost/tigasedb'
     }
  }
  http () {
      setup () {
         'admin-password' = 'xxx'
          'admin-user' = 'root'
     }
 }
  pubsub () {
     trusted = [ 'http@{clusterNode}' ]
 }
 'sess-man' () {
     starttls (active: false) {}
     'unified-message-archive-xep-0136' (active: false) {}
  }

Activities

Unknown commented 5 years ago
Could you share complete stanza exchange?

From what I gather it seems that you try to connect to the Tigase without using StartTLS (starttls (active: false) {} in Tigase and config.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled) in Smack).

By default Tigase doesn't advertise SASL mechanism without TLS. You should disable requiring TLS to establish connection: https://docs.tigase.net/tigase-server/master-snapshot/Administration_Guide/html/#tlsFeaturesConfiguration https://docs.tigase.net/tigase-server/master-snapshot/Administration_Guide/html/#hardenedMode

Make sure you disable it in TDSL configuration file as without it you won't be able to change VHost configuration (which also requires disabling TLS-required configuration option:

'vhost-tls-required' = false
Unknown commented 5 years ago
Could you share complete stanza exchange?

From what I gather it seems that you try to connect to the Tigase without using StartTLS (starttls (active: false) {} in Tigase and config.setSecurityMode(ConnectionConfiguration.SecurityMode.disabled) in Smack).

By default Tigase doesn't advertise SASL mechanism without TLS. You should disable requiring TLS to establish connection: https://docs.tigase.net/tigase-server/master-snapshot/Administration_Guide/html/#tlsFeaturesConfiguration https://docs.tigase.net/tigase-server/master-snapshot/Administration_Guide/html/#hardenedMode

Make sure you disable it in TDSL configuration file as without it you won't be able to change VHost configuration (which also requires disabling TLS-required configuration option:

'vhost-tls-required' = false

ok，thanks, i try it

Unknown commented 5 years ago

I try it,but also erro in tigase 8.1.0，which it is ok in tigase 8.0.0

this is config.tdsl 8.0.0

debug = [ 'server' ]
'default-virtual-host' = 'xxx.com'
dataSource () {
    default () {
        uri = 'mongodb://root:xxxx@xxx/tigasedb81'
    }
}
http () {
    setup () {
        'admin-password' = 'xxx..'
        'admin-user' = 'root'
    }
}
pubsub () {
    trusted = [ 'http@{clusterNode}' ]
}
}

this is config.tdsl 8.1.0

debug = [ 'server' ]
'default-virtual-host' = 'xxx.com'
dataSource () {
    default () {
        uri = 'mongodb://root:xxxx@xxx/tigasedb81'
    }
}
http () {
    setup () {
        'admin-password' = 'xxx..'
        'admin-user' = 'root'
    }
}
pubsub () {
    trusted = [ 'http@{clusterNode}' ]
}
 'sess-man' () {
     starttls (active: false) {}
     'unified-message-archive-xep-0136' (active: false) {}
  }
'vhost-man' () {
    'defaults' () {
        'vhost-register-enabled' = true
        'vhost-tls-required' = false
    }
}

2020-09-11 23:10:57.236 12727-17680/com.huang.testxmpp D/SMACK: SENT (5): <iq to='dowa.com' id='4ySSt-39' type='set'><query xmlns='jabber:iq:register'><password>123456</password><username>1000</username></query></iq>
2020-09-11 23:10:57.717 12727-17681/com.huang.testxmpp D/SMACK: RECV (5): <iq xmlns="jabber:client" id="4ySSt-39" from="dowa.com" type="result"/>
2020-09-11 23:10:57.761 12727-12767/com.huang.testxmpp D/mali_winsys: EGLint new_window_surface(egl_winsys_display *, void *, EGLSurface, EGLConfig, egl_winsys_surface **, EGLBoolean) returns 0x3000
2020-09-11 23:10:57.769 12727-12767/com.huang.testxmpp D/OpenGLRenderer: disableOutlineDraw is true
2020-09-11 23:10:59.741 12727-12767/com.huang.testxmpp W/libEGL: EGLNativeWindowType 0x771a628bd0 disconnect failed
2020-09-11 23:11:22.425 12727-12727/com.huang.testxmpp V/AudioManager: querySoundEffectsEnabled...
2020-09-11 23:11:22.428 12727-18113/com.huang.testxmpp I/wangqx: login  account=1000
2020-09-11 23:11:22.428 12727-18113/com.huang.testxmpp I/wangqx: login  password=123456
2020-09-11 23:11:22.428 12727-18113/com.huang.testxmpp W/SASLAuthentication: Server did not report any SASL mechanisms
2020-09-11 23:11:22.428 12727-18113/com.huang.testxmpp I/wangqx: 192 xe=org.jivesoftware.smack.SmackException: No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: []. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: null. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].
2020-09-11 23:11:22.428 12727-18113/com.huang.testxmpp W/System.err: org.jivesoftware.smack.SmackException: No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: []. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: null. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].
2020-09-11 23:11:22.428 12727-18113/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.SASLAuthentication.selectMechanism(SASLAuthentication.java:361)
2020-09-11 23:11:22.428 12727-18113/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:192)
2020-09-11 23:11:22.429 12727-18113/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.tcp.XMPPTCPConnection.loginInternal(XMPPTCPConnection.java:403)
2020-09-11 23:11:22.429 12727-18113/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:546)
2020-09-11 23:11:22.429 12727-18113/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:520)
2020-09-11 23:11:22.429 12727-18113/com.huang.testxmpp W/System.err:     at com.huang.xmpp.XmppConnection.login(XmppConnection.java:226)
2020-09-11 23:11:22.429 12727-18113/com.huang.testxmpp W/System.err:     at com.huang.testxmpp.LoginActivity$4.run(LoginActivity.java:193)
2020-09-11 23:11:22.429 12727-18113/com.huang.testxmpp W/System.err:     at java.lang.Thread.run(Thread.java:929)
2020-09-11 23:12:21.166 12727-17681/com.huang.testxmpp D/SMACK: RECV (5): </stream:stream>
2020-09-11 23:12:21.167 12727-17681/com.huang.testxmpp I/XMPPTCPConnection: XMPPTCPConnection[not-authenticated] (5) received closing </stream> element. Server wants to terminate the connection, calling disconnect()
2020-09-11 23:12:21.171 12727-17680/com.huang.testxmpp D/SMACK: SENT (5): 
2020-09-11 23:12:21.171 12727-17680/com.huang.testxmpp D/SMACK: SENT (5): </stream:stream>

Unknown commented 5 years ago

You should configure 'vhost-tls-required' = false in the root context (i.e. not within any other configuration, see below) and disable it also in VHosts configuration (both your main VHost and default VHost.

debug = [ 'server' ]
'default-virtual-host' = 'xxx.com'
dataSource () {
    default () {
        uri = 'mongodb://root:xxxx@xxx/tigasedb81'
    }
}
http () {
    setup () {
        'admin-password' = 'xxx..'
        'admin-user' = 'root'
    }
}
pubsub () {
    trusted = [ 'http@{clusterNode}' ]
}
 'sess-man' () {
     starttls (active: false) {}
     'unified-message-archive-xep-0136' (active: false) {}
  }
'vhost-tls-required' = false
'vhost-man' () {
    'defaults' () {
        'vhost-register-enabled' = true
        'vhost-tls-required' = false
    }
}

Please note that we recommend using TLS, even with self-signed certificate.

Unknown commented 5 years ago

You should configure 'vhost-tls-required' = false in the root context (i.e. not within any other configuration, see below) and disable it also in VHosts configuration (both your main VHost and default VHost.
debug = [ 'server' ]
'default-virtual-host' = 'xxx.com'
dataSource () {
    default () {
        uri = 'mongodb://root:xxxx@xxx/tigasedb81'
    }
}
http () {
    setup () {
        'admin-password' = 'xxx..'
        'admin-user' = 'root'
    }
}
pubsub () {
    trusted = [ 'http@{clusterNode}' ]
}
 'sess-man' () {
     starttls (active: false) {}
     'unified-message-archive-xep-0136' (active: false) {}
  }
'vhost-tls-required' = false
'vhost-man' () {
    'defaults' () {
        'vhost-register-enabled' = true
        'vhost-tls-required' = false
    }
}
Please note that we recommend using TLS, even with self-signed certificate.

thansk very much for your reply, i have do what you say but it also error tigase-server-8.1.0-b10857 that

xxx
 'sess-man' () {
     starttls (active: false) {}
     'unified-message-archive-xep-0136' (active: false) {}
  }
'vhost-tls-required' = false
'vhost-man' () {
    'defaults' () {
        'vhost-register-enabled' = true
        'vhost-tls-required' = false
    }
}
xxx

2020-09-12 09:18:37.876 3530-4978/com.huang.testxmpp D/SMACK: SENT (3): <stream:stream xmlns='jabber:client' to='dowa.com' xmlns:stream='http://etherx.jabber.org/streams' version='1.0' xml:lang='en'>
2020-09-12 09:18:37.903 3530-4979/com.huang.testxmpp D/SMACK: RECV (3): <?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' from='dowa.com' id='f08a56c7-5e16-4fa1-bd00-386e39632041' version='1.0' xml:lang='en'>
2020-09-12 09:18:37.923 3530-4979/com.huang.testxmpp D/SMACK: RECV (3): <stream:features><sm xmlns="urn:xmpp:sm:3"/><register xmlns="http://jabber.org/features/iq-register"/><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"/><ver xmlns="urn:xmpp:features:rosterver"/><sub xmlns="urn:xmpp:features:pre-approval"/><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression></stream:features>
2020-09-12 09:18:37.924 3530-4977/com.huang.testxmpp I/XMConnectionListener: connected
2020-09-12 09:18:44.576 3530-3530/com.huang.testxmpp D/InputTransport: history resample interval is too short, cannot uses it to resample!!
2020-09-12 09:18:44.603 3530-3530/com.huang.testxmpp V/AudioManager: querySoundEffectsEnabled...
2020-09-12 09:18:44.607 3530-4985/com.huang.testxmpp I/wangqx: login  account=1001
2020-09-12 09:18:44.607 3530-4985/com.huang.testxmpp I/wangqx: login  password=123456
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/SASLAuthentication: Server did not report any SASL mechanisms
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp I/wangqx: 192 xe=org.jivesoftware.smack.SmackException: No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: []. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: null. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err: org.jivesoftware.smack.SmackException: No supported and enabled SASL Mechanism provided by server. Server announced mechanisms: []. Registered SASL mechanisms with Smack: [SASL Mech: SCRAM-SHA-1-PLUS, Prio: 100, SASL Mech: SCRAM-SHA-1, Prio: 110, SASL Mech: DIGEST-MD5, Prio: 210, SASL Mech: PLAIN, Prio: 410, SASL Mech: X-OAUTH2, Prio: 410, SASL Mech: ANONYMOUS, Prio: 500, SASL Mech: EXTERNAL, Prio: 510]. Enabled SASL mechanisms for this connection: null. Blacklisted SASL mechanisms: [SCRAM-SHA-1-PLUS].
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.SASLAuthentication.selectMechanism(SASLAuthentication.java:361)
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:192)
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.tcp.XMPPTCPConnection.loginInternal(XMPPTCPConnection.java:403)
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:546)
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at org.jivesoftware.smack.AbstractXMPPConnection.login(AbstractXMPPConnection.java:520)
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at com.huang.xmpp.XmppConnection.login(XmppConnection.java:226)
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at com.huang.testxmpp.LoginActivity$4.run(LoginActivity.java:193)
2020-09-12 09:18:44.608 3530-4985/com.huang.testxmpp W/System.err:     at java.lang.Thread.run(Thread.java:929)

Unknown commented 5 years ago

i run it corretly in tigase8.0.0，but error in tigase 8.1.0 and 8.2.0, i know it is correct with using TLS, even with self-signed certificate. but i don`t know how to using with self-signed certificate and how to self-signed certificate,can you provide some information,i am just personal interest to study xmpp not company，so i usually disabled tls,thanks your help
Unknown commented 5 years ago

thansk very much for your reply, i have do what you say but it also error tigase-server-8.1.0-b10857 that i run it corretly in tigase8.0.0，but error in tigase 8.1.0 and 8.2.0,

Could you check the logs that VHost indeed has disabled TLS - please check lines with VHostItem: (Wrapped)Domain:… - it should has tls: false

i know it is correct with using TLS, even with self-signed certificate. but i don`t know how to using with self-signed certificate and how to self-signed certificate,can you provide some information,i am just personal interest to study xmpp not company，so i usually disabled tls,thanks your help

Self-signed certificate is created when you create fist (TLS) connection to the Tigase XMPP Server (if no regular certificate is present). In case of client-side - you should either see a notification that the certificate is untrusted or, when you use a library - you should handle certificate validation (most likely override trust checking)
Unknown commented 2 years ago

@wrrgit: Have you looked the @woj-tek comment?
Unknown commented 2 years ago

@Neustradamus please don't bump ancient issues!
Unknown commented 2 years ago

Closing due to lack of feedback
Login to comment

Type

Question

Issue Votes (0)

Watchers (0)

Reference

tigase/_server/server-core#1407