Note: There are a few cases of duplicates in user autocompletion which are being worked on.

"Not authorized" error when connecting to an OpenFire XMPP server with the correct password.

RESOLVED FIXED in Thunderbird 18.0


Instant Messaging
5 years ago
5 years ago


(Reporter: florian, Assigned: florian)


Thunderbird 18.0

Thunderbird Tracking Flags

(thunderbird15 fixed, thunderbird16 fixed, thunderbird17 fixed)



(1 attachment)



5 years ago
Paul sent me a log of a failed connection attempt to an OpenFire server (thanks!).

The auth sequence looks like this:
Client: <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="DIGEST-MD5"/>
Server: <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">[...]</challenge>
Client: <response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">[...]</response>
Server: <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl">[b64 encoded value containing: rspauth=<hex number>]</success>
At this point, Thunderbird marks the account as disconnected with "Not authorized" as the error.

The XMPP spec has an example of the expected exchange at:

Instead of replying "<success ..." the server is expected to reply:
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
[b64 encoded value containing: rspauth=<hex number>]
And then the exchange finishes with:
Client: <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
Server: <success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>

Comment 1

5 years ago
Created attachment 656856 [details] [diff] [review]

We can work around it...
Assignee: nobody → florian
Attachment #656856 - Flags: review?(clokep)
Comment on attachment 656856 [details] [diff] [review]

I hate putting in hacks for people that don't support specifications, but OpenFire is a pretty widely used server as far as I know.

Should the comment refer to this bug report, or do we think that comment is sufficient?
Attachment #656856 - Flags: review?(clokep) → review+

Comment 3

5 years ago
(In reply to Patrick Cloke [:clokep] from comment #2)
> Should the comment refer to this bug report, or do we think that comment is
> sufficient?
Or should it refer to an OpenFire bug (to be filed if it does not exist)?
We should file a bug at Openfire yes.

Comment 5

5 years ago
I added a reference to this bug in the comment (as requested in comment 2).
Last Resolved: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 18.0
Was an upstream bug ever found or filed? (I had searched briefly myself, but didn't find one...)

Comment 7

5 years ago
I couldn't find one either, but I found other people complaining about the same issue (especially a several years old Pidgin ticket that was closed as expired).

Comment 8

5 years ago
Comment on attachment 656856 [details] [diff] [review]

[Triage Comment]
We've agreed to take this forward for a 15.0.1.
Attachment #656856 - Flags: approval-comm-release+
Attachment #656856 - Flags: approval-comm-beta+
Attachment #656856 - Flags: approval-comm-aurora+
Checked in:
status-thunderbird15: --- → fixed
status-thunderbird16: --- → fixed
status-thunderbird17: --- → fixed
You need to log in before you can comment on or make changes to this bug.