The default bug view has changed. See this FAQ.

"Not authorized" error when connecting to an OpenFire XMPP server with the correct password.

RESOLVED FIXED in Thunderbird 18.0


Instant Messaging
5 years ago
4 years ago


(Reporter: florian, Assigned: florian)


Thunderbird 18.0

Thunderbird Tracking Flags

(thunderbird15 fixed, thunderbird16 fixed, thunderbird17 fixed)



(1 attachment)



5 years ago
Paul sent me a log of a failed connection attempt to an OpenFire server (thanks!).

The auth sequence looks like this:
Client: <auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="DIGEST-MD5"/>
Server: <challenge xmlns="urn:ietf:params:xml:ns:xmpp-sasl">[...]</challenge>
Client: <response xmlns="urn:ietf:params:xml:ns:xmpp-sasl">[...]</response>
Server: <success xmlns="urn:ietf:params:xml:ns:xmpp-sasl">[b64 encoded value containing: rspauth=<hex number>]</success>
At this point, Thunderbird marks the account as disconnected with "Not authorized" as the error.

The XMPP spec has an example of the expected exchange at:

Instead of replying "<success ..." the server is expected to reply:
<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
[b64 encoded value containing: rspauth=<hex number>]
And then the exchange finishes with:
Client: <response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>
Server: <success xmlns='urn:ietf:params:xml:ns:xmpp-sasl'/>

Comment 1

5 years ago
Created attachment 656856 [details] [diff] [review]

We can work around it...
Assignee: nobody → florian
Attachment #656856 - Flags: review?(clokep)
Comment on attachment 656856 [details] [diff] [review]

I hate putting in hacks for people that don't support specifications, but OpenFire is a pretty widely used server as far as I know.

Should the comment refer to this bug report, or do we think that comment is sufficient?
Attachment #656856 - Flags: review?(clokep) → review+

Comment 3

5 years ago
(In reply to Patrick Cloke [:clokep] from comment #2)
> Should the comment refer to this bug report, or do we think that comment is
> sufficient?
Or should it refer to an OpenFire bug (to be filed if it does not exist)?
We should file a bug at Openfire yes.

Comment 5

5 years ago
I added a reference to this bug in the comment (as requested in comment 2).
Last Resolved: 5 years ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 18.0
Was an upstream bug ever found or filed? (I had searched briefly myself, but didn't find one...)

Comment 7

5 years ago
I couldn't find one either, but I found other people complaining about the same issue (especially a several years old Pidgin ticket that was closed as expired).

Comment 8

5 years ago
Comment on attachment 656856 [details] [diff] [review]

[Triage Comment]
We've agreed to take this forward for a 15.0.1.
Attachment #656856 - Flags: approval-comm-release+
Attachment #656856 - Flags: approval-comm-beta+
Attachment #656856 - Flags: approval-comm-aurora+
Checked in:
status-thunderbird15: --- → fixed
status-thunderbird16: --- → fixed
status-thunderbird17: --- → fixed
You need to log in before you can comment on or make changes to this bug.