Not logged in. · Lost password · Register
Forum: agsXMPP RSS
Windows Authentication for Client Connection
Avatar
MrEdmundo 2008-12-16, 12:57 #1
Member since Dec 2008 · 5 posts
Group memberships: Members
Show profile · Link to this post
Subject: Windows Authentication for Client Connection
Good afternoon boys and girls.

I've done some searching around, and admittedly I'm new to XMPP messaging, but I'm a bit confused.

I have an Openfire server set up which is linked to Active Directory.

Nowhere however can I find how to make a Windows Authenticated connection to the server using the agsXMPP library. The connection always wants me to provide a Username and Password.

Is using Single Sign On possible at all?

Thanks in advance.

Ed
Avatar
Alex 2008-12-16, 15:42 #2
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
see also this thread:
http://forum.ag-software.de/forum.php?req=thread&id=701

SSO is not implemented in agsXMPP.

Alex
Avatar
MrEdmundo 2008-12-16, 15:46 #3
Member since Dec 2008 · 5 posts
Group memberships: Members
Show profile · Link to this post
Alex thanks for the response pal, I had come to this conlusion but wanted to check.

Active Directory linking is obviously something people have spent good time on in Openfire to implement. Do you know if there is a C# library where I can take advantage of Windows Authentication?

Thanks

Ed
Avatar
Alex 2008-12-16, 15:53 #4
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
It may be possible with the NegotiateStream stream from the System.Net.Security. Otherwise you have to use SSPI over PInvoke.
In both cases you have to build an GSSAPI SASL processor for agsXMPP.

Alex
Avatar
MrEdmundo 2008-12-16, 15:57 #5
Member since Dec 2008 · 5 posts
Group memberships: Members
Show profile · Link to this post
Has this been implemented in the community do you know of?

Cheers
Avatar
Alex 2008-12-16, 16:04 #6
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
I have no idea, I did no research on this topic yet.
If you or your company needs this feature we can implement it based on our professional services and give it a higher priority.

Alex
Avatar
MrEdmundo 2008-12-16, 16:16 #7
Member since Dec 2008 · 5 posts
Group memberships: Members
Show profile · Link to this post
The obvious answer is yes, i'd love (therefore my company) for it to be implemented. I'm not quite sure what your professional services are, but I wouldn't be able to get any funding for it.

It seems pretty valid to me that such functionality should exist, particularly when you consider how easy Servers like Openfire are to configure with Active Directory.

If I want to embed messaging of some sort within my application which is otherwise controlled through Windows Authentication, it is not acceptable that I require the users to enter a password, I'm surprised I'm only the second guy to mention it.

Thanks for your time.

Ed
Avatar
Alex 2008-12-16, 16:27 #8
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
Quote by MrEdmundo:
The obvious answer is yes, i'd love (therefore my company) for it to be implemented. I'm not quite sure what your professional services are, but I wouldn't be able to get any funding for it.
with professional services I mean paid services

Quote by MrEdmundo:
It seems pretty valid to me that such functionality should exist, particularly when you consider how easy Servers like Openfire are to configure with Active Directory.

its only Openfire which is that easy to configure to active directory. Its more complicated or impossible for most of the other open source servers. Many commercial servers of course support it as well.

Alex
Avatar
MrEdmundo 2008-12-16, 16:45 #9
Member since Dec 2008 · 5 posts
Group memberships: Members
Show profile · Link to this post
OK, thanks for your help.
Avatar
Alex 2009-06-25, 06:43 #10
Member since Feb 2003 · 4449 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
I added GSSAPI (Kerberos) SASL. SSO authentication should work now with servers which support it.
For a test version please contact me directly by email.
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:

Forum: agsXMPP RSS