Closed poVoq closed 6 years ago
What do you see in ejabberd and xmpp-cloud-auth logs?
Using xclib/tests/generateTimeLimitedToken
you can create a token according to your wishes and then try and authenticate with that token (as a password) from a "normal" XMPP client as well.
Ok will try on the weekend, no access to the server right now. Thanks for the help.
Hmm, so the xcauth.log doesn't say anything about it, except one(!) time (out of maybe 30 tries) where it randomly worked and it said "token is valid", but I can't reproduce it working since and there really isn't anything different I did then. Maybe some timeout value or something that would be effected by the response-time of the servers involved?
The ejabbered.log is also not very helpful.
Without time limited tokens in NC enabled:
2018-01-06 12:37:44.229 [info] <0.1692.0>@ejabberd_c2s:handle_auth_success:433 (http_bind|ejabberd_bosh) Accepted c2s PLAIN authentication for myuser@users.mydomain.com by external backend from ::FFFF:127.0.0.1
With time limited tokens in NC enabled:
2018-01-06 12:39:31.283 [info] <0.1724.0>@ejabberd_c2s:handle_auth_failure:443 (http_bind|ejabberd_bosh) Failed c2s PLAIN authentication for myuser@users.mydomain.com from ::FFFF:127.0.0.1:Invalid username or password
I also can't quite understand how to do the generateTimeLimitedToken test, it says:
Usage: generateTimeLimitedToken USER DOMAIN SECRET TTL STARTTIME
which is not so self explanatory :cry: could you give me a practical example, please?
Edit: it that helps: I am reverse-proxying the BOSH with nginx.
Ok this gets stranger and stranger... now after waiting a bit it suddenly worked again once (after logout-login not any more though), but then all other non JSXC XMPP clients I have stopped connecting to ejabberd. Only after restarting ejabberd I was able to get my desktop client etc to log in again.
Any more information or reason to keep this open?
Closing for now.
I am trying to set up time limited tokens with my ejabberd 17-11 installation, but even though everything works great without it activated in my Nextcloud 12.0.4 installation, I can't seem to figure out why it doesn't with.
I followed the installation.md and the configured "cache-db=/var/cache/xcauth/user-cache.db" file gets created fine.
But when I check the "time limited token" box in Nextcloud and logout and in the JSXC doesn't show up any more.
In the console I get the following messages:
State changed to INITIATING Try to relogin I am not able to relogin State changed to TRYTOINTERCEPT State changed to INTERCEPTED State changed to ESTABLISHING New connection CONNECTING: null AUTHFAIL: null
and a bit later:
State changed to INITIATING Try to relogin I am currently busy and will try again later. Please be patient.
But that's it...
Help much apprechiated.