Auto-login without pre-binding with Openfire

[ninevoltz]

I'm using the 0.7.4 tag of roundcube-converse, with Openfire 3.9.3 and Roundcube 1.0.2. I've gotten the chat plugin to work, but I have read that Openfire does not support pre-binding, therefore the plugin will not log in automatically. Is there a way I can simply pass the IMAP username and password to the converse.js script on the server side without pre-binding? I've noticed that manual logins will fail if I assign user="user" instead of user="user@domain" in the config file. I did some debugging and noticed that the Candy XmppPrebind calls fail without throwing an exception, so no errors get logged.

Thanks!

[priyadi]

From a quick googling, I don't think Openfire does not support pre-binding. It's just almost everyone who is having problem happens to be using Openfire, which is probably an indication of popularity of Openfire more than anything else. But I'm sure this is only configuration problem, which I don't have an answer to unfortunately. If you are able to make converse.js connect to Openfire like you said, then it should support prebinding.

I suggest you play with XmppPrebind library, maybe create a small CLI script and try to make it work. Maybe there's some interaction bug between the Candy library and Openfire.

[ninevoltz]

I read about it from Jack Moffitt who wrote a book on XMPP: http://metajack.im/2009/12/14/fastest-xmpp-sessions-with-http-prebinding/#comment-27813797

I will try more debugging, if I find an answer I will offer patches to fix it.

[ninevoltz]

I wrote a custom PHP script and discovered my problem, it was two-fold. First, my Apache server is using TLS only (with a self-signed certificate), and also requires authentication. I had the config file for roundcube-converse setup wrong too. I had to set converse_xmpp_old_style_prebind=true and I had to use the FQDN for my server instead of localhost for the pre-bind URL, because the TLS certificate doesn't match the localhost domain. Since it is a self-signed certificate, I had to tell cURL to trust it, and to use login credentials for Apache. I added two lines to the converse.php script at function send_request() in the curl_setopt_array:

            CURLOPT_CAINFO => '/var/www/html/mail/plugins/converse/local.crt',
            CURLOPT_USERPWD => 'username:password',

I can now confirm that Openfire 3.9.3 DOES in fact support pre-binding. Thanks for all of your work, and your help Priyadi! Everything is working perfectly now.