org.jivesoftware.openfire.sasl.ScramSha1SaslServer interacts with UserProvider directly, bypassing the (configurable) AuthProvider. As a result, Scram won't work with other Providers.