Atlassian uses cookies to improve your browsing experience, perform analytics and research, and conduct advertising. Accept all cookies to indicate that you agree to our use of cookies on your device. Atlassian cookies and tracking notice, (opens new window)
I've had some time to mess with openfire and java 8. It looks like it indeed breaks sso . I believe this is because openfire uses DES . DES is disabled by default in java 8. It can be enabled by adding allow_weak_crypto=true in the krb5.ini/krb5.conf. However, even after adding this, I'm still unable to get SSO back up and running. reverting back to java 7 on the server, and everything works like a champ.
I'll do some more testing to see if I can come up with a work around, but DES now being considered somewhat insecure, and Java 7 coming up on EOL, it might be a good time to see if a dev can look into this
I've had some time to mess with openfire and java 8. It looks like it indeed breaks sso . I believe this is because openfire uses DES . DES is disabled by default in java 8. It can be enabled by adding allow_weak_crypto=true in the krb5.ini/krb5.conf. However, even after adding this, I'm still unable to get SSO back up and running. reverting back to java 7 on the server, and everything works like a champ.
I'll do some more testing to see if I can come up with a work around, but DES now being considered somewhat insecure, and Java 7 coming up on EOL, it might be a good time to see if a dev can look into this
speedy reports that latest Java 7 update (7u80) also breaks SSO: https://community.igniterealtime.org/thread/55310