问题
I am unable to implement Multifactor Authentication .
The error i am getting is
TID: [0] [WSO2 Identity Server] [2012-10-30 10:31:38,620] ERROR {org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider} - login failed. Trying again.. {org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider}
SASL authentication failed:
at org.jivesoftware.smack.SASLAuthentication.authenticate (SASLAuthentication.java:209)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:341)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:301)
This is for wso2 Identity Server 3.2.3 . Straight out of the box. No additional configuration performed to run this instance of Identity Server.
It appears that signing in as admin , the ldap authentication is completed and then authentication with gtalk is attempted when the error occurs.
Should I be setting my own configuration in the identity.xml where gtalk is being set?
<MultifactorAuthentication>
<XMPPSettings>
<XMPPConfig>
<XMPPProvider>gtalk</XMPPProvider>
<XMPPServer>talk.google.com</XMPPServer>
<XMPPPort>5222</XMPPPort>
<XMPPExt>gmail.com</XMPPExt>
<XMPPUserName>multifactor1@gmail.com</XMPPUserName>
<XMPPPassword>wso2carbon</XMPPPassword>
</XMPPConfig>
</XMPPSettings>
</MultifactorAuthentication>
回答1:
I found out that I do need to set up a google talk account.
1) I added the new settings to the MultifactorAuthentication configuration.
2) I restarted the server.
3) I edited the user account with another new google talk account.
4) I logged out.
5) Logged back in via relyingparty url with openid ,
6) received communication over gtalk requesting pin .
7) I entered the pin and got logged in.
It would have been nice if wso2 had i their documentation the need to setup the settings for this configuration to get multifactor authentication to work out of the box.
Hopefully, this will help anybody experiencing the same difficulties.
来源:https://stackoverflow.com/questions/13143776/wso2-identity-server-multifactor-authentication-error