Opened 7 years ago

Last modified 6 years ago

#15326 new defect

Cannot connect using BOSH

Reported by: captn3m0 Owned by: deryni
Milestone: Component: XMPP
Version: 2.10.6 Keywords:
Cc: davija, thierrymallard


I use a to host my own xmpp server, and I am able to connect to it using BOSH from the client. However, pidgin is unable to connect at all.

I've tried pidgin 2.10.3, and pidgin 2.10.6. With pidgin 2.10.3, the following happens: (debug log). I got the following response from Juan Pablo, developer:

thanks for your detailed report. It seems Pidgin client has a bug on it's BOSH implementation. According to your logs and my own tests, it first tries to perform a legacy authentication (just sending username and password to the server in plain mode). However, although hosted.IM supports legacy authentication, this connection is rejected because Pidgin previously initiated the stream with the attribute version="1.0", which by definition, doesn't allow plain authentication. In other words, Pidgin client should choose two optional (exclusive) paths: open a non 1.0 stream and do plain auth, or open a 1.0 stream an do SASL auth.

In 2.10.6, something different happens, and pidgin reports that "Server does not use any supported authentication method". The debug log for 2.10.6 is attached as well.

Attachments (1)

debug.log (20.7 KB) - added by captn3m0 7 years ago.
Debug log in pidgin 2.10.6

Download all attachments as: .zip

Change History (3)

Changed 7 years ago by captn3m0

Debug log in pidgin 2.10.6

comment:1 Changed 6 years ago by davija

I can also confirm this behavior when trying to connect to an openfire 3.7.1 server. All other clients I have tried can connect via BOSH, only pidgin cannot.

comment:2 Changed 6 years ago by thierrymallard

Same problem with version 2.10.7 (Ubuntu 13.04) connecting to

The problem isn't seen using Gajim for instance.

Note: See TracTickets for help on using tickets.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!