We recently upgraded from UC 10.5.2 to 11.5.1 (CUCM,CUPS and CUC).
We use Jabber for Windows and MAC devices, all working well, but all 3rd party XMPP clients can no longer authenticate.
Looking at the debug logs of an XMPP client (such as Pidgin), it shows the problem:
(11:26:42) jabber: Sending (ssl) (email@example.com): <stream:stream to='mydomain.com' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
(11:26:42) jabber: Recv (ssl)(178): <stream:stream xmlns='jabber:client' xml:lang='en-US.UTF-8' xmlns:stream='http://etherx.jabber.org/streams' from='mydomain.com' id='TJbNCkdwzZW7RT0o0SvDvA6628' version='1.0'>
(11:26:42) jabber: Recv (ssl)(139): <stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>CISCO-VTG-TOKEN</mechanism></mechanisms></stream:features>
(11:26:42) sasl: Mechs found: CISCO-VTG-TOKEN
(11:26:42) sasl: No worthy mechs found
(11:26:42) connection: Connection error on 06DF7CE8 (reason: 3 description: Server does not use any supported authentication method)
However, according to Cisco documentation, CUPS should support/allow both PLAIN AND CISCO-VTG-TOKEN mechanisms.
Cisco Unified CM IM and Presence provides two different SASL authentication mechanisms when connecting over the XMPP Interface: PLAIN and CISCO_VTG_TOKEN. When an XMPP Client connects to Cisco Unified CM IM and Presence, the server will return the supported SASL authentication mechanisms in in stream features:
Seeing as CUPS is not sending the PLAIN mechanism option to the client, it cannot proceed.
Does anyone know a setting in CUPS where it may have been disabled, or how else to check/debug?