Our website would like to use cookies to store information on your computer. You may delete and block all cookies from this site, but parts of the site will not work as a result. Find out more about how we use cookies.
Novacaster Community Logo

Login or Register

Welcome!»
Latest Contributions»
Community Areas»
Blogging Areas»
Group Areas»
Business Areas»
Technical Areas»
 
Unknown Masterpiece»

Keyword Search:

Advanced Search
Powered by
Powered by Novacaster
 
iChat and AIM connection problems
by Simon at 09:17 23/05/06 (Blogs::Simon)
Kris and I use iChatAV to chat with her parents in the USA from time to time and it's a service we've come to depend on.

Yesterday, however, something happened either at AIM/AOL or Apple that has caused login attempts to fail 'Could not connect to AIM. Try again. The server message was Auth:BadDbStatus'

This has been ongoing for about 24 hours now, and there's no mention of any problem on the .Mac site, though Apple's discussion forums are filling up with folk reporting the same issue.

The common factor seems to be that this is affecting people trying to login with username@mac.com credentials.

Now iChat attempts to authenticate against login.oscar.aol.com (port 5190 by default, you can also use 443) and that machine appears to be up and running just fine. Indeed, people with AIM accounts seem to be unaffected, which implies that local authentication against AIM/AOL's own user database still works.

If, and this is supposition on my part, on handing login.oscar.aol.com a set of .Mac credentials then a connection is made behind the scenes from AIM/AOL to Apple's user database for .Mac accounts then the failure to login suggests to me that the problem is with the remote authentication service that Apple provide to AIM/AOL.

When I got this error yesterday, I spent some time investigating and discovered that the WebObjects gateway on www.mac.com was failing with a 504 Gateway Timeout error. Although this came back up about 20 minutes after I tested it for the first time, and allowed me to login to my .Mac account on www.mac.com, the iChat login problem has remained.

So what's going on? Apple aren't saying anything (at least nowhere that I can find) and the AppleCare Support phoneline's only suggestion was that I report the issue via the iChat iChat feedback page (which I've done).

If Apple want to be taken seriously (say, as seriously as Google) as a provider of online services - and .Mac is one of their flagship offerings alongside iTunes - then they'd better improve their system status reporting a bit.

Here's the thread on Apple's iChat forum.
--
simon

<< Stonehenge Avenue Alignment - ... We're scared of comets for a r... >>
View Comments (Threaded Mode) Printer Version
iChat and AIM connection problems Simon - 09:17 23/05/06
Re: iChat and AIM connection problems Gordon Hundley - 21:12 23/05/06
The iChat service is actually really badly set up. It authenticates through AOL's servers, which then proxy back to Apple's servers. It's possible that the glitch was at the AOL end - you auth on AIM, the AIM radius server tries to get credentials from Apple, and due to a error in that part of the process fails. Looks like Apple's at fault, but it might have been a network issue with AOL's provider and out of their hands.

Of course, the big question (other than why don't they build their own bloody infrastructure with a gateway to AIM) is why they don't acknowledge service outages and let customers know that they are working on a resolution. It's very poor service for the dosh we throw at them.

The irony of the much-loathed free Mickey Mouse provider working while the Apple 'geniuses' are unable to provide an expensive service is not lost on me.

Here's the ultimate solution - set up your own XMPP server and use iChat with that instead.

http://www.jivesoftware.org/wildfire/

--
DrGoon

Re: iChat and AIM connection problems Simon - 08:53 24/05/06
I sniffed the traffic while the problem was still happening, and the trace showed that the timeout was happening immediately after iChat sent the username@mac.com string across the wire but prior to the password being sent.

The way I think it works is by AIM's servers spotting a .Mac username and then attempting to proxy that login session to Apple's user db for the actual credential verification.

Surely otherwise AIM would have sight of (if not local copies of) the .Mac account credentials - which has to be in violation of any number of data protection principles (there not being, as far as I can remember, anything in the iChat terms and conditions about agreeing to share account details with a 3rd party - ie AOL.)

The real issue is as you say - Apple's lack of acknowledgement of the problem.

I'll take a look at Wildfire, but really I don't want the hassle of having to tell everyone that if they need to chat to me then they'll have to reconfigure their client to use a different server - losing their AIM-hosted buddy list in the process.

--
simon