Well, you can always install the Java-monitor plugin for Openfire and tell for yourself.
From what little I know from Openfire it is quite memory hungry. Also you need to keep a eye on the permgen. The user ID's are interned for locking purposes, so Openfire leans on the string pool quick hard.
What exact exception do you get?