Using OpenID4me + FOAF+SSL fails
10 views
Skip to first unread message
mamund
May 10, 2010, 4:07:02 PM5/10/10
to foaf.me
I am testing my FOAF+SSL using this site:
When i supply http://openid4.me, I am forwarded to the openid4.me
site, i see the "Login using my FOAF+SSL Client Certificate" and when
I click on that button I am returned to the test page with the
following failure message:
OpenID authentication failed: No matching endpoint found after
discovering https://openid4.me/mamund.com/foaf.rdf%23me
Not sure how to debug this:
- Is OpenID4.me not working right now?
- Is my FOAF file bad?
- Am I doing it wrong?
FWIW, my FOAF+SSL seems to work fine for the Relying Parties listed
here:
http://esw.w3.org/Foaf%2Bssl/RelyingParties
Any pointers will be appreciated.
--
You received this message because you are subscribed to the Google Groups "foaf.me" group.
To post to this group, send email to foa...@googlegroups.com.
To unsubscribe from this group, send email to foafme+un...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/foafme?hl=en.
When i supply http://openid4.me, I am forwarded to the openid4.me
site, i see the "Login using my FOAF+SSL Client Certificate" and when
I click on that button I am returned to the test page with the
following failure message:
OpenID authentication failed: No matching endpoint found after
discovering https://openid4.me/mamund.com/foaf.rdf%23me
Not sure how to debug this:
- Is OpenID4.me not working right now?
- Is my FOAF file bad?
- Am I doing it wrong?
FWIW, my FOAF+SSL seems to work fine for the Relying Parties listed
here:
http://esw.w3.org/Foaf%2Bssl/RelyingParties
Any pointers will be appreciated.
--
You received this message because you are subscribed to the Google Groups "foaf.me" group.
To post to this group, send email to foa...@googlegroups.com.
To unsubscribe from this group, send email to foafme+un...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/foafme?hl=en.
Akbar Hossain
May 11, 2010, 5:01:20 PM5/11/10
to foa...@googlegroups.com
Hi,
What openid relying party are you trying to log into?
There does seem to be a problem depending on the client library being used.
Some of the libraries seem to check if the transport protocol being used.
You might want to try https://openid4.me rather than http://openid4.me.
Thanks
ps - Sorry for the delay in approving your first post to this group. And thanks for reporting the issue.
What openid relying party are you trying to log into?
There does seem to be a problem depending on the client library being used.
Some of the libraries seem to check if the transport protocol being used.
You might want to try https://openid4.me rather than http://openid4.me.
Thanks
ps - Sorry for the delay in approving your first post to this group. And thanks for reporting the issue.
mike amundsen
May 11, 2010, 5:12:46 PM5/11/10
to foa...@googlegroups.com
Akbar:
Thanks for the reply.
I am testing using this page:
http://www.openid-ldap.org/test.php
When I use https://openid4.me there:
- i get redirected to https://openid4.me/index.php
- prompted to approve the cert (if this is the first time)
- presented the page content including the two buttons
- i press the "Login using FOAF+SSL...." button and
- i am redirected to http://www.openid-ldap.org/test.php (with lots of
query params)
- and i see the following message:
OpenID authentication failed: Bad signature
If I use http://openid4.me instead, all goes the same except the final
error message is this:
like more details from me.
Thanks in advance.
mca
http://amundsen.com/blog/
Thanks for the reply.
I am testing using this page:
http://www.openid-ldap.org/test.php
When I use https://openid4.me there:
- i get redirected to https://openid4.me/index.php
- prompted to approve the cert (if this is the first time)
- presented the page content including the two buttons
- i press the "Login using FOAF+SSL...." button and
- i am redirected to http://www.openid-ldap.org/test.php (with lots of
query params)
- and i see the following message:
OpenID authentication failed: Bad signature
If I use http://openid4.me instead, all goes the same except the final
error message is this:
OpenID authentication failed: No matching endpoint found after
discovering https://openid4.me/mamund.com/foaf.rdf%23me
Let me know if there is a better site to use for testing or if you'd
discovering https://openid4.me/mamund.com/foaf.rdf%23me
like more details from me.
Thanks in advance.
mca
http://amundsen.com/blog/
Akbar Hossain
May 11, 2010, 5:45:56 PM5/11/10
to foa...@googlegroups.com
Hi,
I normally test against http://wiki.foaf-project.org/w/Special:OpenIDLogin
I'm not too familiar with openid-ldap but interestingly I tried http://akbarhossain.com against http://www.openid-ldap.org/test.php
and got the bad signature error.
Although the page does say "Note: There is an issue with some servers, showing "Bad signature" error message after successful login. This is an issue with our test page implementation, not with those servers."
I then tried http://akbarhossain.com against http://www.wasab.dk/morten/2007/11/openid/ (which the open-ldap site says it is based on) and i got in.
I cant get into http://www.wasab.dk/morten/2007/11/openid/ with either http://openid4.me or https://openid4.me but that might be for other reasons.
Anyway if perhaps you try the foaf wiki first to confirm your set up is correct we can take it from there.
Thanks
I normally test against http://wiki.foaf-project.org/w/Special:OpenIDLogin
I'm not too familiar with openid-ldap but interestingly I tried http://akbarhossain.com against http://www.openid-ldap.org/test.php
and got the bad signature error.
Although the page does say "Note: There is an issue with some servers, showing "Bad signature" error message after successful login. This is an issue with our test page implementation, not with those servers."
I then tried http://akbarhossain.com against http://www.wasab.dk/morten/2007/11/openid/ (which the open-ldap site says it is based on) and i got in.
I cant get into http://www.wasab.dk/morten/2007/11/openid/ with either http://openid4.me or https://openid4.me but that might be for other reasons.
Anyway if perhaps you try the foaf wiki first to confirm your set up is correct we can take it from there.
Thanks
mike amundsen
May 11, 2010, 5:47:19 PM5/11/10
to foa...@googlegroups.com
thanks for the quick follow up.
i'll do some more testing and let you know if anything consistent turns up.
mca
http://amundsen.com/blog/
On Tue, May 11, 2010 at 17:45, Akbar Hossain
i'll do some more testing and let you know if anything consistent turns up.
mca
http://amundsen.com/blog/
On Tue, May 11, 2010 at 17:45, Akbar Hossain
mike amundsen
May 11, 2010, 6:05:28 PM5/11/10
to foa...@googlegroups.com
ok, here's something that might point to a problem w/ my WebID, maybe
my FOAF file.
I tested at the wiki
(http://wiki.foaf-project.org/w/Special:OpenIDLogin) and, after
loading the cert and getting directed back to the wiki, i see the "end
point" message again:
<snip>
Verification of the OpenID URL failed. Error message: "No matching
</snip>
For grins, I activated the openid4.me link shown in that message and I see this:
<snip>
Fullname: Not found (foaf:name)
Nickname: Not found (foaf:nick)
Email Address: Not found (foaf:mbox)
WebID: http://mamund.com/foaf.rdf#me
.. the expected RSA material
</snip>
Is this the expected reply?
I also tested the other link
(http://www.wasab.dk/morten/2007/11/openid/ ) and, after confirming,
get this error message:
<snip>
OpenID authentication failed: No OpenID information found at
https://openid4.me/mamund.com/foaf.rdf%23me
</snip>
FWIW, I checked and both /foaf.rdf#me and /foaf.rdf%23me do return the
FOAF file.
I'll do some additional work on my end and let you know what I find.
mca
http://amundsen.com/blog/
my FOAF file.
I tested at the wiki
(http://wiki.foaf-project.org/w/Special:OpenIDLogin) and, after
loading the cert and getting directed back to the wiki, i see the "end
point" message again:
<snip>
Verification of the OpenID URL failed. Error message: "No matching
</snip>
For grins, I activated the openid4.me link shown in that message and I see this:
<snip>
Fullname: Not found (foaf:name)
Nickname: Not found (foaf:nick)
Email Address: Not found (foaf:mbox)
WebID: http://mamund.com/foaf.rdf#me
.. the expected RSA material
</snip>
Is this the expected reply?
I also tested the other link
(http://www.wasab.dk/morten/2007/11/openid/ ) and, after confirming,
get this error message:
<snip>
OpenID authentication failed: No OpenID information found at
https://openid4.me/mamund.com/foaf.rdf%23me
</snip>
FWIW, I checked and both /foaf.rdf#me and /foaf.rdf%23me do return the
FOAF file.
I'll do some additional work on my end and let you know what I find.
mca
http://amundsen.com/blog/
Akbar Hossain
May 11, 2010, 6:09:07 PM5/11/10
to foa...@googlegroups.com
Hi,
Could you try https://openid4.me
I believe the client side is checking that the response is from the same transport protocol that sent the request on.
But I will play with it a bit more - later on to see if i can work out a way around this check.
Thanks
Could you try https://openid4.me
I believe the client side is checking that the response is from the same transport protocol that sent the request on.
But I will play with it a bit more - later on to see if i can work out a way around this check.
Thanks
mike amundsen
May 11, 2010, 6:14:14 PM5/11/10
to foa...@googlegroups.com
!aha!
using HTTPS on the FOAF Wiki gets me in just fine.
Let me know if there is anything else I can do to test or sort out details.
Thanks again.
mca
http://amundsen.com/blog/
On Tue, May 11, 2010 at 18:09, Akbar Hossain
using HTTPS on the FOAF Wiki gets me in just fine.
Let me know if there is anything else I can do to test or sort out details.
Thanks again.
mca
http://amundsen.com/blog/
On Tue, May 11, 2010 at 18:09, Akbar Hossain
Sarven Capadisli
May 12, 2010, 7:33:52 AM5/12/10
to foa...@googlegroups.com
I'm replying to this because I have a similar issue given the steps
leading up to (but not including) the failure message.
On Mon, 2010-05-10 at 13:07 -0700, mamund wrote:
> I am testing my FOAF+SSL using this site:
>
> When i supply http://openid4.me, I am forwarded to the openid4.me
> site, i see the "Login using my FOAF+SSL Client Certificate" and when
> I click on that button I am returned to the test page with the
> following failure message:
I get "OpenID verification was cancelled."
In fact, I can't use http://csarven.ca/ or http://openid4.me (and with
https) to login with OpenID anywhere.
So, I'm wondering the same:
> Not sure how to debug this:
> - Is OpenID4.me not working right now?
> - Is my FOAF file bad?
http://csarven.ca/#i is my WebID
> - Am I doing it wrong?
https://foaf.me/simpleLogin.php says "Not Logged In" even though it
says:
* SSL Client Certificate: detected!
* Client Certificate Public Key detected! (HEX): Array(...)
* Subject Alt Name (FOAF Profile): detected!: http://csarven.ca/#i
* FOAF Remote Public Key found in http://csarven.ca/#i:
Just a note on FOAF+SSL login. I'm able to login to
http://foaf.me/shout/ , http://trunk.ontowiki.net/ and
https://ophelia.g5n.co.uk:10443/cheese/
The Subject alt name in my browser certificate is http://csarven.ca/#i
I appreciate any direction.
-Sarven
leading up to (but not including) the failure message.
On Mon, 2010-05-10 at 13:07 -0700, mamund wrote:
> I am testing my FOAF+SSL using this site:
>
> When i supply http://openid4.me, I am forwarded to the openid4.me
> site, i see the "Login using my FOAF+SSL Client Certificate" and when
> I click on that button I am returned to the test page with the
> following failure message:
In fact, I can't use http://csarven.ca/ or http://openid4.me (and with
https) to login with OpenID anywhere.
So, I'm wondering the same:
> Not sure how to debug this:
> - Is OpenID4.me not working right now?
> - Is my FOAF file bad?
> - Am I doing it wrong?
says:
* SSL Client Certificate: detected!
* Client Certificate Public Key detected! (HEX): Array(...)
* Subject Alt Name (FOAF Profile): detected!: http://csarven.ca/#i
* FOAF Remote Public Key found in http://csarven.ca/#i:
Just a note on FOAF+SSL login. I'm able to login to
http://foaf.me/shout/ , http://trunk.ontowiki.net/ and
https://ophelia.g5n.co.uk:10443/cheese/
The Subject alt name in my browser certificate is http://csarven.ca/#i
I appreciate any direction.
-Sarven
Bruno Harbulot
May 12, 2010, 12:25:28 PM5/12/10
to foa...@googlegroups.com
Hi all,
On 12/05/10 12:33, Sarven Capadisli wrote:
>
> https://foaf.me/simpleLogin.php says "Not Logged In" even though it
> says:
>
> * SSL Client Certificate: detected!
> * Client Certificate Public Key detected! (HEX): Array(...)
> * Subject Alt Name (FOAF Profile): detected!: http://csarven.ca/#i
> * FOAF Remote Public Key found in http://csarven.ca/#i:
I too get a similar problem:
Not Logged In
SSL Client Certificate: detected!
Client Certificate Public Key detected! (HEX):
Array
(
[modulus] => A4625E3446DD3C71AD68C522E68B47F0FF....
[exponent] => 010001
)
Subject Alt Name (FOAF Profile): detected!:
http://www.harbulot.com/foaf/bruno#me
FOAF Remote Public Key found in http://www.harbulot.com/foaf/bruno#me:
Array
(
[modulus] => 862D6E0B8C3252A79D6EB82966F14E495C839EC2D579.....
[exponent] => 10001
)
It looks like it thinks my key is Henry's (his key is also in my FOAF
document, but linked to his foaf:Person, not to #me).
It looks like there's something wrong in the query to get the public key.
Best wishes,
Bruno.
On 12/05/10 12:33, Sarven Capadisli wrote:
>
> https://foaf.me/simpleLogin.php says "Not Logged In" even though it
> says:
>
> * SSL Client Certificate: detected!
> * Client Certificate Public Key detected! (HEX): Array(...)
> * Subject Alt Name (FOAF Profile): detected!: http://csarven.ca/#i
> * FOAF Remote Public Key found in http://csarven.ca/#i:
Not Logged In
SSL Client Certificate: detected!
Client Certificate Public Key detected! (HEX):
Array
(
[exponent] => 010001
)
Subject Alt Name (FOAF Profile): detected!:
FOAF Remote Public Key found in http://www.harbulot.com/foaf/bruno#me:
Array
(
[modulus] => 862D6E0B8C3252A79D6EB82966F14E495C839EC2D579.....
[exponent] => 10001
)
It looks like it thinks my key is Henry's (his key is also in my FOAF
document, but linked to his foaf:Person, not to #me).
It looks like there's something wrong in the query to get the public key.
Best wishes,
Bruno.
Henry Story
May 12, 2010, 12:55:20 PM5/12/10
to foa...@googlegroups.com
Yes, I just got the same error.
I logged in as
http://foaf.me/index.php?webid=http%3A%2F%2Fbblfish.net%2Fpeople%2Fhenry%2Fcard%23me&ts=2010-05-12T09%3A49%3A48-0700&sig=iMm80cByu9xTwQjrNTYFJ1BXdxSJUC2IG%2FSL7JLt4Mb5Rp47hOv7wZ6gtnRfIDwvtbTis0%2BStf54rGLqxsEvk3ZRHjpXf%2BAYKctmDXosOC3fpw%2FzV014AcYooLnCHJYEUkMGcCQnU2WYWhEgVHtHm%2B3L%2FJiFxIHZmxYPRUsKBo0%3D
and got this
I logged in as
http://foaf.me/index.php?webid=http%3A%2F%2Fbblfish.net%2Fpeople%2Fhenry%2Fcard%23me&ts=2010-05-12T09%3A49%3A48-0700&sig=iMm80cByu9xTwQjrNTYFJ1BXdxSJUC2IG%2FSL7JLt4Mb5Rp47hOv7wZ6gtnRfIDwvtbTis0%2BStf54rGLqxsEvk3ZRHjpXf%2BAYKctmDXosOC3fpw%2FzV014AcYooLnCHJYEUkMGcCQnU2WYWhEgVHtHm%2B3L%2FJiFxIHZmxYPRUsKBo0%3D
and got this
Akbar Hossain
May 12, 2010, 4:07:18 PM5/12/10
to foa...@googlegroups.com
Hi Sarven
I was just looking thru your rdfa mark up on http://csarven.ca/
The parsing on openid4.me is looking for a
foaf:ProfilePersonalDocument and foaf:primaryTopic to work out what
your webid is from the contents of http://csarven.ca
I think it has <foaf:primaryTopic rdf:resource="http://csarven.ca/"/>
Rather than http://csarven.ca/#i
http://www.w3.org/2007/08/pyRdfa/extract?uri=http%3A%2F%2Fcsarven.ca%2F&format=pretty-xml&warnings=false&parser=lax&space-preserve=true
I will be relaxing the requirement of having a
foaf:ProfilePersonalDocument but i need to schedule a bit of time to
upgrade the libAuthentication openid4.me uses to the latest version
If you look at source on http://bblfish.net i think if you add the equivalent of
<body typeof="foaf:PersonalProfileDocument" about="">
<div rel="foaf:primaryTopic" href="#i"/>
That should help.
Thanks
I was just looking thru your rdfa mark up on http://csarven.ca/
The parsing on openid4.me is looking for a
foaf:ProfilePersonalDocument and foaf:primaryTopic to work out what
your webid is from the contents of http://csarven.ca
I think it has <foaf:primaryTopic rdf:resource="http://csarven.ca/"/>
Rather than http://csarven.ca/#i
http://www.w3.org/2007/08/pyRdfa/extract?uri=http%3A%2F%2Fcsarven.ca%2F&format=pretty-xml&warnings=false&parser=lax&space-preserve=true
I will be relaxing the requirement of having a
foaf:ProfilePersonalDocument but i need to schedule a bit of time to
upgrade the libAuthentication openid4.me uses to the latest version
If you look at source on http://bblfish.net i think if you add the equivalent of
<body typeof="foaf:PersonalProfileDocument" about="">
<div rel="foaf:primaryTopic" href="#i"/>
That should help.
Thanks
Sarven Capadisli
May 12, 2010, 5:49:51 PM5/12/10
to foa...@googlegroups.com
On Wed, 2010-05-12 at 21:07 +0100, Akbar Hossain wrote:
> Hi Sarven
Hi, thanks for helping Akbar.
> I was just looking thru your rdfa mark up on http://csarven.ca/
>
> The parsing on openid4.me is looking for a
> foaf:ProfilePersonalDocument and foaf:primaryTopic to work out what
> your webid is from the contents of http://csarven.ca
>
> I think it has <foaf:primaryTopic rdf:resource="http://csarven.ca/"/>
> Rather than http://csarven.ca/#i
Nice catch!
I've updated.
> http://www.w3.org/2007/08/pyRdfa/extract?uri=http%3A%2F%2Fcsarven.ca%2F&format=pretty-xml&warnings=false&parser=lax&space-preserve=true
I'm not sure if this is an issue or not but the distiller throws some
warnings wrt some of the @rels. I've also noticed a few odd things form
that distiller. For instance, foaf:PersonalProfileDocument is a child of
foaf:openid. http://validator.w3.org/check?uri=http%3A%2F%2Fcsarven.ca%
2F&charset=%28detect+automatically%29&doctype=Inline&group=0 is valid
XHTML+RDFa and everything.
> I will be relaxing the requirement of having a
> foaf:ProfilePersonalDocument but i need to schedule a bit of time to
> upgrade the libAuthentication openid4.me uses to the latest version
>
> If you look at source on http://bblfish.net i think if you add the equivalent of
>
> <body typeof="foaf:PersonalProfileDocument" about="">
> <div rel="foaf:primaryTopic" href="#i"/>
>
> That should help.
I'm still getting the same error :(
I use Firefox 3.6.3/Ubuntu 10.04. I've tested with identi.ca,
livejournal.com, 37signals.com using http://csarven.ca/ and even
http://openid4.me/ as my OpenID.
> Hi Sarven
Hi, thanks for helping Akbar.
> I was just looking thru your rdfa mark up on http://csarven.ca/
>
> The parsing on openid4.me is looking for a
> foaf:ProfilePersonalDocument and foaf:primaryTopic to work out what
> your webid is from the contents of http://csarven.ca
>
> I think it has <foaf:primaryTopic rdf:resource="http://csarven.ca/"/>
> Rather than http://csarven.ca/#i
I've updated.
> http://www.w3.org/2007/08/pyRdfa/extract?uri=http%3A%2F%2Fcsarven.ca%2F&format=pretty-xml&warnings=false&parser=lax&space-preserve=true
I'm not sure if this is an issue or not but the distiller throws some
warnings wrt some of the @rels. I've also noticed a few odd things form
that distiller. For instance, foaf:PersonalProfileDocument is a child of
foaf:openid. http://validator.w3.org/check?uri=http%3A%2F%2Fcsarven.ca%
2F&charset=%28detect+automatically%29&doctype=Inline&group=0 is valid
XHTML+RDFa and everything.
> I will be relaxing the requirement of having a
> foaf:ProfilePersonalDocument but i need to schedule a bit of time to
> upgrade the libAuthentication openid4.me uses to the latest version
>
> If you look at source on http://bblfish.net i think if you add the equivalent of
>
> <body typeof="foaf:PersonalProfileDocument" about="">
> <div rel="foaf:primaryTopic" href="#i"/>
>
> That should help.
I use Firefox 3.6.3/Ubuntu 10.04. I've tested with identi.ca,
livejournal.com, 37signals.com using http://csarven.ca/ and even
http://openid4.me/ as my OpenID.
Akbar Hossain
May 13, 2010, 4:12:18 PM5/13/10
to foa...@googlegroups.com
Hi Sarven,
I notice you have the relation foaf:primaryTopic three times in
http://csarven.ca
I would be tempted to remove the dups. I think they refer to
http://csarven.ca rather than http://csarven/#i
Which may be causing some the parsing/distilling issues.
(Yes I too have noticed the RDF serialisation of the distiller is not
always what you would do if writing things out by hand
but it should make logic sense if the relations are correctly related
to each other)
Thanks
I notice you have the relation foaf:primaryTopic three times in
http://csarven.ca
I would be tempted to remove the dups. I think they refer to
http://csarven.ca rather than http://csarven/#i
Which may be causing some the parsing/distilling issues.
(Yes I too have noticed the RDF serialisation of the distiller is not
always what you would do if writing things out by hand
but it should make logic sense if the relations are correctly related
to each other)
Thanks
Sarven Capadisli
May 13, 2010, 5:36:57 PM5/13/10
to foa...@googlegroups.com
On Thu, 2010-05-13 at 21:12 +0100, Akbar Hossain wrote:
> I notice you have the relation foaf:primaryTopic three times in
> http://csarven.ca
> I would be tempted to remove the dups. I think they refer to
> http://csarven.ca rather than http://csarven/#i
> Which may be causing some the parsing/distilling issues.
Wow, okay, I've removed the dups and using a single foaf:primaryTopic
> I notice you have the relation foaf:primaryTopic three times in
> http://csarven.ca
> I would be tempted to remove the dups. I think they refer to
> http://csarven.ca rather than http://csarven/#i
> Which may be causing some the parsing/distilling issues.
for http://csarven.ca/#i ... but, I'm still getting "OpenID
authentication cancelled."
I've just noticed a minor change at https://foaf.me/simpleLogin.php for
me. It now says "FOAF Remote Public Key: Not detected!" as well as "Not
Logged In". I'm not sure if this is in any way related.
Even though the main issue still exists, I'm happy that some of these
obvious bugs are squashed. Thanks again for helping me through this.
Sarven Capadisli
May 13, 2010, 6:05:06 PM5/13/10
to foa...@googlegroups.com
On Thu, 2010-05-13 at 21:12 +0100, Akbar Hossain wrote:
> I notice you have the relation foaf:primaryTopic three times in
> http://csarven.ca
> I would be tempted to remove the dups. I think they refer to
> http://csarven.ca rather than http://csarven/#i
> Which may be causing some the parsing/distilling issues.
> http://csarven.ca
> I would be tempted to remove the dups. I think they refer to
> http://csarven.ca rather than http://csarven/#i
> Which may be causing some the parsing/distilling issues.
Wow, okay, I've removed the dups and using a single foaf:primaryTopic
for http://csarven.ca/#i ... but, I'm still getting "OpenID
authentication cancelled."
I've just noticed a minor change at https://foaf.me/simpleLogin.php for
me. It now says "FOAF Remote Public Key: Not detected!" as well as "Not
Logged In". I'm not sure if this is in any way related.
Even though the main issue still exists, I'm happy that some of these
obvious bugs are squashed. Thanks again for helping me through this.
for http://csarven.ca/#i ... but, I'm still getting "OpenID
authentication cancelled."
I've just noticed a minor change at https://foaf.me/simpleLogin.php for
me. It now says "FOAF Remote Public Key: Not detected!" as well as "Not
Logged In". I'm not sure if this is in any way related.
Even though the main issue still exists, I'm happy that some of these
obvious bugs are squashed. Thanks again for helping me through this.
Akbar Hossain
May 14, 2010, 3:37:35 PM5/14/10
to foa...@googlegroups.com
Hi Sarven,
I think you have
<div rel="foaf:primaryTopic" href="#i"></div>
I think if you change this to
<div rel="foaf:primaryTopic" href="http://csarven.ca/#i"></div>
it should work.
Thanks
I think you have
<div rel="foaf:primaryTopic" href="#i"></div>
I think if you change this to
<div rel="foaf:primaryTopic" href="http://csarven.ca/#i"></div>
it should work.
Thanks
Sarven Capadisli
May 14, 2010, 5:08:21 PM5/14/10
to foa...@googlegroups.com
On Fri, 2010-05-14 at 20:37 +0100, Akbar Hossain wrote:
> I think you have
>
> <div rel="foaf:primaryTopic" href="#i"></div>
>
> I think if you change this to
>
> <div rel="foaf:primaryTopic" href="http://csarven.ca/#i"></div>
>
> it should work.
I've tried that. Still no go. I've even created new certs, and still
> I think you have
>
> <div rel="foaf:primaryTopic" href="#i"></div>
>
> I think if you change this to
>
> <div rel="foaf:primaryTopic" href="http://csarven.ca/#i"></div>
>
> it should work.
getting the same OpenID authentication/verification cancelled error.
Cert seems to be created fine from
http://webid.myxwiki.org/xwiki/bin/view/WebId/CreateCert . Expiry date
is 1 year from now. I copy Subject's Public Key to my @content value at
http://csarven.ca/ .
Are there other services that I can easily create a cert from my
browser? I can give that a go.
Sarven Capadisli
May 14, 2010, 5:37:15 PM5/14/10
to foa...@googlegroups.com
On Fri, 2010-05-14 at 23:08 +0200, Sarven Capadisli wrote:
> Cert seems to be created fine from
> http://webid.myxwiki.org/xwiki/bin/view/WebId/CreateCert . Expiry date
> is 1 year from now. I copy Subject's Public Key to my @content value at
> http://csarven.ca/ .
I've repeated this process on Opera/Ubuntu and still experiencing the
> Cert seems to be created fine from
> http://webid.myxwiki.org/xwiki/bin/view/WebId/CreateCert . Expiry date
> is 1 year from now. I copy Subject's Public Key to my @content value at
> http://csarven.ca/ .
same issue. I must be doing something wrong with the keys?
Henry Story
May 14, 2010, 5:52:58 PM5/14/10
to foa...@googlegroups.com
What is the subject alternative name in your X.509 certificate?
Henry
Henry
Sarven Capadisli
May 14, 2010, 5:56:09 PM5/14/10
to foa...@googlegroups.com
On Fri, 2010-05-14 at 22:52 +0100, Henry Story wrote:
> What is the subject alternative name in your X.509 certificate?
http://csarven.ca/#i
> What is the subject alternative name in your X.509 certificate?
Sarven Capadisli
May 14, 2010, 6:05:44 PM5/14/10
to foa...@googlegroups.com
On Fri, 2010-05-14 at 23:56 +0200, Sarven Capadisli wrote:
> On Fri, 2010-05-14 at 22:52 +0100, Henry Story wrote:
> > What is the subject alternative name in your X.509 certificate?
>
> http://csarven.ca/#i
>
To be precise, the field value is:
> On Fri, 2010-05-14 at 22:52 +0100, Henry Story wrote:
> > What is the subject alternative name in your X.509 certificate?
>
> http://csarven.ca/#i
>
Critical
URI: http://csarven.ca/#i
Henry Story
May 14, 2010, 6:06:09 PM5/14/10
to foa...@googlegroups.com
On 14 May 2010, at 22:56, Sarven Capadisli wrote:
> http://csarven.ca/#i
$ rapper -i rdfa http://csarven.ca/ -o turtle
rapper: Parsing URI http://csarven.ca/ with parser rdfa
rapper: Serializing with serializer turtle
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
<http://csarven.ca/>
<http://www.w3.org/1999/xhtml/vocab#alternate> <http://csarven.ca/atom>, <http://csarven.ca/rss> ;
<http://www.w3.org/1999/xhtml/vocab#icon> <http://csarven.ca/favicon.ico> ;
<http://www.w3.org/1999/xhtml/vocab#license> <http://creativecommons.org/licenses/by-sa/3.0/> ;
<http://www.w3.org/1999/xhtml/vocab#stylesheet> <http://csarven.ca/media/css/index.css>, <http://csarven.ca/media/css/print.css> .
Using http://www.w3.org/2007/08/pyRdfa/ I get
<http://csarven.ca/#cert> a rsa:RSAPublicKey ;
cert:identity <http://csarven.ca/#i> ;
rsa:modulus
[ cert:hex "c72a28fd6934c062ff05c97e8575047056b4cdad3a6cae376f506ad4f48f91c9a9e2c27e933c3901e7cca33fcf4aaa3b3a54f3af53e25dd8d49b53c33a192557efac3e840a7cb17eb731d8d3a183d0bca87cee18e2e789b2594a0245efedd6cb7a552517f6ee8706727413957f754997808424a3698e2e6a7bda98c905c68cc3"@en-ca
] ;
rsa:public_exponent
[ cert:decimal "65537"@en-ca
] .
Could be that @en-ca that is the problem....
This is partly why we need to move to using the literal datatype notation for Keys. When you use the datatype notation the above error is removed (as well as it being shorter to write)
Henry
Sarven Capadisli
May 14, 2010, 7:10:41 PM5/14/10
to foa...@googlegroups.com
On Fri, 2010-05-14 at 23:06 +0100, Henry Story wrote:
> On 14 May 2010, at 22:56, Sarven Capadisli wrote:
>
> > http://csarven.ca/#i
>
> $ rapper -i rdfa http://csarven.ca/ -o turtle
> rapper: Parsing URI http://csarven.ca/ with parser rdfa
> rapper: Serializing with serializer turtle
> @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
>
> <http://csarven.ca/>
> <http://www.w3.org/1999/xhtml/vocab#alternate> <http://csarven.ca/atom>, <http://csarven.ca/rss> ;
> <http://www.w3.org/1999/xhtml/vocab#icon> <http://csarven.ca/favicon.ico> ;
> <http://www.w3.org/1999/xhtml/vocab#license> <http://creativecommons.org/licenses/by-sa/3.0/> ;
> <http://www.w3.org/1999/xhtml/vocab#stylesheet> <http://csarven.ca/media/css/index.css>, <http://csarven.ca/media/css/print.css> .
>
>
> Using http://www.w3.org/2007/08/pyRdfa/ I get
>
>
> <http://csarven.ca/#cert> a rsa:RSAPublicKey ;
> cert:identity <http://csarven.ca/#i> ;
> rsa:modulus
> [ cert:hex "c72a28fd6934c062ff05c97e8575047056b4cdad3a6cae376f506ad4f48f91c9a9e2c27e933c3901e7cca33fcf4aaa3b3a54f3af53e25dd8d49b53c33a192557efac3e840a7cb17eb731d8d3a183d0bca87cee18e2e789b2594a0245efedd6cb7a552517f6ee8706727413957f754997808424a3698e2e6a7bda98c905c68cc3"@en-ca
> ] ;
> rsa:public_exponent
> [ cert:decimal "65537"@en-ca
> ] .
>
> Could be that @en-ca that is the problem....
>
> This is partly why we need to move to using the literal datatype notation for Keys. When you use the datatype notation the above error is removed (as well as it being shorter to write)
>
>
>
> Henry
>
I'm not sure why (RDF/A via librdfa?)
> On 14 May 2010, at 22:56, Sarven Capadisli wrote:
>
> > http://csarven.ca/#i
>
> $ rapper -i rdfa http://csarven.ca/ -o turtle
> rapper: Parsing URI http://csarven.ca/ with parser rdfa
> rapper: Serializing with serializer turtle
> @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
>
> <http://csarven.ca/>
> <http://www.w3.org/1999/xhtml/vocab#alternate> <http://csarven.ca/atom>, <http://csarven.ca/rss> ;
> <http://www.w3.org/1999/xhtml/vocab#icon> <http://csarven.ca/favicon.ico> ;
> <http://www.w3.org/1999/xhtml/vocab#license> <http://creativecommons.org/licenses/by-sa/3.0/> ;
> <http://www.w3.org/1999/xhtml/vocab#stylesheet> <http://csarven.ca/media/css/index.css>, <http://csarven.ca/media/css/print.css> .
>
>
> Using http://www.w3.org/2007/08/pyRdfa/ I get
>
>
> <http://csarven.ca/#cert> a rsa:RSAPublicKey ;
> cert:identity <http://csarven.ca/#i> ;
> rsa:modulus
> [ cert:hex "c72a28fd6934c062ff05c97e8575047056b4cdad3a6cae376f506ad4f48f91c9a9e2c27e933c3901e7cca33fcf4aaa3b3a54f3af53e25dd8d49b53c33a192557efac3e840a7cb17eb731d8d3a183d0bca87cee18e2e789b2594a0245efedd6cb7a552517f6ee8706727413957f754997808424a3698e2e6a7bda98c905c68cc3"@en-ca
> ] ;
> rsa:public_exponent
> [ cert:decimal "65537"@en-ca
> ] .
>
> Could be that @en-ca that is the problem....
>
> This is partly why we need to move to using the literal datatype notation for Keys. When you use the datatype notation the above error is removed (as well as it being shorter to write)
>
>
>
> Henry
>
gives me 6 triples, but
$ rapper -g http://csarven.ca -o turtle
gives me 48 triples.
In any case, I've switched over to datatype notation, and now I get this
from rapper and http://www.w3.org/2007/08/pyRdfa/ :
"c72a28fd6934c062ff05c97e8575047056b4cdad3a6cae376f506ad4f48f91c9a9e2c27e933c3901e7cca33fcf4aaa3b3a54f3af53e25dd8d49b53c33a192557efac3e840a7cb17eb731d8d3a183d0bca87cee18e2e789b2594a0245efedd6cb7a552517f6ee8706727413957f754997808424a3698e2e6a7bda98c905c68cc3"^^cert:hex ;
rsa:public_exponent "65537"^^cert:decimal .
However, the error remains :(
I've tried datatype="cert:int" as well.
-Sarven
Sarven Capadisli
May 29, 2010, 8:06:58 AM5/29/10
to foafme
On Wed, 2010-05-19 at 22:38 +0100, Akbar Hossain wrote:
> hi
>
> sorry for the delay.
>
> for some reason
>
> PREFIX foaf: <http://xmlns.com/foaf/0.1/>
>
> SELECT ?x ?primaryTopic
> WHERE {
> ?x foaf:primaryTopic ?primaryTopic .
> }
>
> against http://csarven.ca
>
> doesnt seem to return anything when I run it within ARC2
>
> but does when i run against http://bblfish.net
>
> strangely if i copy the html source of csarven.ca and put somewhere
> else it does work.
>
> http://openid4.me/get.php?webid=http://csarven.ca - doesnt find
> your pirmaryTopic
>
> http://openid4.me/get.php?webid=http://bblfish.net - finds henry's
> primaryTopic
>
> http://openid4.me/get.php?webid=http://openid4.me/csarven.html - a
> copy of your homepage and does find the primaryTopic
>
> sorry - i am at a loss at what is wrong.
> when i get some time I could look the code ARC uses to fetch your homepage.
> Does it have redirects / etc?
>
> Thanks
>
> hi
>
> sorry for the delay.
>
> for some reason
>
> PREFIX foaf: <http://xmlns.com/foaf/0.1/>
>
> SELECT ?x ?primaryTopic
> WHERE {
> ?x foaf:primaryTopic ?primaryTopic .
> }
>
> against http://csarven.ca
>
> doesnt seem to return anything when I run it within ARC2
>
> but does when i run against http://bblfish.net
>
> strangely if i copy the html source of csarven.ca and put somewhere
> else it does work.
>
> http://openid4.me/get.php?webid=http://csarven.ca - doesnt find
> your pirmaryTopic
>
> http://openid4.me/get.php?webid=http://bblfish.net - finds henry's
> primaryTopic
>
> http://openid4.me/get.php?webid=http://openid4.me/csarven.html - a
> copy of your homepage and does find the primaryTopic
>
> sorry - i am at a loss at what is wrong.
> when i get some time I could look the code ARC uses to fetch your homepage.
> Does it have redirects / etc?
>
> Thanks
>
Hi Akbar, sorry for the delay, I was AFK for awhile.
Thanks for doing that test. What you point out is interesting indeed. I
don't have a redirect on / but it led me to compare the outputs of
different agents.
I am doing content mimetype negotiation and outputting an appropriate
HTML. For instance, if I don't detect */*xml, I send text/html, output
HTML 4.01 Doctype, and <html> without namespaces. So, the key here is
the namespaces.
http://openid4.me/ doesn't appear to be accepting */*xml and so it gets
plain ol' HTML. Hence, it probably can't get to foaf:primaryTopic.
I guess I'll just drop my HTML 4.01 output and always use XHTML+RDFa
1.0. It would be less error prone if parsers fail to accept XML
mimetypes (and end-up getting a namespace-less markup).
And now, I can login with http://csarven.ca/ as my OpenID \o/
For OpenID4.me, you might want to look into Toby Inkster's handy RDFa
Linter http://goddamn.co.uk/viewvc/perlmods/RDF-RDFa-Linter/
Thanks for all the wonderful feedback! :)
-Sarven
Melvin Carvalho
Jun 1, 2010, 11:38:58 AM6/1/10
to foa...@googlegroups.com
I'm also getting an error with openid4.me ... still havent been able to get into any site, since the last bug report ...
Output here:
You tried to access the address https://openid4.me/index.php/trust, which is currently unavailable. Please make sure that the Web address (URL) is correctly spelled and punctuated, then try reloading the page.
Secure connection: fatal error (40) from server.
https://openid4.me/index.php/trust
Output here:
You tried to access the address https://openid4.me/index.php/trust, which is currently unavailable. Please make sure that the Web address (URL) is correctly spelled and punctuated, then try reloading the page.
Secure connection: fatal error (40) from server.
https://openid4.me/index.php/trust
2010/5/29 Sarven Capadisli <in...@csarven.ca>
-Sarven
Reply all
Reply to author
Forward
0 new messages