Consuming after denial
0 views
Skip to first unread message
Evaldas Taroza
Jan 15, 2008, 10:37:42 AM1/15/08
to joid-general
Hi everyone,
First, I find joid very nice.
Second, I have a small problem. I want to authenticate with
myopenid.com OpenID. I have the consumer like this:
---
String returnTo = UrlUtils.getFullUrl(request);
if (null != openID && !openID.startsWith("http:")) {
openID = "http://" + openID;
}
String trustRoot = returnTo;
String s = OpenIdFilter.joid().getAuthUrl(openID, returnTo,
trustRoot);
response.sendRedirect(s);
---
So I enter my OpenID in a form and the above code redirects me to the
provider. Let's say that
returnTo == .....?login=yes
So I get redirected very nicely. But when I press "Deny" on the
provider, I get back but the query string contains something about the
denial. Therefore when I enter my OpenID into the form again, then
returnTo == ....?login=yes&[openid stuff related to the denial]
Now I am redirected very nicely again, but when on the server I say
"Allow once", I am actually returned to the place that is about the
denial. Hence, I think that the OpenIDFilter is actually behaves as if
the denial happened... I.e. the consumer side fails to log in.
Do I do anything wrong, or is my provider doing something wrong, or
the OpenIDFilter is behaving wrongly?
Thanks for help,
Evaldas
First, I find joid very nice.
Second, I have a small problem. I want to authenticate with
myopenid.com OpenID. I have the consumer like this:
---
String returnTo = UrlUtils.getFullUrl(request);
if (null != openID && !openID.startsWith("http:")) {
openID = "http://" + openID;
}
String trustRoot = returnTo;
String s = OpenIdFilter.joid().getAuthUrl(openID, returnTo,
trustRoot);
response.sendRedirect(s);
---
So I enter my OpenID in a form and the above code redirects me to the
provider. Let's say that
returnTo == .....?login=yes
So I get redirected very nicely. But when I press "Deny" on the
provider, I get back but the query string contains something about the
denial. Therefore when I enter my OpenID into the form again, then
returnTo == ....?login=yes&[openid stuff related to the denial]
Now I am redirected very nicely again, but when on the server I say
"Allow once", I am actually returned to the place that is about the
denial. Hence, I think that the OpenIDFilter is actually behaves as if
the denial happened... I.e. the consumer side fails to log in.
Do I do anything wrong, or is my provider doing something wrong, or
the OpenIDFilter is behaving wrongly?
Thanks for help,
Evaldas
Reply all
Reply to author
Forward
0 new messages