Verification failure on remote server
51 views
Skip to first unread message
vineet naik
Oct 5, 2011, 1:32:39 AM10/5/11
to OpenID4Java
Hi
I am using openid4java library for implementing the 'login with
google' functionality in a spring-mvc application.
It works fine on my local tomcat server but on the remote server it
has suddenly stopped working. It was working fine before there too.
After doing some logging in catalina.out I found that the verification
of the response fails after google redirects to the return url
VerificationResult verification =
openIdService.getConsumerManager().verify(
receivingURL.toString(),
response, discovered);
Identifier verified = verification.getVerifiedId(); //Null
The value of verified is null on the remote server. On local server
its an uri
I am aware that while handling the response, ConsumerManager needs to
be the same instance used to place the authentication request.
The rest of the code is implemented as follows
There is an OpenIdController in which OpenIdService is Autowired.
The OpenIdServiceImpl implements OpenIdService and has the
getConsumerManager method which returns the consumerManager instance.
In the construct of the OpenIdServiceImpl, an instance of
ConsumerManager is created.
The actions that create the form for submission and handle the
response are written in the OpenIdController and access the
consumerManager instance using the getConsumerManager method.
I tried logging the Discovery information before the form submission
and in the call back here it the output
Debugging OpenId: Discovered (before) OpenID2
OP-endpoint:https://www.google.com/accounts/o8/ud
ClaimedID:null
Delegate:null
Debugging OpenId: Discovered (after) OpenID2
OP-endpoint:https://www.google.com/accounts/o8/ud
ClaimedID:null
Delegate:null
Am I doing anything wrong here ? But it works on local server!
Or something to do with tomcat configuration on the remote server ?
Any help is appreciated. Let me know if I need to post the code here.
Thanks.
vineet naik
I am using openid4java library for implementing the 'login with
google' functionality in a spring-mvc application.
It works fine on my local tomcat server but on the remote server it
has suddenly stopped working. It was working fine before there too.
After doing some logging in catalina.out I found that the verification
of the response fails after google redirects to the return url
VerificationResult verification =
openIdService.getConsumerManager().verify(
receivingURL.toString(),
response, discovered);
Identifier verified = verification.getVerifiedId(); //Null
The value of verified is null on the remote server. On local server
its an uri
I am aware that while handling the response, ConsumerManager needs to
be the same instance used to place the authentication request.
The rest of the code is implemented as follows
There is an OpenIdController in which OpenIdService is Autowired.
The OpenIdServiceImpl implements OpenIdService and has the
getConsumerManager method which returns the consumerManager instance.
In the construct of the OpenIdServiceImpl, an instance of
ConsumerManager is created.
The actions that create the form for submission and handle the
response are written in the OpenIdController and access the
consumerManager instance using the getConsumerManager method.
I tried logging the Discovery information before the form submission
and in the call back here it the output
Debugging OpenId: Discovered (before) OpenID2
OP-endpoint:https://www.google.com/accounts/o8/ud
ClaimedID:null
Delegate:null
Debugging OpenId: Discovered (after) OpenID2
OP-endpoint:https://www.google.com/accounts/o8/ud
ClaimedID:null
Delegate:null
Am I doing anything wrong here ? But it works on local server!
Or something to do with tomcat configuration on the remote server ?
Any help is appreciated. Let me know if I need to post the code here.
Thanks.
vineet naik
vineet naik
Oct 6, 2011, 11:17:41 AM10/6/11
to OpenID4Java
I could resolve this problem by adding the following lines after
creating an instance of ConsumerManager.
consumerManager.setAssociations(new
InMemoryConsumerAssociationStore());
consumerManager.setNonceVerifier(new InMemoryNonceVerifier(5000));
consumerManager.setMinAssocSessEnc(AssociationSessionType.DH_SHA256);
I found it mentioned it in one of the comments to the SampleConsumer
example here - http://code.google.com/p/openid4java/wiki/SampleConsumer
see response #3 from the bottom.
Hope this helps someone in the future.
creating an instance of ConsumerManager.
consumerManager.setAssociations(new
InMemoryConsumerAssociationStore());
consumerManager.setNonceVerifier(new InMemoryNonceVerifier(5000));
consumerManager.setMinAssocSessEnc(AssociationSessionType.DH_SHA256);
I found it mentioned it in one of the comments to the SampleConsumer
example here - http://code.google.com/p/openid4java/wiki/SampleConsumer
see response #3 from the bottom.
Hope this helps someone in the future.
Reply all
Reply to author
Forward
0 new messages