OpenID configuration - "Application invalid or not configured"
57 views
Skip to first unread message
Matthias Palmetshofer
Apr 16, 2021, 6:21:42 AM4/16/21
to RCDevs Security Solutions - Technical
Dear all,
i am trying to configure OpenID. I followed your instruction manual, but I cannot get it to work properly.
I created a Client Policy and used the "Client ID" as entered in the OpenID configuration of the SP as an entry in "Client Name Aliases". Unfortunately it always throws the "Application invalid or not configured" error. I checked all logs, but could not find anything. I then tried to use "OpenID" as "Client Name Aliases" entry but that did not work either.
example I used:
https://some.rcdevs.server/webapps/openid/index.php?client_id=OpenID&redirect_uri=https://oidcdebugger.com/debug&scope=openid email profile&response_type=id_token&response_mode=query&nonce=b60qet50y8n
I think it is a problem with the Client Policy. Would be great if you could give me some hints what to look out for when it comes to the client id etc.
Best,
Matthias
Dimitri Gavrilov
Apr 19, 2021, 2:50:36 AM4/19/21
to RCDevs Security Solutions - Technical
Hi everyone.
Will be interesting to see any reply. We got the same problem after upgrading to the latest webadm version (2.0.16). It worked on the previous version. Nothing in the logs except "Enforcing client policy" message.
Regards
Dimitri
Dimitri Gavrilov
Apr 19, 2021, 4:31:42 AM4/19/21
to RCDevs Security Solutions - Technical
Downgrading to openid version 1.4.7-1 resolved the issue for now.
Christian Koch
Apr 19, 2021, 4:50:58 AM4/19/21
to RCDevs Security Solutions - Technical
I am also interested in a solution for this and maybe in an official comment of RCDevs.
Message has been deleted
Matthias Palmetshofer
Apr 19, 2021, 3:38:26 PM4/19/21
to RCDevs Security Solutions - Technical
@Dimitri: I tried exactly that yesterday and I can confirm ist works. After setting log level to debug (got not really more info though), and quadruple checking every setting I thought well, maybe it is a bug. Hence downgraded and it tada, works.
Seems there is a bug in the current version of openid.
@christi...[at]shop-apotheke.com, for the quick fix, just downgrade to the previous version. Not sure if there are any security concerns, I did not check the release notes but i am also not using it for production.
Maybe someone from RCDevs could comment and/or take a look into that.
Best,
Matthias
Christian Koch
Apr 20, 2021, 1:46:36 AM4/20/21
to RCDevs Security Solutions - Technical
I didn't upgraded this version after reading that. So thanks ;)
Maybe someone with this problem can create a ticket @ sup...@rcdevs.com ?
Maybe someone with this problem can create a ticket @ sup...@rcdevs.com ?
Yoann Traut (RCDevs)
Apr 21, 2021, 12:08:40 PM4/21/21
to RCDevs Security Solutions - Technical
Hello everybody,
We figured out what is wrong with last version of OpenID package.
We are fixing the issues and we will release a new version soon.
Sorry for the inconvenience and thank you all for your feedback.
Regards
Reply all
Reply to author
Forward
0 new messages