Search Results

Search found 412 results on 17 pages for 'openid'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 8/17 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • Would OpenID or OAuth work for authorization/authentication on a distributed web service?

    - by David Eyk
    We're in the early stages of designing a RESTful/resource-oriented web service API for a computational lingustics application. Because many of the resources we plan to serve are rights-encumbered, a key design decision has been to specify the platform so that each resource provider can expose their own web service that complies with the API spec. This way, the rights owner maintains control over their content (and thus the ability to throttle or deny access at will) and a direct relationship with the consumer, while still being able to participate in in the collaborative network. At the same time, to simplify the job of writing a client for this service, we want to allow a client access to the distributed service through one end-point, with the server handling content negotiation and retrieval from the appropriate providers. Right now, we're at an impasse on authentication/authorization schemes. One of our number has argued for the (technical) simplicity of a central authentication registry, but others are concerned about the organizational complexity of such a scheme. It seems to me, based on an albeit limited understanding of the technologies, that a combination of OpenID and OAuth would do the trick, with a client authenticating with the end-point via OpenID, and the server taking action on the user's behalf with the various content providers using OAuth. I've only ever seen implementations (e.g. stackoverflow, twitter, etc.) where a human was present to intervene, and I still need to do more research on these technologies. Would a scheme like this work for an automated web service, or would it make the client too difficult to implement and operate?

    Read the article

  • Request Limit Length Limits for IIS&rsquo;s requestFiltering Module

    - by Rick Strahl
    Today I updated my CodePaste.net site to MVC 3 and pushed an update to the site. The update of MVC went pretty smooth as well as most of the update process to the live site. Short of missing a web.config change in the /views folder that caused blank pages on the server, the process was relatively painless. However, one issue that kicked my ass for about an hour – and not foe the first time – was a problem with my OpenId authentication using DotNetOpenAuth. I tested the site operation fairly extensively locally and everything worked no problem, but on the server the OpenId returns resulted in a 404 response from IIS for a nice friendly OpenId return URL like this: http://codepaste.net/Account/OpenIdLogon?dnoa.userSuppliedIdentifier=http%3A%2F%2Frstrahl.myopenid.com%2F&dnoa.return_to_sig_handle=%7B634239223364590000%7D%7BjbHzkg%3D%3D%7D&dnoa.return_to_sig=7%2BcGhp7UUkcV2B8W29ibIDnZuoGoqzyS%2F%2FbF%2FhhYscgWzjg%2BB%2Fj10ZpNdBkUCu86dkTL6f4OK2zY5qHhCnJ2Dw%3D%3D&openid.assoc_handle=%7BHMAC-SHA256%7D%7B4cca49b2%7D%7BMVGByQ%3D%3D%7D&openid.claimed_id=http%3A%2F%2Frstrahl.myopenid.com%2F&openid.identity=http%3A%2F%2Frstrahl.myopenid.com%2F&openid.mode=id_res&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.sreg=http%3A%2F%2Fopenid.net%2Fextensions%2Fsreg%2F1.1&openid.op_endpoint=http%3A%2F%2Fwww.myopenid.com%2Fserver&openid.response_nonce=2010-10-29T04%3A12%3A53Zn5F4r5&openid.return_to=http%3A%2F%2Fcodepaste.net%2FAccount%2FOpenIdLogon%3Fdnoa.userSuppliedIdentifier%3Dhttp%253A%252F%252Frstrahl.myopenid.com%252F%26dnoa.return_to_sig_handle%3D%257B634239223364590000%257D%257BjbHzkg%253D%253D%257D%26dnoa.return_to_sig%3D7%252BcGhp7UUkcV2B8W29ibIDnZuoGoqzyS%252F%252FbF%252FhhYscgWzjg%252BB%252Fj10ZpNdBkUCu86dkTL6f4OK2zY5qHhCnJ2Dw%253D%253D&openid.sig=h1GCSBTDAn1on98sLA6cti%2Bj1M6RffNerdVEI80mnYE%3D&openid.signed=assoc_handle%2Cclaimed_id%2Cidentity%2Cmode%2Cns%2Cns.sreg%2Cop_endpoint%2Cresponse_nonce%2Creturn_to%2Csigned%2Csreg.email%2Csreg.fullname&openid.sreg.email=rstrahl%40host.com&openid.sreg.fullname=Rick+Strahl A 404 of course isn’t terribly helpful – normally a 404 is a resource not found error, but the resource is definitely there. So how the heck do you figure out what’s wrong? If you’re just interested in the solution, here’s the short version: IIS by default allows only for a 1024 byte query string, which is obviously exceeded by the above. The setting is controlled by the RequestFiltering module in IIS 6 and later which can be configured in ApplicationHost.config (in \%windir\system32\inetsvr\config). To set the value configure the requestLimits key like so: <configuration> <security> <requestFiltering> <requestLimits maxQueryString="2048"> </requestLimits> </requestFiltering> </security> </configuration> This fixed me right up and made the requests work. How do you find out about problems like this? Ah yes the troubles of an administrator? Read on and I’ll take you through a quick review of how I tracked this down. Finding the Problem The issue with the error returned is that IIS returns a 404 Resource not found error and doesn’t provide much information about it. If you’re lucky enough to be able to run your site from the localhost IIS is actually very helpful and gives you the right information immediately in a nicely detailed error page. The bottom of the page actually describes exactly what needs to be fixed. One problem with this easy way to find an error: You HAVE TO run localhost. On my server which has about 10 domains running localhost doesn’t point at the particular site I had problems with so I didn’t get the luxury of this nice error page. Using Failed Request Tracing to retrieve Error Info The first place I go with IIS errors is to turn on Failed Request Tracing in IIS to get more error information. If you have access to the server to make a configuration change you can enable Failed Request Tracing like this: Find the Failed Request Tracing Rules in the IIS Service Manager.   Select the option and then Edit Site Tracing to enable tracing. Then add a rule for * (all content) and specify status codes from 100-999 to capture all errors. if you know exactly what error you’re looking for it might help to specify it exactly to keep the number of errors down. Then run your request and let it fail. IIS will throw error log files into a folder like this C:\inetpub\logs\FailedReqLogFiles\W3SVC5 where the last 5 is the instance ID of the site. These files are XML but they include an XSL stylesheet that provides some decent formatting. In this case it pointed me straight at the offending module:   Ok, it’s the RequestFilteringModule. Request Filtering is built into IIS 6-7 and configured in ApplicationHost.config. This module defines a few basic rules about what paths and extensions are allowed in requests and among other things how long a query string is allowed to be. Most of these settings are pretty sensible but the query string value can easily become a problem especially if you’re dealing with OpenId since these return URLs are quite extensive. Debugging failed requests is never fun, but IIS 6 and forward at least provides us the tools that can help us point in the right direction. The error message the FRT report isn’t as nice as the IIS error message but it at least points at the offending module which gave me the clue I needed to look at request restrictions in ApplicationHost.config. This would still be a stretch if you’re not intimately familiar, but I think with some Google searches it would be easy to track this down with a few tries… Hope this was useful to some of you. Useful to me to put this out as a reminder – I’ve run into this issue before myself and totally forgot. Next time I got it, right?© Rick Strahl, West Wind Technologies, 2005-2010Posted in ASP.NET  Security  

    Read the article

  • php-openID doesn't work with Yahoo!

    - by hd
    i am trying to use php-openid library for implementing openID in my site. the basic consumer example inside its package doesn't work for Google and Yahoo. i found the Google solution here: http://stackoverflow.com/questions/1183788/example-usage-of-ax-in-php-openid/2612816 but it doesn't still work for Yahoo! . how can i made it works?

    Read the article

  • Can you recommend a robust OpenAPI 2.0 provider?

    - by larsks
    Help me find a robust OpenID 2.0 provider! We're looking at various SSO solutions for our organization, and I would like to suggest OpenID as a viable option, since (a) there is good consumer support in a number of web applications, and (b) it's simpler to implement than Shibboleth, which is the alternative technology. However, this requires that we find a robust OpenID provider, ideally one meeting the 2.0 specification. The only solutions I've come across so far are: Atlassian Crowd This looks great, although the $4000 price tag may make it a tough sell. Community-ID This looks like an interesting idea, but I'm not sure the project quality is at a suitable level (yet). In particular, it's not clear if LDAP support actually works (which will be a requirement in our environment). Have you implemented OpenID in your environment? What are you using? Have you selected an alternative SSO technology?

    Read the article

  • Why can't I log in with "claimid.com" as an OpenID?

    - by radu-negrila
    Hi, I need to implement a relying party for Open ID in a load balanced environment. Following the suggestions found here I have tried passing null to the OpenIdRelyingParty constructor. The results are somehow not consistent. If I use www.myopenid.com as a provider it works. If I use www.claimid.com as a provider I get the following exception: ProtocolException - No OpenID endpoint found. This exception is thrown on the CreateRequest method call even in a non balanced environment (my local workstation). Any idea what can I do to make it work for both providers ?

    Read the article

  • Yahoo account remains open after using openID to login.why?

    - by hd
    hi i have added openid login with Yahoo! and Google in my site. it is ok and works fine. when users select for example Yahoo! to login to my site, they will be logged in in their yahoo mail account too. i think it is not secure because maybe they don't notice to this issue and leave computer while their email account is availble. what do you think about this and what is your solution for your own sites? as i notice the same story is for stackoverflow.com.

    Read the article

  • Bypass OpenID. Please give us a simple login form.

    - by Florin
    Can I kindly ask that we're allowed to login without the OpenID nonsense? This system is so popular that stack-overflow is the only place that I use it. If it is the policy of stack-overflow to prevent people to login, they've succeeded. I am a passive reader. For some reasons, I really don't like the idea of having one Id for all sites. To me, this system is dead in the water. Unless used within organizations I will never use it. Of course, until the government decides to reign us all in. Will you give them a hand? Until then, can we simply have a login form as in 1995? Thank you for your consideration.

    Read the article

  • Open id get username after successful authentication

    - by Zeeshan Khan
    I am using openid using openid4java. My return url is a servlet After authentication when the return url is invoked by the openid provider after successfully authentication , i want the USERNAME from the open id url like https://me.yahoo.com/USERNAME the above url i am recieving from parameter openid.identity i cannot get username directly since user is entering user name on the openid provider site. Please give any suggestion Regards, Zeeshan

    Read the article

  • Where is documentation for openid1_claimed_id?

    - by zellyn
    OpenID, using delegation, seems to be returning openid1_claimed_id instead of openid.claimed_id That looks like “an OpenID 1 version of claimed_id” but I can't find it documented anywhere. Miscellaneous details: OpenID URL: http://www.zellyn.com/ Delegated to: http://zellyn.myopenid.com/ Using django-socialregistration

    Read the article

  • Zend: How to authenticate using OpenId on local server.

    - by NAVEED
    I am using zend framework. Now I want to authenticate users with other already registered accounts using RPX. I am following the 3 steps as described at RPX site: 1- Get the Widget 2- Receive Tokens 3- Choose Providers I created a controller(person) and action(signin) to show widget and my own signin form. When following action (http://test.dev/#person/personsignin) is called then my own login form and widget is shown successfully. # is used in above URL for AJAX indication. public function personsigninAction() { $this->view->jsonEncoded = true; // Person Signin Form $PersonSigninForm = new Form_PersonSignin(); $this->view->PersonSigninForm = $PersonSigninForm; $this->view->PersonSigninForm->setAction( $this->view->url() ); $request = $this->getRequest(); if ( $request->isPost() ) { } } There are two problems while login using openid widget: When I am authenticated from outside(for example: Yahoo) then I am redirected to http://test.dev, therefor indexAction in called in indexController and home page is shown. I want to redirect to http://test.dev/#person/personsignin after authentication and want to set session in isPost() condition of personsigninAction() (described above). For now I consider indexAction to be called when outside authentication is done. Now I posted the code from http://gist.github.com/291396 in indexAction to follow step 3 mentioned above. But it is giving me following error: An error occured: Invalid parameter: apiKey Am I using the right way to use this. This is my very first attempt to this stuff. Can someone tell me the exact steps using my above actions? Thanks.

    Read the article

  • Software Center won't take into account my changed OpenID name: any idea?

    - by Pascal Av
    Failing to install IntelliJ from the Software Center, I realized my login is wrong in the /etc/apt/auth.conf entry that the install process generates. In this file, I see my original OpenID, that's the one which got automatically generated when signing up on Launchpad. It contains my last name so I changed it. I purged conf and binaries for Ubuntu One, reinstalled, deleted all listed "Devices" from app, all "Applications" from Launchpad. Deleted ~/.cache/software-center/, reboot, but still: When installing IntelliJ, the auth.conf file receives my original OpenID, not the modified one Problem is that the commercial subscription, for IntelliJ private PPA, uses my modified OpenID, so authentication attempt fails. I can't remove nor modify this subscription, even by changing back my OpenID into Launchpad. Any idea to solve this?

    Read the article

  • Is there a python openid apps-discovery library to get appengine apps onto the apps marketplace

    - by molicule
    I'm looking for info on howto get a google appengine app onto the newly announced google apps marketplace. The page at http://code.google.com/googleapps/marketplace/sso.html does not have a python openid apps-discovery library which seems to be the stumbling block. Has anyone ported an appengine app to the marketplace? or know of the existence of a python openid apps-discovery library? or have a timeline on this? updated: please see comment re: standard python openid library vs library that supports "apps-discovery" updated: apparently it is not currently possible, however it will be soon see http://www.google.com/support/forum/p/apps-apis/thread?tid=52e36f012c2436c3&hl=en

    Read the article

  • Authenticate using openID without login through provider

    - by thabet084
    Dear all , I create web application to connect to MySpace Offsite App and I want to authenticate I used the following code var openid = new OpenIdRelyingParty(); IAuthenticationRequest request = openid.CreateRequest("http://www.myspace.com/thabet084"); request.AddExtension(new OAuthRequest("OAuthConsumerKey")); request.RedirectToProvider(); var response = openid.GetResponse(); OAuthResponse oauthExtension = new OAuthResponse(); if (response != null) { switch (response.Status) { case AuthenticationStatus.Authenticated: oauthExtension = response.GetExtension<OAuthResponse>(); var user_authorized_request_token = oauthExtension.RequestToken; break; } } OffsiteContext context = new OffsiteContext("ConsumerKey", "ConsumerSecret"); var accessToken = (AccessToken)context.GetAccessToken(oauthExtension.RequestToken, "", ""); and I used the following refrences DotNetOpenAuth.dll and MySpaceID.SDK.dll My problems are: I always found that responce=null I don't need user to login through provider MySpace so i need to remove RedirectToProvider(); My application in brief is to send status from mywebsite to MySpace account Just click on button to send All ideas are welcome BR, Mohammed Thabet Zaky

    Read the article

  • Integrate openid4java to GWT Project

    - by Slyker
    Hi, I created an GWT project in eclipse. Now I tried to implement openId with using the openid4java library. I imported the .jar files via properties--java build path: openid4java-0.9.5.jar lib/*.jar In addition I copied the .jar files into the war/WEB-INF/lib directory. The problem at hand comes up when I call the authenticate() method. Then I get a: HTTP ERROR 500 Problem accessing /openid/openid. Reason: access denied (java.lang.RuntimePermission modifyThreadGroup)Caused by:java.security.AccessControlException: access denied (java.lang.RuntimePermission modifyThreadGroup) at java.security.AccessControlContext.checkPermission(Unknown Source) at java.security.AccessController.checkPermission(Unknown Source) at java.lang.SecurityManager.checkPermission(Unknown Source) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkPermission(DevAppServerFactory.java:166) at com.google.appengine.tools.development.DevAppServerFactory$CustomSecurityManager.checkAccess(DevAppServerFactory.java:191) at java.lang.ThreadGroup.checkAccess(Unknown Source) at java.lang.Thread.init(Unknown Source) at java.lang.Thread.<init>(Unknown Source) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ReferenceQueueThread.<init>(MultiThreadedHttpConnectionManager.java:1039) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.storeReferenceToConnection(MultiThreadedHttpConnectionManager.java:164) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.access$900(MultiThreadedHttpConnectionManager.java:64) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$ConnectionPool.createConnection(MultiThreadedHttpConnectionManager.java:750) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.doGetConnection(MultiThreadedHttpConnectionManager.java:469) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager.getConnectionWithTimeout(MultiThreadedHttpConnectionManager.java:394) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:152) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:396) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:324) at org.openid4java.util.HttpCache.head(HttpCache.java:296) at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:360) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221) at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179) at org.openid4java.discovery.Discovery.discover(Discovery.java:134) at org.openid4java.discovery.Discovery.discover(Discovery.java:114) at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527) at auth.openid.server.OpenIDServlet.authenticate(OpenIDServlet.java:138) at auth.openid.server.OpenIDServlet.doGet(OpenIDServlet.java:101) at javax.servlet.http.HttpServlet.service(HttpServlet.java:693) at javax.servlet.http.HttpServlet.service(HttpServlet.java:806) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166) at com.google.appengine.api.blobstore.dev.ServeBlobFilter.doFilter(ServeBlobFilter.java:51) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at com.google.appengine.tools.development.StaticFileFilter.doFilter(StaticFileFilter.java:122) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418) at com.google.apphosting.utils.jetty.DevAppEngineWebAppContext.handle(DevAppEngineWebAppContext.java:70) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at com.google.appengine.tools.development.JettyContainerService$ApiProxyHandler.handle(JettyContainerService.java:349) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152) at org.mortbay.jetty.Server.handle(Server.java:326) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:547) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:212) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:409) at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582) Here my servlet source: import com.google.gwt.user.client.rpc.RemoteService; import org.openid4java.OpenIDException; import org.openid4java.consumer.ConsumerException; import org.openid4java.consumer.ConsumerManager; import org.openid4java.consumer.VerificationResult; import org.openid4java.discovery.DiscoveryInformation; import org.openid4java.discovery.Identifier; import org.openid4java.message.AuthRequest; import org.openid4java.message.ParameterList; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.text.MessageFormat; import java.util.List; public final class OpenIDServlet extends HttpServlet implements RemoteService { private final ConsumerManager manager; public OpenIDServlet() { try { manager = new ConsumerManager(); } catch (ConsumerException e) { throw new RuntimeException("Error creating consumer manager", e); } } ... private void authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { final String loginString = request.getParameter(nameParameter); try { // perform discovery on the user-supplied identifier List discoveries = manager.discover(loginString); // attempt to associate with the OpenID provider // and retrieve one service endpoint for authentication DiscoveryInformation discovered = manager.associate(discoveries); // obtain a AuthRequest message to be sent to the OpenID provider AuthRequest authReq = manager.authenticate(discovered, "openid", null); // redirect to OpenID for authentication response.sendRedirect(authReq.getDestinationUrl(true)); } catch (OpenIDException e) { throw new ServletException("Login string probably caused an error. loginString = " + loginString, e); } } My question now is: What could be my fault? Did I make any mistakes in importing the openid4java library? (which?) All other methods in the servlet which do not use the openid4java implementation work fine. Thanks, Andreas

    Read the article

  • Authentication for users on a Single Page App?

    - by John H
    I have developed a single page app prototype that is using Backbone on the front end and going to consume from a thin RESTful API on the server for it's data. Coming from heavy server side application development (php and python), I have really enjoyed the new different design approach with a thick client side MVC but am confused on how best to restrict the app to authenticated users who log in. I prefer to have the app itself behind a login and would also like to implement other types of logins eventually (openid, fb connect, etc) in addition to the site's native login. I am unclear how this is done and have been searching - but unsuccessful in finding information that made it clear to me. In the big picture, what is the current best practice for registering users and requiring them to login to use your single page app? Once a user is logged in, how are the api requests authenticated? Can I store a session but how do I detect for this session in the API calls? Any answers to this would be much appreciated!

    Read the article

  • Authlogic, logout, credential capture and security

    - by Paddy
    Ok this is something weird. I got authlogic-oid installed in my rails app today. Everything works perfectly fine but for one small nuisance. This is what i did: I first register with my google openid. Successful login, redirection and my email, along with my correct openid is stored in my database. I am happy that everything worked fine! Now when i logout, my rails app as usual destroys the session and redirects me back to my root url where i can login again. Now if i try to login it still remembers my last login id. Not a big issue as i can always "Sign in as a different user" but i am wondering if there is anyway to not only logout from my app but also logout from google. I noticed the same with stack overflow's openid authentication system. Why am i so bothered about this, you may ask. But is it not a bad idea if your web apps end user, who happens to be in a cyber cafe, thinks he has logged out from your app and hence from his google account only to realize later that his google account had got hacked by some unworthy loser who just happened to notice that the one before him had not logged out from google and say.. changed his password!! Should i be paranoid? Isn't this a major security lapse while implementing the openid spec? Probably today someone can give me a workaround for this issue and the question is solved for me. But what about the others who have implemented openid in their apps and not implemented a workaround?

    Read the article

  • IAuthenticationRequest.RedirectToProvider is not supposed to return, yet it does

    - by ripper234
    The method DotNetOpenAuth.OpenId.RelyingParty.IAuthenticationRequest.RedirectToProvider() is documented never to return: Redirects the user agent to the provider for authentication. Execution of the current page terminates after this call. However, it does return under the latest implementation (3.4.3). I'm using the following code: using (var relayingParty = new OpenIdRelyingParty()) { var response = relayingParty.GetResponse(); if (response == null) { // Stage 2: user submitting Identifier var openId = Request.Form["openId"]; relayingParty.CreateRequest(openId).RedirectToProvider(); throw new Exception("Never gets here"); } ... } (The line with "Never gets here" is reached). I need to return an ActionResult from this method ... Is this a known bug? Is there a aorkaround? Should I return EmptyResult? As far as I understand this is a bug - I submitted it in the project issue tracker.

    Read the article

  • yahoo's attribute exchange -> blank data is coming

    - by Gaurav Sharma
    Hello everybody, I am trying to build openid login system for my website. To do this I used JanRain's php openid library v 2.1.3. I am also using openid selector to select the openid provider from the list. I first created the attributes array that I need to fetch from the provider as follows: $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/contact/email',2,1, 'email'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/first',1,1, 'firstname'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/last',1,1, 'lastname'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson',1,1, 'fullname'); $attribute[] = Auth_OpenID_AX_AttrInfo::make('http://axschema.org/namePerson/friendly',1,1, 'username'); $ax = new Auth_OpenID_AX_FetchRequest; foreach($attribute as $attr) { $ax-add($attr); } $auth_request-addExtension($ax); and in the finish_auth.php file I wrote this to fetch the attributes returned $ax = new Auth_OpenID_AX_FetchResponse(); $obj = $ax-fromSuccessResponse($response); Google gives me all the attributes requested but yahoo doesn't (as stated here that yahoo now supports attribute exchange). Is there any limitation set by yahoo on attribute exchange too. (they give limited websites access to sreg extension of openid). :( Please help me, I am stuck over here. Thanks

    Read the article

  • Can't log in: Error occurred while sending a direct message or getting the response

    - by Joshua Gitlin
    This belongs on Meta but I can't ask it there since, well, I can't log in :-) I'm unable to log into my account using my OpenID, josh.gitlin.name on either StackOverflow or Meta. The error message I receive after entering my OpenID on the login page and pressing "Login" is: Unable to log in with your OpenID provider: Error occurred while sending a direct message or getting the response My alternate OpenID hmblprogrammer.pip.verisignlabs.com doesn't work either. Anything I can try? (And is there any way this question can be associated with my account even though I'm not logged in?)

    Read the article

  • Unable to retrive open-id password wheras able to login via gmail only???

    - by diEcho
    Hello All, I have two OPEN-ID accounts referenced with same gmail address, now i forget one of my Open ID account's password and when i tried to recover my password then the mail sent by The MyOpen ID Team having second one open-id account's password change link whereas i need first one open-id password. i tries a lot of times to recover but each time mail having second open-id passord change link so what do i do to recover my first open-id password whereas i m able to login from that open-id via gmail account. i have mailed to open id teams many times already? but no answer?? how do i collect all open ID password reset link referencing same email address??

    Read the article

  • How does Windows LIve ID work?

    - by Morgan Cheng
    I happens to find this nice article explaining how OpenID works. Clearly, OpenID consumer and OpenID server transfer information through URL query string. I'm wondering how Live ID accomplish similar functionality. It seems the info is not exchanged through query string in URL. And, since Live ID login server have different domain name from consumer domain, it is not applicable to transfer info through cookie. I tried to google tutorial of Live ID, but the result is full of jargon and hard to understand. Is there any easy-to-understand tutorial about How Live ID works?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >