Hi Dave,
I've managed to make fields prefilling with user SREG attributes on the
user
registration page.
I'm going to tide up code a little bit, test it and create a new patch
in a
couple of days.
There are also some comments below.
Best regards,
Tatyana
On Sun, 10 Aug 2008 00:46:01 -0400
Dave <[EMAIL PROTECTED]> wrote:
> On Tue, Aug 5, 2008 at 7:32 AM, Tatyana V. Tokareva <[EMAIL PROTECTED]>
> wrote:
> > I've uploaded a second Roller-OpenID patch to the JIRA
> > https://issues.apache.org/roller/browse/ROL-1733
>
> Hi Tatyana,
>
> I reviewed the code yesterday, tried it out and my comments are below.
>
>
> > Here is the description of what has been done so far:
> > I've managed to make openid url an editable option for user.
> > I've also accounted of comments to the previous patch and made some
> changes
> > in the code.
>
> And you're using generic user attributes for storing each user's
> OpenID URI and have no OpenID specific methods, which is good.
>
> Here are a couple of comments about the new UI elements that you've added:
>
> - The OpenID user fields do not allow enough characters for a URL
> Make it size="40" maxlength="255"
>
> - The help text does not explain what to enter in the field, maybe
> this is better:
> "Your OpenID username in the form of a URL (optional)"
>
> - The OpenID UI elements should only be shown when OpenID is enabled
> Add a property to roller.properties so OpenID can be enabled/disabled:
>
> # Enable/disable OpenID (requires Spring Security, will not work with
> CMA)
> authentication.openid.enabled = false
>
> - The login page layout could use some work, but we can take care
> of that later.
I've made openid fields enabling/disabling and fixed fields sizes
>
>
> > When the new user is logging via openID url after successful login on the
> > provider's website he is redirected to the registration page (I had to
> > specify exception mappings in the security.xml to make it work) I want to
> > prefill fields on this page with data, retrieved from the openid provider
> > with help of Simple Registration Extension. It is not supported
> officially
> > in the spring security library yet, so I had to made it by myself.
> > By this moment they've created a patch in response to my issue ( jira
> > http://jira.springframework.org/browse/SEC-935 ) and I've switched to an
> > official version, but I had to change code a little bit to make the
> library
> > it working.
>
> I don't understand this part. Do we need new Spring Security jars to
> make the patch work? Or, is the new schema file enough?
>
Firstly, you need a spring-security-openid library, which is attached
to the
issue.
I've made a new one with the help of official patch from
http://jira.springframework.org/browse/SEC-935
The patch allows to retrive Simple Registration Extension user
attributes.
The schema file includes openid filter defenition and will be located
on the
spring security web site by the next release, but just for now you need
to
use a local copy.
You should specify file path in the security.xml
>
> > User attributes are saved in the OpenIDAuthenticationToken as a
> > User object and it's method getPrincipal() returns this object.
> > Right now I'm trying to find a way how to retrieve this object in the
> > Register action to prefill fields.
> > Could someone suggest the right approach?
>
> I don't know enough about OpenID4Java to make a suggestion here.
>
>
> > I also had to put an openid-specific code into the RollerSession - I
> can't
> > make up my mind right now how to get rid of it.
> > Also maybe it will be better to put user attributes list in some kind of
> > properties file. (right now this list is stored as an enumeration)
>
> I don't think we need to have a fixed list of property names,
> so I guess I don't think we need an enumeration or property.
>
This question is still actual for me.
Will it be better to add another one database table
to define all attribute names or just hardcode them?
>
> > Note if you are gonna use the patch you'll need to change the schema file
> > reference in the security.xml
> > ( http://jira.springframework.org/browse/SEC-927 )
>
> I tried that, but I'm running in to a problem on OpenID login
> I see this in the roller.log file.
>
> INFO 2008-08-09 23:04:11,792 HtmlResolver:discover - HTML discovery
> succeeded on: http://rollerweblogger.org/roller
> INFO 2008-08-09 23:04:11,793 Discovery:discover - Discovered 1 OpenID
> endpoints.
> INFO 2008-08-09 23:04:11,794 ConsumerManager:associate - Trying to
> associate with http://openid.claimid.com/server attempts left: 4
> INFO 2008-08-09 23:04:11,794 ConsumerManager:associate - Found an
> existing association.
> INFO 2008-08-09 23:04:11,794 ConsumerManager:associate - Trying to
> associate with http://openid.claimid.com/server attempts left: 4
> INFO 2008-08-09 23:04:11,795 ConsumerManager:associate - Found an
> existing association.
> INFO 2008-08-09 23:04:11,795 ConsumerManager:authenticate - Creating
> authentication request for OP-endpoint:
> http://openid.claimid.com/server claimedID:
> http://rollerweblogger.org/roller/ OP-specific ID:
> http://openid.claimid.com/snoopdave
> INFO 2008-08-09 23:04:11,796 RealmVerifier:match - Return URL:
> http://localhost:8080/roller/roller_j_openid_security_check matches
> realm: http://localhost:8080/roller/roller_j_openid_security_check
> ERROR 2008-08-09 23:04:11,806 RealmVerifier:validate - Discovery
> failed on realm:
> http://localhost:8080/roller/roller_j_openid_security_check
> org.openid4java.discovery.yadis.YadisException: 1798: GET failed on
> http://localhost:8080/roller/roller_j_openid_security_check
> at
>
org.openid4java.discovery.yadis.YadisResolver.getXrds(YadisResolver.java:295)
> at
>
org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:251)
> ...
> ERROR 2008-08-09 23:04:11,807
> OpenIDAuthenticationProcessingFilter:determineFailureUrl
> - Unable to consume claimedIdentity [http://rollerweblogger.org/roller]
> org.springframework.security.ui.openid.OpenIDConsumerException: Error
> processing ConumerManager authentication
> at
>
org.springframework.security.ui.openid.consumers.OpenID4JavaConsumer.beginConsumption(OpenID4JavaConsumer.java:83)
> at
>
org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter.determineFailureUrl(OpenIDAuthenticationProcessingFilter.java:107)
> ...
> Caused by: org.openid4java.message.MessageException: 769: Realm
> verification failed for:
> http://localhost:8080/roller/roller_j_openid_security_check
> at org.openid4java.message.AuthRequest.validate(AuthRequest.java:358)
> at
> org.openid4java.message.AuthRequest.createAuthRequest(AuthRequest.java:101)
> at
>
org.openid4java.consumer.ConsumerManager.authenticate(ConsumerManager.java:1000)
> at
>
org.openid4java.consumer.ConsumerManager.authenticate(ConsumerManager.java:937)
> at
>
org.springframework.security.ui.openid.consumers.OpenID4JavaConsumer.beginConsumption(OpenID4JavaConsumer.java:81)
> ... 35 more
>
> Could this be becuase I do not have the right Spring jars?
I can also attach openid specific libraries that I'm using now.
Actually, I've tried logging via my claimid account and I didn't meet
any
problems.
>
> - Dave
