Hi Chandana, Please check whether we are shifting host name in this process, eg :- IP to Host or vice versa. If this is the problem we can avoid by using consistent host-name.
Anyway noticed that Chanaka solving this issue by not using session to store relaystate. Hope this will solve this problem. Regards, UdaraR On Tue, Oct 27, 2015 at 11:41 AM, Chandana Napagoda <[email protected]> wrote: > Hi Udara, > > I am not clicking on "Go to Store" link shown in the publisher. Steps I am > following are as below. > > - Go to Store URL and access it through anonymous mode. > - Then access the Publisher URL in a different tab of the same browser. > - Then log into Publisher app and navigate to Store app which was > already opened in a different tab. > - Click "Signin" link. > > Also, please note that same behavior works fine with G-Reg 5.0.1 and 5.0.0 > packs. > > Regards, > Chandana > > > On Mon, Oct 26, 2015 at 1:59 PM, Udara Rathnayake <[email protected]> wrote: > >> Hi All, >> >> As we understood this happens only when we navigate to the store via "Go >> to Store" link which is provided by GREG extensions. >> Problem here is you are initially logging in to the publisher using >> hostname "localhost" and then redirect to the store using IP. >> >> In publisher.json you have defined "storeUrl" : "%https.host%/store", >> you can avoid https.host and have it like "storeUrl" : "/store" >> >> So this is not due to any of the SSO related changes we have done >> recently(inorder to fix XSS/RFI issues). >> >> Regards, >> UdaraR >> >> >> On Sun, Oct 25, 2015 at 10:19 AM, Chandana Napagoda <[email protected]> >> wrote: >> >>> Hi Udara, >>> >>> Here are the steps to reproduce this issue: >>> >>> 1). Unzip G-Reg 5.1.0-SNAPSHOT pack an start it. >>> 2). Load Store and Publisher sites in the same browser, different tabs. >>> 3). Login to the publisher and perform some operations. >>> 4). Then navigate to Store tab and click on Signin link. Then a 500 >>> error page is displayed and an exception is thrown in the backend. >>> 5). After that change the URL to "http://localhost:9443/store"; which >>> shows in logged in view. >>> 6). Then click on the Signout link in the top right corner. Same 500 >>> error page is displayed and again an exception is thrown in the backend. >>> >>> Regards, >>> Chandana >>> >>> On Sat, Oct 24, 2015 at 10:17 AM, Udara Rathnayake <[email protected]> >>> wrote: >>> >>>> Hi Chandana, >>>> >>>> Had a look at this in a ES pack with all latest fixes done for >>>> (jaggeryapps + jaggery-extensions[1]), But haven't face such issue. Let me >>>> know the exact steps to reproduce. >>>> >>>> [1] >>>> https://github.com/wso2/jaggery-extensions/commit/6a572c32de0b4f2ab9a1e52a3b5c62af5f7294a6 >>>> >>>> Regards, >>>> UdaraR >>>> >>>> On Sat, Oct 24, 2015 at 9:32 AM, Chandana Napagoda <[email protected]> >>>> wrote: >>>> >>>>> Hi ES team, >>>>> >>>>> With the latest carbon store changes, we have noticed that if the very >>>>> first logged in user first access the publisher and then login to store >>>>> using SSO, an exception is logged. Further if user click on logout, again >>>>> another exception is logged. Is this errors occurring due to recent SSO >>>>> changes done in store side? >>>>> >>>>> Regards, >>>>> Chandana >>>>> >>>>> -- >>>>> *Chandana Napagoda* >>>>> Senior Software Engineer >>>>> WSO2 Inc. - http://wso2.org >>>>> >>>>> *Email : [email protected] <[email protected]>**Mobile : >>>>> +94718169299 <%2B94718169299>* >>>>> >>>>> *Blog : http://cnapagoda.blogspot.com >>>>> <http://cnapagoda.blogspot.com>* >>>>> >>>>> >>>> >>> >>> >>> -- >>> *Chandana Napagoda* >>> Senior Software Engineer >>> WSO2 Inc. - http://wso2.org >>> >>> *Email : [email protected] <[email protected]>**Mobile : +94718169299 >>> <%2B94718169299>* >>> >>> *Blog : http://cnapagoda.blogspot.com >>> <http://cnapagoda.blogspot.com>* >>> >>> >> > > > -- > *Chandana Napagoda* > Senior Software Engineer > WSO2 Inc. - http://wso2.org > > *Email : [email protected] <[email protected]>**Mobile : +94718169299 > <%2B94718169299>* > > *Blog : http://cnapagoda.blogspot.com <http://cnapagoda.blogspot.com>* > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
