On Tue, Aug 23, 2016 at 4:14 PM, Biruntha Gnaneswaran <birun...@wso2.com> wrote:
> Hi, > > I created jira [1] and fixed in [2]. > > @ IS team please verify and merge. > > [1] - https://wso2.org/jira/browse/IDENTITY-5027 > > [2] - https://github.com/wso2/carbon-identity/pull/1748 > > Thanks, > > Biruntha > > Associate Software Engineer > WSO2 > Email : birun...@wso2.com > Linkedin : https://lk.linkedin.com/in/biruntha > Mobile : +94773718986 > > On Tue, Aug 23, 2016 at 6:05 AM, Malaka Silva <mal...@wso2.com> wrote: > >> Hi Biruntha, >> >> Good investigation on this matter. However we are not sure the impact of >> this change. Can you create a jira [1] and add the PR so that IS team can >> verify this in coming releases? >> >> [1] https://wso2.org/jira/browse/IDENTITY >> >> On Mon, Aug 22, 2016 at 6:04 PM, Biruntha Gnaneswaran <birun...@wso2.com> >> wrote: >> >>> Hi All, >>> >>> While posting a form from Mepin Authenticator to Authentication >>> endpoint, [1] will be executed. So it goes to [2]. From that method, it >>> only support for url redirecting not support for form posting. So, I >>> replace the logic [3] by [4]. Now it is working fine .So, To support post >>> request in authentication endpoint, we need to modify sso-saml module. >>> >>> [1] - https://github.com/wso2/carbon-identity/blob/master/componen >>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSe >>> rvlet.java#L157-#L161 >>> >>> [2] - https://github.com/wso2/carbon-identity/blob/master/componen >>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSe >>> rvlet.java#L980 >>> >>> [3] - https://github.com/wso2/carbon-identity/blob/master/componen >>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSe >>> rvlet.java#L992 >>> >>> [4] - https://github.com/wso2/carbon-identity/blob/master/componen >>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSe >>> rvlet.java#L1031-#L1035 >>> >>> >>> Thanks, >>> >>> Biruntha >>> >>> Associate Software Engineer >>> WSO2 >>> Email : birun...@wso2.com >>> Linkedin : https://lk.linkedin.com/in/biruntha >>> Mobile : +94773718986 >>> >>> On Fri, Aug 12, 2016 at 10:18 PM, Biruntha Gnaneswaran < >>> birun...@wso2.com> wrote: >>> >>>> Hi All, >>>> >>>> >>>> To solve the issue in $subject, i tried to post a html form from >>>> Authenticator to mepin.jsp using [1]. But still i couldn't solve that >>>> issue. It's again redirected to [2]. >>>> Can anyone help me to solve this issue? >>>> >>>> [1] >>>> >>>> response.setContentType(*"text/html"*);java.io.PrintWriter out = >>>> response.getWriter(); >>>> out.println(*"<html><head>"*);out.println(*"</head><body>"*);out.println(*"<form >>>> name=**\"**loginform**\"* *method=**\"**post**\"* >>>> *action=**\"**/mepinauthenticationendpoint/mepin.jsp**\"**>"*);out.println(*"<input >>>> type=**\"**hidden**\"* *id=**\"**param1**\"* *name=**\"**param1**\"* >>>> *value=**\"**"*+param1+*"**\"**/>"*);out.println(*"<input >>>> type=**\"**hidden**\"* *id=**\"**param2**\"* *name=**\"**param2**\"* >>>> *value=**\"**"*+param2+*"**\"**/>"*);out.println(*"</form></body></html>"*); >>>> >>>> [2] https://localhost:9443/samlsso >>>> >>>> Thanks, >>>> >>>> Biruntha >>>> >>>> Associate Software Engineer >>>> WSO2 >>>> Email : birun...@wso2.com >>>> Linkedin : https://lk.linkedin.com/in/biruntha >>>> Mobile : +94773718986 >>>> >>>> On Fri, Jul 29, 2016 at 11:46 PM, Biruntha Gnaneswaran < >>>> birun...@wso2.com> wrote: >>>> >>>>> Hi Devs, >>>>> >>>>> In Mepin authenticator, some URL parameters are send to Mepin UI page >>>>> using GET method [1]. When I try to send these parameters via POST method >>>>> using HttpURLConnection class [2], it redirects to [3] not to the >>>>> actual Mepin UI page. While I try, I got the following Log . >>>>> >>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler} >>>>> - In authentication flow >>>>> >>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>> - Executing the Step Based Authentication... >>>>> >>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>> - Starting Step: 1 >>>>> >>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.util.FrameworkUtils} - Finding >>>>> already authenticated IdPs of the Step >>>>> >>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>> - Receive a response from the external party >>>>> >>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>> - BasicAuthenticator can handle the request. >>>>> >>>>> [2016-07-29 23:30:00,929] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>> - BasicAuthenticator returned: SUCCESS_COMPLETED >>>>> >>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>> - Step 1 is completed. Going to get the next one. >>>>> >>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>> - Starting Step: 2 >>>>> >>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.util.FrameworkUtils} - Finding >>>>> already authenticated IdPs of the Step >>>>> >>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>> - Step contains only a single IdP. Going to call it directly >>>>> >>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.config.ConfigurationFacade} - Trying >>>>> to find the IdP for name: mepin >>>>> >>>>> [2016-07-29 23:30:00,934] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.config.ConfigurationFacade} - A >>>>> registered IdP was found >>>>> >>>>> [2016-07-29 23:30:03,520] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>> - MePINAuthenticator returned: INCOMPLETE >>>>> >>>>> [2016-07-29 23:30:03,521] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>> - MePINAuthenticator is redirecting >>>>> >>>>> [2016-07-29 23:30:03,521] DEBUG {org.wso2.carbon.identity.appl >>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>> - Step is not complete yet. Redirecting to outside. >>>>> >>>>> >>>>> So, I had offline chat with Dulanja. He said that it is not a direct >>>>> method when using POST method. POST method is not really needed. >>>>> Because, even facebook authenticator uses GET method to send URL >>>>> parameters. And also he give some suggestion, >>>>> >>>>> - >>>>> >>>>> For example, To send parameter called username, instead of using >>>>> username as a name we can use “a” or “A” so from outside it can’t >>>>> be guess. >>>>> - >>>>> >>>>> From java class , send as HTML body. While on submitting, need to >>>>> get url parameters. >>>>> >>>>> @ Dulanja, Please add If I miss anything. >>>>> >>>>> >>>>> Your comments and suggestions are highly appreciated. >>>>> >>>>> [1] >>>>> *https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-#L116* >>>>> <https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-%23L116> >>>>> >>>>> [2] http://stackoverflow.com/questions/4205980/java-sending-http >>>>> -parameters-via-post-method-easily >>>>> >>>>> [3] https://localhost:9443/samlsso >>>>> >>>>> >>>>> Thanks, >>>>> >>>>> >>>>> Biruntha >>>>> >>>>> Associate Software Engineer >>>>> WSO2 >>>>> Email : birun...@wso2.com >>>>> Linkedin : https://lk.linkedin.com/in/biruntha >>>>> Mobile : +94773718986 >>>>> >>>> >>>> >>> >> >> >> -- >> >> Best Regards, >> >> Malaka Silva >> Senior Technical Lead >> M: +94 777 219 791 >> Tel : 94 11 214 5345 >> Fax :94 11 2145300 >> Skype : malaka.sampath.silva >> LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 >> Blog : http://mrmalakasilva.blogspot.com/ >> >> WSO2, Inc. >> lean . enterprise . middleware >> https://wso2.com/signature >> http://www.wso2.com/about/team/malaka-silva/ >> <http://wso2.com/about/team/malaka-silva/> >> https://store.wso2.com/store/ >> >> Don't make Trees rare, we should keep them with care >> > > -- Thanks & Regards, *Johann Dilantha Nallathamby* Technical Lead & Product Lead of WSO2 Identity Server Governance Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev