I am okay with doing the http calls to ensure we dont have any broken links.
But if anything goes wrong because of the http calls (hostname verification error or any other exception) it shouldn't break the login page. On Friday, August 18, 2017, Isura Karunaratne <[email protected]> wrote: > Hi Malithi, > > On Fri, Aug 18, 2017 at 3:41 PM, Malithi Edirisinghe <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: > >> >> >> On Fri, Aug 18, 2017 at 12:31 PM, Nuwandi Wickramasinghe < >> [email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');>> >> wrote: >> >>> Looks like http calls are done to validate the endpoint url. Do we need >>> this validation before showing the link? >>> >>> Shall we remove these calls and directly show the hyper link? >>> >> >> So here the validation is done as we are invoking another webapp. So that >> this check make sure a broken link is never to be shown in this login page. >> Moreover, this is just a HEAD call so I don't think invoking that impacts >> the login page performance, because the actual page is not getting rendered >> here. >> The other thing is these webapps are coming from two features, so IMO, we >> cannot directly couple them together. >> > > Is that working correctly?. I think HEAD operation returns 200 OK for any > endpoint starting with https://localhost:9443. > > Thanks > Isura. > > >>> On Fri, Aug 18, 2017 at 11:54 AM, Farasath Ahamed <[email protected] >>> <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: >>> >>>> >>>> There is another complication here. We are not honouring the hostname >>>> verification settings set by Kernel when doing the backend call. >>>> Ideally, we should be using the common-http client if we are doing any >>>> backend https calls. >>>> >>>> >>>> Farasath Ahamed >>>> Software Engineer, WSO2 Inc.; http://wso2.com >>>> Mobile: +94777603866 >>>> Blog: blog.farazath.com >>>> Twitter: @farazath619 <https://twitter.com/farazath619> >>>> <http://wso2.com/signature> >>>> >>>> >>>> >>>> On Fri, Aug 18, 2017 at 11:45 AM, Gayan Gunawardana <[email protected] >>>> <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: >>>> >>>>> In IS 5.4.0-m2 SSO login page we can see couple of hyper links for >>>>> Forgot Password, Forgot Username, Register Now as below. >>>>> >>>>> >>>>> >>>>> Actually how it renders is >>>>> >>>>> <% >>>>> url = new URL(identityMgtEndpointContext + >>>>> "/recoverpassword.do?callback=" + Encode.forHtmlAttribute >>>>> (urlEncodedURL)); >>>>> httpURLConnection = (HttpURLConnection) >>>>> url.openConnection(); >>>>> httpURLConnection.setRequestMethod("HEAD"); >>>>> httpURLConnection.connect(); >>>>> if (httpURLConnection.getResponseCode() == >>>>> HttpURLConnection.HTTP_OK) { >>>>> %> >>>>> <a id="passwordRecoverLink" href="<%=url%>">Forgot Password >>>>> </a> >>>>> <br/><br/> >>>>> <% >>>>> } >>>>> >>>>> So every time when user goes to SSO login page need to send 3 http >>>>> requests to render 3 hyper links. Also if any of API raises back-end >>>>> exception, bad stack trace will be printed as below. >>>>> >>>>> WARN {org.apache.cxf.phase.PhaseInterceptorChain} - Application { >>>>> http://endpoint.recovery.identity.carbon.wso2.org/}ClaimsApi has >>>>> thrown exception, unwinding now >>>>> org.apache.cxf.interceptor.Fault >>>>> >>>>> Is there a better way to handle this situation ? >>>>> >>>>> Thanks, >>>>> Gayan >>>>> >>>>> -- >>>>> Gayan Gunawardana >>>>> Senior Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>> Email: [email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');> >>>>> Mobile: +94 (71) 8020933 >>>>> >>>> >>>> >>> >>> >>> -- >>> >>> Best Regards, >>> >>> Nuwandi Wickramasinghe >>> >>> Software Engineer >>> >>> WSO2 Inc. >>> >>> Web : http://wso2.com >>> >>> Mobile : 0719214873 >>> >> >> >> >> -- >> >> *Malithi Edirisinghe* >> Associate Technical Lead >> WSO2 Inc. >> >> Mobile : +94 (0) 718176807 >> [email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');> >> > > > > -- > > *Isura Dilhara Karunaratne* > Associate Technical Lead | WSO2 > Email: [email protected] <javascript:_e(%7B%7D,'cvml','[email protected]');> > Mob : +94 772 254 810 > Blog : http://isurad.blogspot.com/ > > > > -- Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
