On Fri, Aug 18, 2017 at 4:33 PM Malithi Edirisinghe <[email protected]> wrote:
> On Fri, Aug 18, 2017 at 4:02 PM, Isura Karunaratne <[email protected]> wrote: > >> Hi Malithi, >> >> On Fri, Aug 18, 2017 at 3:41 PM, Malithi Edirisinghe <[email protected]> >> wrote: >> >>> >>> >>> On Fri, Aug 18, 2017 at 12:31 PM, Nuwandi Wickramasinghe < >>> [email protected]> wrote: >>> >>>> Looks like http calls are done to validate the endpoint url. Do we need >>>> this validation before showing the link? >>>> >>>> Shall we remove these calls and directly show the hyper link? >>>> >>> >>> So here the validation is done as we are invoking another webapp. So >>> that this check make sure a broken link is never to be shown in this login >>> page. Moreover, this is just a HEAD call so I don't think invoking that >>> impacts the login page performance, because the actual page is not getting >>> rendered here. >>> The other thing is these webapps are coming from two features, so IMO, >>> we cannot directly couple them together. >>> >> >> Is that working correctly?. I think HEAD operation returns 200 OK for any >> endpoint starting with https://localhost:9443. >> > > How can that happen ? > Because carbon redirects invalid urls to main page. We call head on the URL right. Anyway, if it's not working we should fix. > >> >> Thanks >> Isura. >> >> >>>> On Fri, Aug 18, 2017 at 11:54 AM, Farasath Ahamed <[email protected]> >>>> wrote: >>>> >>>>> >>>>> There is another complication here. We are not honouring the hostname >>>>> verification settings set by Kernel when doing the backend call. >>>>> Ideally, we should be using the common-http client if we are doing any >>>>> backend https calls. >>>>> >>>>> >>>>> Farasath Ahamed >>>>> Software Engineer, WSO2 Inc.; http://wso2.com >>>>> Mobile: +94777603866 >>>>> Blog: blog.farazath.com >>>>> Twitter: @farazath619 <https://twitter.com/farazath619> >>>>> <http://wso2.com/signature> >>>>> >>>>> >>>>> >>>>> On Fri, Aug 18, 2017 at 11:45 AM, Gayan Gunawardana <[email protected]> >>>>> wrote: >>>>> >>>>>> In IS 5.4.0-m2 SSO login page we can see couple of hyper links for >>>>>> Forgot Password, Forgot Username, Register Now as below. >>>>>> >>>>>> >>>>>> >>>>>> Actually how it renders is >>>>>> >>>>>> <% >>>>>> url = new URL(identityMgtEndpointContext + >>>>>> "/recoverpassword.do?callback=" + Encode.forHtmlAttribute >>>>>> (urlEncodedURL)); >>>>>> httpURLConnection = (HttpURLConnection) >>>>>> url.openConnection(); >>>>>> httpURLConnection.setRequestMethod("HEAD"); >>>>>> httpURLConnection.connect(); >>>>>> if (httpURLConnection.getResponseCode() == >>>>>> HttpURLConnection.HTTP_OK) { >>>>>> %> >>>>>> <a id="passwordRecoverLink" href="<%=url%>">Forgot Password >>>>>> </a> >>>>>> <br/><br/> >>>>>> <% >>>>>> } >>>>>> >>>>>> So every time when user goes to SSO login page need to send 3 http >>>>>> requests to render 3 hyper links. Also if any of API raises back-end >>>>>> exception, bad stack trace will be printed as below. >>>>>> >>>>>> WARN {org.apache.cxf.phase.PhaseInterceptorChain} - Application { >>>>>> http://endpoint.recovery.identity.carbon.wso2.org/}ClaimsApi has >>>>>> thrown exception, unwinding now >>>>>> org.apache.cxf.interceptor.Fault >>>>>> >>>>>> Is there a better way to handle this situation ? >>>>>> >>>>>> Thanks, >>>>>> Gayan >>>>>> >>>>>> -- >>>>>> Gayan Gunawardana >>>>>> Senior Software Engineer; WSO2 Inc.; http://wso2.com/ >>>>>> Email: [email protected] >>>>>> Mobile: +94 (71) 8020933 >>>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> Best Regards, >>>> >>>> Nuwandi Wickramasinghe >>>> >>>> Software Engineer >>>> >>>> WSO2 Inc. >>>> >>>> Web : http://wso2.com >>>> >>>> Mobile : 0719214873 >>>> >>> >>> >>> >>> -- >>> >>> *Malithi Edirisinghe* >>> Associate Technical Lead >>> WSO2 Inc. >>> >>> Mobile : +94 (0) 718176807 >>> [email protected] >>> >> >> >> >> -- >> >> *Isura Dilhara Karunaratne* >> Associate Technical Lead | WSO2 >> Email: [email protected] >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > > > -- > > *Malithi Edirisinghe* > Associate Technical Lead > WSO2 Inc. > > Mobile : +94 (0) 718176807 > [email protected] > -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
