Hello: Here are the two http conversations I've gathered between our SSO site and Google using MSIE and Firefox. When we use Firefox we get the start page without problems, but when we use MSIE we get a "Server Error" page; you know, the one which says: "We are unable to process your request at this time, please try again later.". We get the problem every time we try, and we've been trying it for a couple of weeks now with no change. I can also provide wireshark network packet traces if that would help.
I cannot point out any significant differences between the conversations. Please, we need help with this, since our SSO site has been down now for more than two weeks. MSIE Conversation: .shttps://gaemail.upr.edu/GAESSOWS/identity_provider.jsp? SAMLRequest=fZJPb9swDMXvA%2FodBN39L1uBQohdZC2KBmg3o3F32E2RaYeNLGmiFG %2Fffo7ToN1hvVLke79HcXn9e9DsAJ7QmpIXac4ZGGVbNH3Jn5u75IpfVxefliQH7cQqhp15gl8RKLBp0pCYH0oevRFWEpIwcgASQYnN6vFBLNJcOG %2BDVVZztr4t %2BYsyxnb91jmLPQ4o93vAl073atd2Gve7rWkdOuTsxxlrccRaE0VYGwrShKmU51dJvkiKvCm %2BiGIhPl%2F%2B5Kx %2BdfqK5pTgI6ztqYnEfdPUSf1908wCB2zBf5u6S95b22tIlR04WxGBDxPOjTUUB %2FAb8AdU8Pz0UPJdCI5Elo3jmL4NZTIbKY3ODym0MZOKjilqSYSHST34CLyaNyvmcP7dSj9Gl2cYXr3ZLbN3UtXrjx2DrG9rq1H9YSut7XjjQYazPbuzfpDh %2F25FWswVbJNubhXRkAOFHULLWVadXP89jelg%2FgI%3D&RelayState=https%3A%2F %2Fwww.google.com%2Fa%2Fws.uprm.edu%2FServiceLogin%3Fservice%3Dig %26passive%3Dtrue%26continue%3Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%252Fdefault%252Fpostlogin %253Fpid%253Dws.uprm.edu%2526url%253Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%26followup%3Dhttp%253A%252F %252Fpartnerpage.google.co m%252Fws.uprm.edu%252Fdefault%252Fpostlogin%253Fpid%253Dws.uprm.edu %2526url%253Dhttp%253A%252F%252Fpartnerpage.google.com%252Fws.uprm.edu %26cd%3DUS%26hl%3Den%26nui%3D1%26ltmpl%3Ddefault%26go%3Dtrue %26passgzip, deflate....EMozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322).....gaemail.upr.edu.....1225.... Cache-Control...no- cache....6JSESSIONID=3D10C181CE0CB220F163832AF6E550F2.workerWeb3... workerWeb3.. .4....SAMLRequest=fZJPb9swDMXvA %2FodBN39L1uBQohdZC2KBmg3o3F32E2RaYeNLGmiFG %2Fffo7ToN1hvVLke79HcXn9e9DsAJ7QmpIXac4ZGGVbNH3Jn5u75IpfVxefliQH7cQqhp15gl8RKLBp0pCYH0oevRFWEpIwcgASQYnN6vFBLNJcOG %2BDVVZztr4t %2BYsyxnb91jmLPQ4o93vAl073atd2Gve7rWkdOuTsxxlrccRaE0VYGwrShKmU51dJvkiKvCm %2BiGIhPl%2F%2B5Kx %2BdfqK5pTgI6ztqYnEfdPUSf1908wCB2zBf5u6S95b22tIlR04WxGBDxPOjTUUB %2FAb8AdU8Pz0UPJdCI5Elo3jmL4NZTIbKY3ODym0MZOKjilqSYSHST34CLyaNyvmcP7dSj9Gl2cYXr3ZLbN3UtXrjx2DrG9rq1H9YSut7XjjQYazPbuzfpDh %2F25FWswVbJNubhXRkAOFHULLWVadXP89jelg%2FgI%3D&RelayState=https%3A%2F %2Fwww.google.com%2Fa%2Fws.uprm.edu%2FServiceLogin%3Fservice%3Dig %26passive%3Dtrue%26continue%3Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%252Fdefault%252Fpostlogin %253Fpid%253Dws.uprm.edu%2526url%253Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%26followup%3Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%252Fdefault%252Fpostlogin %253Fpid%253Dws.uprm.edu%2526url%253Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%26cd%3DUS%26hl %3Den%26nui%3D1%26ltmpl%3Ddefault%26go%3Dtrue%26passive_sso %3Dtrue&returnPage=identity_provider.jsp&samlAction=Generate+SAML +Response&username=usuariodeprueba&password=password&samlButton=Someter +Credenciales AB.K.....OK.....Content-Type...text/html;charset=UTF-8...Content- Length...4816. AB.....<!-- Copyright (C) 2006 Google Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Portal de Servicios Electrónicos - Universidad de Puerto Rico</title> <meta content="noindex,nofollow" name="robots"> <style type="text/css"><!-- body {background-color: #ffffff} body,td,div,p,a,font,span {font-family: arial,sans-serif} body {margin-top:2} .c {width: 4; height: 4} .bubble {background-color:#C3D9FF} .tl {padding: 0; width: 4; text-align: left; vertical-align: top} .tr {padding: 0; width: 4; text-align: right; vertical-align: top} .bl {padding: 0; width: 4; text-align: left; vertical-align: bottom} .br {padding: 0; width: 4; text-align: right; vertical-align: bottom} .x {background-color: #ddf8cc; border: solid 1px #80c65a; padding: 15px; margin: 0 15px 0 0; text-align: center;} .x, .x td {font-size: 80%} .x table {margin: 0px; text-align: left;} .x p {text-align: left;} .x h2 {margin:0 0 0 0;font-weight: bold; font-size: 120%;} .errormsg {color: #cc0000} --> </style> </head> <body onload="document.acsForm.submit();"> <form name="acsForm" action="https://www.google.com/a/ws.uprm.edu/ acs" method="post" > <!-- target="_blank"> --> <div style="display: none"> <textarea rows=10 cols=80 name="SAMLResponse"><?xml version="1.0" encoding="UTF-8"?> <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xenc= "http://www.w3.org/2001/04/xmlenc#"; ID="ilcglaeojeldecjngebelpgjcoilpfonecpmbhgo" IssueInstant="2008-02-10T10:13:24Z" Version="2.0">.<Signature xmlns="http://www.w3.org/2000/09/ xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http:// www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" / ><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa- sha1" /><Reference URI=""><Transforms><Transform Algorithm="http:// www.w3.org/2000/09/xmldsig#enveloped-signature" /></ Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/ xmldsig#sha1" /><DigestValue>8Q+EfCZdUe5ILP3drpl9wbzShHg=</ DigestValue></Reference></ SignedInfo><SignatureValue>nQCRIWXqlWQvziMU33jO +AxxhaYRr31qwXPWLOFxpkzGxtEkSK6YWg==</ SignatureValue><KeyInfo><KeyValue><DSAKeyValue><P>r5Swl0VTgqkZSKUQoeILhNyEZs9Ot8hQgiNuJeI6cFro +5/jBP8KDCByq5MkIzqZZxqGZPKc1GZC 9QTxM qPYOXiShREalv45a4kb6sRGTluh8YpSfskPRMWT77yp7KqGKZbSqHlw +FKXraAgzjV7RXCn OU14Uun5Ac9R7QSPIls=</P><Q>p3nhx7XegMkLDaySZ3VhakAsEqk=</ Q><G>QFJ1EaupSqYDMPz4vzknUFZziiYGGZN7+R2ZqTsooVmNxVf+A39v +8aFnh6Ny6w9rveOSXjYYAAL oejZTqDCPRtnHnW7g4Rp2DktGA47T8ou/ LOt7MOhtFJSjYUrejxaQLFK35A35sv9pbjF5tCWICe8 rgawabXh6AvzvOa4/Z8=</G><Y>UTQsust9OOU26ypSLU9/ sljpyZ9IBrJXVrfgfDMICpxf4hAFVt5CswvJ/CBgy91YjhXMOCdcveJ2 D2NnevIBRxlU6zLwQB035ec0M2Ctnm9llyVK7Gea3KdYwtgfLyMVFMwXIg6fxjAoimUA4OlOfFpY 65fD6fbwPtGoN0pTeYw=</Y></DSAKeyValue></KeyValue></KeyInfo></ Signature><samlp:Status>..<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />.</ samlp:Status>.<Assertion ID="pijheengoinjgjoljpfigngnhbhnejomholckgdl" IssueInstant="2003-04-17T00:46:02Z" Version="2.0">..<Issuer>https:// www.opensaml.org/IDP..</Issuer>..<Subject>...<NameID Format="urn:oasis:names:tc:SAML:2.0:nameid- format:emailAddress">....usuariodeprueba...</ NameID>...<SubjectConfirmation Method="urn:oasis:names:tc:SAML: 2.0:cm:bearer" />..</Subject>..<Conditions Not Before="2003-04-17T00:46:02Z" NotOnOrAfter="2008-04-17T00:51:02Z">..</ Conditions>..<AuthnStatement AuthnInstant="2008-02-10T10:13:24Z">...<AuthnContext>....<AuthnContextClassRef>.....urn:oasis:names:tc:SAML: 2.0:ac:classes:Password....</AuthnContextClassRef>...</ AuthnContext>..</AuthnStatement>.</Assertion></samlp:Response> </textarea> <textarea rows=10 cols=80 name="RelayState">https:// www.google.com/a/ws. uprm.edu/ServiceLogin?service=ig&passive=true&continue=http%3A%2F %2Fpartnerpage.google.com%2Fws.uprm.edu%2Fdefault%2Fpostlogin%3Fpid %3Dws.uprm.edu%26url%3Dhttp%3A%2F%2Fpartnerpage.google.com %2Fws.uprm.edu&followup=http%3A%2F%2Fpartnerpage.google.com %2Fws.uprm.edu%2Fdefault%2Fpostlogin%3Fpid%3Dws.uprm.edu%26url%3Dhttp %3A%2F%2Fpartnerpage.google.com %2Fws.uprm.edu&cd=US&hl=en&nui=1<mpl=default&go=true&passive_sso=true</ textarea> </div> </form> </body> </html>.AB.... FFox Conversation: .4......HTTP/1.1.../GAESSOWS/SAMLResponseServlet... 67.206.215.228.....gaemail.upr.edu..........gaemail.upr.edu....dMozilla/ 5.0 (X11; U; Linux i686; en-US; rv:1.8.1.11) Gecko/20061201 Firefox/ 2.0.0.11 (Ubuntu-feisty)....ctext/xml,application/xml,application/xhtml +xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5.....en- us,en;q=0.5.....gzip,deflate.....ISO-8859-1,utf-8;q=0.7,*;q=0.7.. Keep-Alive...300.... .yhttps://gaemail.upr.edu/GAESSOWS/identity_provider.jsp? SAMLRequest=fZLLTsMwEEX3SPyD5X1eRRXIaoIKCFGJR0RTFuxcZ9q4%2BBE8dgN %2FT5pSAQu6Hc%2Fce %2B54JpcfWpEtOJTW5DSLU0rACFtLs87porqNLuhlcXoyQa5Vy6bBN%2BYZ3gOgJ %2F2kQTY85DQ4wyxHicxwDci8YPPpwz0bxSlrnfVWWEXJ7CanalO %2FabPiG95smqU2wPmykYaLpuVKi3W9WsJb3VhKXg5Yox3WDDHAzKDnxvelNL2I0lGUpVV2xsbnbDx %2BpaT8drqSZp%2FgGNZy34TsrqrKqHyaV4PAVtbgHvvunK6tXSuIhdWUTBHB %2BR7n2hoMGtwc3FYKWDzf57TxvkWWJF3XxT9DCU86jEPrdAx1SLjAXYqSI8ptr %2B5dAFoMm2VDOPdrpcfR%2BQGGFj92k%2BSXVPH9Y7sgs5vSKik %2ByVQp21074P5gT26t09z%2F75bF2VCRdbQaWlkw2IKQKwk1JUmxd%2F17Gv3BfAE %3D&RelayState=https% 3A%2F%2Fwww.google.com%2Fa%2Fws.uprm.edu%2FServiceLogin%3Fservice%3Dig %26passive%3Dtrue%26continue%3Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%252Fdefault%252Fpostlogin %253Fpid%253Dws.uprm.edu%2526url%253Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%26followup%3Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%252Fdefault%252Fpostlogin %253Fpid%253Dws.uprm.edu%2526url%253Dhttp%253A%25 2F%252Fpartnerpage.google.com%252Fws.uprm.edu%26cd%3DUS%26hl%3Den%26nui %3D1%26ltmpl%3Ddefault%26go%3Dtrue%26passive_sso%3Dtrue.... 6JSESSIONID=8391D1F54960A05A113CDCAEBEEA2A3F.workerWeb3....! application/x-www-form-urlencoded.....1231... workerWeb3.. .4....SAMLRequest=fZLLTsMwEEX3SPyD5X1eRRXIaoIKCFGJR0RTFuxcZ9q4%2BBE8dgN %2FT5pSAQu6Hc%2Fce %2B54JpcfWpEtOJTW5DSLU0rACFtLs87porqNLuhlcXoyQa5Vy6bBN%2BYZ3gOgJ %2F2kQTY85DQ4wyxHicxwDci8YPPpwz0bxSlrnfVWWEXJ7CanalO %2FabPiG95smqU2wPmykYaLpuVKi3W9WsJb3VhKXg5Yox3WDDHAzKDnxvelNL2I0lGUpVV2xsbnbDx %2BpaT8drqSZp%2FgGNZy34TsrqrKqHyaV4PAVtbgHvvunK6tXSuIhdWUTBHB %2BR7n2hoMGtwc3FYKWDzf57TxvkWWJF3XxT9DCU86jEPrdAx1SLjAXYqSI8ptr %2B5dAFoMm2VDOPdrpcfR%2BQGGFj92k%2BSXVPH9Y7sgs5vSKik %2ByVQp21074P5gT26t09z%2F75bF2VCRdbQaWlkw2IKQKwk1JUmxd%2F17Gv3BfAE %3D&RelayState=https%3A%2F%2Fwww.google.com%2Fa%2Fws.uprm.edu %2FServiceLogin%3Fservice%3Dig%26passive%3Dtrue%26continue%3Dhttp%253A %252F%252Fpartnerpage.google.com%252Fws.uprm.edu%252Fdefault %252Fpostlogin%253Fpid%253Dws.uprm.edu%2526url%253Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%26followup%3Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%252Fdefault%252Fpostlogin %253Fpid%253Dws.uprm.edu%2526url%253Dhttp%253A%252F %252Fpartnerpage.google.com%252Fws.uprm.edu%26cd%3DU S%26hl%3Den%26nui%3D1%26ltmpl%3Ddefault%26go%3Dtrue%26passive_sso %3Dtrue&returnPage=identity_provider.jsp&samlAction=Generate+SAML +Response&username=usuariodeprueba&password=password&samlButton=Someter +Credenciales AB.K.....OK.....Content-Type...text/html;charset=UTF-8...Content- Length...4816. AB.....<!-- Copyright (C) 2006 Google Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>Portal de Servicios Electrónicos - Universidad de Puerto Rico</title> <meta content="noindex,nofollow" name="robots"> <style type="text/css"><!-- body {background-color: #ffffff} body,td,div,p,a,font,span {font-family: arial,sans-serif} body {margin-top:2} .c {width: 4; height: 4} .bubble {background-color:#C3D9FF} .tl {padding: 0; width: 4; text-align: left; vertical-align: top} .tr {padding: 0; width: 4; text-align: right; vertical-align: top} .bl {padding: 0; width: 4; text-align: left; vertical-align: bottom} .br {padding: 0; width: 4; text-align: right; vertical-align: bottom} .x {background-color: #ddf8cc; border: solid 1px #80c65a; padding: 15px; margin: 0 15px 0 0; text-align: center;} .x, .x td {font-size: 80%} .x table {margin: 0px; text-align: left;} .x p {text-align: left;} .x h2 {margin:0 0 0 0;font-weight: bold; font-size: 120%;} .errormsg {color: #cc0000} --> </style> </head> <body onload="document.acsForm.submit();"> <form name="acsForm" action="https://www.google.com/a/ws.uprm.edu/ acs" method="post" > <!-- target="_blank"> --> <div style="display: none"> <textarea rows=10 cols=80 name="SAMLResponse"><?xml version="1.0" encoding="UTF-8"?> <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xenc="http:// www.w3.org/2001/04/xmlenc#" ID="kidjnkiljnenmabhkmehgbhblgmoepfklhcbalbm" IssueInstant="2008-02-10T10:00:55Z" Version="2.0">.<Signature xmlns="http://www.w3.org/2000/09/ xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http:// www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" / ><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa- sha1" /><Reference URI=""><Transforms><Transform Algorithm=" http://www.w3.org/2000/09/xmldsig#enveloped-signature"; /></ Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/ xmldsig#sha1" /><DigestValue>7WL8vDxN+uT2Yzo8wQ4ZOUiiVGc=</ DigestValue></Reference></SignedInfo><SignatureValue>L +XA2gSfumoSnBC27e9pri5TCVxTYr3FyPc5urPz0Pkn0fLVS/w8Ew==</ SignatureValue><KeyInfo><KeyValue><DSAKeyValue><P>r5Swl0VTgqkZSKUQoeILhNyEZs9Ot8hQgiNuJeI6cFro +5/jBP8KDCByq5MkIzqZZxqGZPKc1GZC 9QTxMqPYOXiShREalv45a4kb6sRGTluh8YpSfskPRMWT77yp7KqGKZbSqHlw +FKXraAgzjV7RXCn OU14Uun5Ac9R7QSPIls=</P><Q>p3nhx7XegMkLDaySZ3VhakAsEqk=</ Q><G>QFJ1EaupSqYDMPz4vzknUFZziiYGGZN7+R2ZqTsooVmNxVf+A39v +8aFnh6Ny6w9rveOSXjYYAAL oejZTqDCPRtnHnW7g4Rp2DktGA47T8ou/ LOt7MOhtFJSjYUrejxaQLFK35A35sv9pbjF5tCWICe8 rgawabXh6AvzvOa4/Z8=</G><Y>UTQsust9OOU26ypSLU9/ sljpyZ9IBrJXVrfgfDMICpxf4hAFVt5CswvJ/CBgy91YjhXMOCdcveJ2 D2NnevIBRxlU6zLwQB035ec0M2Ctnm9llyVK7Gea3KdYwtgfLyMVFMwXIg6fxjAoimUA4OlOfFpY 65fD6fbwPtGoN0pTeYw=</Y></DSAKeyValue></KeyValue></KeyInfo></ Signature><samlp:Status>..<samlp:StatusCode Value="urn:oasis:name s:tc:SAML:2.0:status:Success" />.</samlp:Status>.<Assertion ID="gmjfaonhggaojbccnfmlcpficpfeblobhebdnbjm" IssueInstant="2003-04-17T00:46:02Z" Version="2.0">..<Issuer>https:// www.opensaml.org/IDP..</Issuer>..<Subject>...<NameID Format="urn:oasis:names:tc:SAML:2.0:nameid- format:emailAddress">....usuariodeprueba...</ NameID>...<SubjectConfirmation Method="urn:oasis:names:tc:SAML: 2.0:cm:bearer" />..</Subject>..<Conditions NotBefore="2003-04-17T00:46:02Z" NotOnOrAfter="2008-04-17T00:51:02Z">..</Conditions>..<AuthnStatement AuthnInstant="2008-02-10T10:00:55Z">...<AuthnContext>....<AuthnContextClassRef>.....urn:oasis:names:tc:SAML: 2.0:ac:classes:Password....</AuthnContextClassRef>...</ AuthnContext>..</AuthnStatement>.</Assertion></samlp:Response> </textarea> <textarea rows=10 cols=80 name="RelayState">https:// www.google.com/a/ws. uprm.edu/ServiceLogin?service=ig&passive=true&continue=http%3A%2F %2Fpartnerpage.google.com%2Fws.uprm.edu%2Fdefault%2Fpostlogin%3Fpid %3Dws.uprm.edu%26url%3Dhttp%3A%2F%2Fpartnerpage.google.com %2Fws.uprm.edu&followup=http%3A%2F%2Fpartnerpage.google.com %2Fws.uprm.edu%2Fdefault%2Fpostlogin%3Fpid%3Dws.uprm.edu%26url%3Dhttp %3A%2F%2Fpartnerpage.google.com %2Fws.uprm.edu&cd=US&hl=en&nui=1<mpl=default&go=true&passive_sso=true</ textarea> </div> </form> </body> </html>.AB.... --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
