Hi Abbas, No problem -- it's good news that your time is synchronized.
In step #3, where the user grants access to your site-- have you verified that 'secure=0' is passed in the URL and the page does not contain the yellow warning box? Also, what version of the Java Client library are you using? Can you send me an example Authorization header which it is generating? (with the token value changed, of course). This header should include the URL for the feed (it's fine if you want to obfuscate the particular calendar.. I'm just looking for as much information as possible so that I can recreate the issue you're experiencing) I'm not aware of any others having issues using secured authsub from the java client library, but I'll gladly look into this further so we can find a solution for you. Cheers, -Ryan On 3/6/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > Hi Ryan, > > Thanks for your time and help. My server is synchronized with an NTP > server. Is there anything else that I can look for? > > Cheers, > Abbas > > On Mar 6, 11:08 am, "Ryan Boyd (Google)" <[EMAIL PROTECTED]> wrote: > > Hi Abbas, > > > > Your process looks good. Can you please check the date/time setting on > your > > server? Is it synchronized to some good NTP servers? If you are using > the > > client library, this is probably the biggest problem that would not be > > code-dependent. A timestamp is part of the signature and, if far off, > you > > will get a 401. > > > > Cheers, > > > > -Ryan > > > > On 3/6/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > > > > > > > > Hi All, > > > > > I am trying to request a secure session token for the calender feed. > > > My request returns a 'Signature is invalid' exception. Here is what I > > > did. > > > > > 1. Registered my webapp online with a .pem certificate. > > > 2. User logged into my webapp and got redirected to authsub page. > > > 3. User grants access and my webapp gets a single use token. > > > 4. The webapp makes an api call through gdata java client library to > > > get the secure token: AuthSubUtil.exchangeForSessionToken(token, > > > privKey). The private key is passed to the gdata library for signing > > > the request. I checked the auth header to see if all the required data > > > is present and all seemed to be good. > > > 5. The service responds with the following exception. > > > com.google.gdata.util.AuthenticationException: 401: Signature is > > > invalid > > > at > > > com.google.gdata.client.http.AuthSubUtil.exchangeForSessionToken > (Unknown > > > Source) > > > at > > > com.google.gdata.client.http.AuthSubUtil.exchangeForSessionToken > (Unknown > > > Source) > > > > > Did anybody face such an issue? Appreciate any help. > > > > > Thanks, > > > Abbas > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Calendar Data API" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-calendar-help-dataapi?hl=en -~----------~----~----~----~------~----~------~--~---
