users@glassfish.java.net

Re: OpenID for Web Apps?

From: <glassfish_at_javadesktop.org>
Date: Thu, 09 Oct 2008 14:41:05 PDT

Hi Ron,

now I make one step forward :-)
I compiled the opensso jsr196 module and deployed the jar successfully on my glassfish server.
I followed your configuration tips:
http://blogs.sun.com/enterprisetechtips/entry/adding_authentication_mechanisms_to_the

So I added the 'com.sun.security.sam.openid.OpenIDServerAuthModule' Class as my Message Security HttpServlet and named it 'OpenID'

Next I added the httpservlet-security-provider Attribute to my sun-web.xml
Now my sun-web.xml looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="" httpservlet-security-provider="OpenID">
        <context-root>/sywapp</context-root>
        <security-role-mapping>
                <role-name>org.imixs.ACCESSLEVEL.MANAGERACCESS</role-name>
                <principal-name>org.imixs.ACCESSLEVEL.MANAGERACCESS</principal-name>
        </security-role-mapping>
        <class-loader delegate="true" />
        <jsp-config>
                <property name="keepgenerated" value="true">
                        <description>Keep a copy of the generated servlet class java
                                code.</description>
                </property>
        </jsp-config>
</sun-web-app>

OK - Now when I open my application I see a Input Field where I can type in my openID Account url. This is great :-)
I tried to login with my "MyOpenID.com" Account name which is like "http://myaccountname.myopenid.com"

But after I submit the form I receive an Error 500 and get a SAXParseException :-(

This Exception happens in the 'parseOpenIDPage' of class com.sun.security.sam.openid.OpenIDServerAuthModule.
I changed the code and debugged it to find out what the site "myopenid.com" answers. And yes the response page form myopenid.com is a simple html page which tells me something like:

"..This is an OpenID Identity page. This user has chosen not to display any information on this page..."

nothing else. I understand the the xml parser is not sold on this html code.

So I fear I have to ask my next stupid question : the URL which I give to the OpenIDServerAuthModule seems not to be my "MyOpenID Account Name" e.g. "http://myaccount.openid.com" ?

What I expected was that I become redirected to a Login page on myOpenID.com. But this did not happen.
Can you help me on this point? I feel to be very near to hit my target.

Ralph
[Message sent by forum member 'rsoika' (rsoika)]

http://forums.java.net/jive/thread.jspa?messageID=304414
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.