Anyone have thoughts on this? Would really appreciate the help. Thanks, Dennis
On Thu, Sep 29, 2011 at 5:37 PM, Dennis Ju <[email protected]> wrote: > Hello, > > I want to allow viewers to approve OAuth tokens for pages where they are > not the owner. Basically, we have a requirement to allow users to view OAuth > gadgets on a shared page. > > I set "shindig.signing.viewer-access-tokens-enabled=true" in > shindig.properties "to allow the use of 3-legged OAuth tokens when viewer != > owner" (per the description). > > However, when the OAuth request is being made, I still get the error > "Client state belongs to a different person ...". > OAuthRequest.checkCanApprove() checks to see if the clientState owner is the > same as the page viewer, so even if I make the above change in > shindig.properties, I cannot approve access tokens. > > The description of checkCanApprove() says "At the moment we restrict this > to page owner's viewing their own pages." How do I > get shindig.signing.viewer-access-tokens-enabled=true to take effect? Or is > this not supported yet? > > Thanks! > Dennis > -- *Europe Symposium * October 18-19, 2011 Register today: www.liferay.com/Europe2011 *New!* Add Portal Admin Training Express<http://www.regonline.com/builder/site/Default.aspx?EventID=997653> --- *Spain Symposium *October 26-27, 2011 Register today: www.liferay.com/Spain2011* *
