Hi Devs,
In Mepin authenticator, some URL parameters are send to Mepin UI page using
GET method [1]. When I try to send these parameters via POST method
using HttpURLConnection
class [2], it redirects to [3] not to the actual Mepin UI page. While I
try, I got the following Log .
[2016-07-29 23:30:00,903] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler}
- In authentication flow
[2016-07-29 23:30:00,903] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Executing the Step Based Authentication...
[2016-07-29 23:30:00,903] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Starting Step: 1
[2016-07-29 23:30:00,903] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils}
- Finding already authenticated IdPs of the Step
[2016-07-29 23:30:00,903] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- Receive a response from the external party
[2016-07-29 23:30:00,903] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- BasicAuthenticator can handle the request.
[2016-07-29 23:30:00,929] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- BasicAuthenticator returned: SUCCESS_COMPLETED
[2016-07-29 23:30:00,930] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Step 1 is completed. Going to get the next one.
[2016-07-29 23:30:00,930] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Starting Step: 2
[2016-07-29 23:30:00,930] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils}
- Finding already authenticated IdPs of the Step
[2016-07-29 23:30:00,930] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- Step contains only a single IdP. Going to call it directly
[2016-07-29 23:30:00,930] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade}
- Trying to find the IdP for name: mepin
[2016-07-29 23:30:00,934] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade}
- A registered IdP was found
[2016-07-29 23:30:03,520] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- MePINAuthenticator returned: INCOMPLETE
[2016-07-29 23:30:03,521] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- MePINAuthenticator is redirecting
[2016-07-29 23:30:03,521] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Step is not complete yet. Redirecting to outside.
So, I had offline chat with Dulanja. He said that it is not a direct method
when using POST method. POST method is not really needed. Because, even
facebook authenticator uses GET method to send URL parameters. And also he
give some suggestion,
-
For example, To send parameter called username, instead of using
username as a name we can use “a” or “A” so from outside it can’t be
guess.
-
From java class , send as HTML body. While on submitting, need to get
url parameters.
@ Dulanja, Please add If I miss anything.
Your comments and suggestions are highly appreciated.
[1]
*https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-#L116*
<https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-%23L116>
[2]
http://stackoverflow.com/questions/4205980/java-sending-http-parameters-via-post-method-easily
[3] https://localhost:9443/samlsso
Thanks,
Biruntha
Associate Software Engineer
WSO2
Email : birun...@wso2.com
Linkedin : https://lk.linkedin.com/in/biruntha
Mobile : +94773718986
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
