Hi All, While posting a form from Mepin Authenticator to Authentication endpoint, [1] will be executed. So it goes to [2]. From that method, it only support for url redirecting not support for form posting. So, I replace the logic [3] by [4]. Now it is working fine .So, To support post request in authentication endpoint, we need to modify sso-saml module.
[1] - https://github.com/wso2/carbon-identity/blob/master/components/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderServlet.java#L157-#L161 [2] - https://github.com/wso2/carbon-identity/blob/master/components/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderServlet.java#L980 [3] - https://github.com/wso2/carbon-identity/blob/master/components/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderServlet.java#L992 [4] - https://github.com/wso2/carbon-identity/blob/master/components/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderServlet.java#L1031-#L1035 Thanks, Biruntha Associate Software Engineer WSO2 Email : [email protected] Linkedin : https://lk.linkedin.com/in/biruntha Mobile : +94773718986 On Fri, Aug 12, 2016 at 10:18 PM, Biruntha Gnaneswaran <[email protected]> wrote: > Hi All, > > > To solve the issue in $subject, i tried to post a html form from > Authenticator to mepin.jsp using [1]. But still i couldn't solve that > issue. It's again redirected to [2]. > Can anyone help me to solve this issue? > > [1] > > response.setContentType(*"text/html"*);java.io.PrintWriter out = > response.getWriter(); > out.println(*"<html><head>"*);out.println(*"</head><body>"*);out.println(*"<form > name=**\"**loginform**\"* *method=**\"**post**\"* > *action=**\"**/mepinauthenticationendpoint/mepin.jsp**\"**>"*);out.println(*"<input > type=**\"**hidden**\"* *id=**\"**param1**\"* *name=**\"**param1**\"* > *value=**\"**"*+param1+*"**\"**/>"*);out.println(*"<input > type=**\"**hidden**\"* *id=**\"**param2**\"* *name=**\"**param2**\"* > *value=**\"**"*+param2+*"**\"**/>"*);out.println(*"</form></body></html>"*); > > [2] https://localhost:9443/samlsso > > Thanks, > > Biruntha > > Associate Software Engineer > WSO2 > Email : [email protected] > Linkedin : https://lk.linkedin.com/in/biruntha > Mobile : +94773718986 > > On Fri, Jul 29, 2016 at 11:46 PM, Biruntha Gnaneswaran <[email protected]> > wrote: > >> Hi Devs, >> >> In Mepin authenticator, some URL parameters are send to Mepin UI page >> using GET method [1]. When I try to send these parameters via POST method >> using HttpURLConnection class [2], it redirects to [3] not to the actual >> Mepin UI page. While I try, I got the following Log . >> >> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler} >> - In authentication flow >> >> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >> - Executing the Step Based Authentication... >> >> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >> - Starting Step: 1 >> >> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.util.FrameworkUtils} - Finding already >> authenticated IdPs of the Step >> >> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.step.impl.DefaultStepHandler} - >> Receive a response from the external party >> >> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.step.impl.DefaultStepHandler} - >> BasicAuthenticator can handle the request. >> >> [2016-07-29 23:30:00,929] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.step.impl.DefaultStepHandler} - >> BasicAuthenticator returned: SUCCESS_COMPLETED >> >> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >> - Step 1 is completed. Going to get the next one. >> >> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >> - Starting Step: 2 >> >> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.util.FrameworkUtils} - Finding already >> authenticated IdPs of the Step >> >> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.step.impl.DefaultStepHandler} - >> Step contains only a single IdP. Going to call it directly >> >> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.config.ConfigurationFacade} - Trying to >> find the IdP for name: mepin >> >> [2016-07-29 23:30:00,934] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.config.ConfigurationFacade} - A >> registered IdP was found >> >> [2016-07-29 23:30:03,520] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.step.impl.DefaultStepHandler} - >> MePINAuthenticator returned: INCOMPLETE >> >> [2016-07-29 23:30:03,521] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.step.impl.DefaultStepHandler} - >> MePINAuthenticator is redirecting >> >> [2016-07-29 23:30:03,521] DEBUG {org.wso2.carbon.identity.appl >> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >> - Step is not complete yet. Redirecting to outside. >> >> >> So, I had offline chat with Dulanja. He said that it is not a direct >> method when using POST method. POST method is not really needed. >> Because, even facebook authenticator uses GET method to send URL >> parameters. And also he give some suggestion, >> >> - >> >> For example, To send parameter called username, instead of using >> username as a name we can use “a” or “A” so from outside it can’t be >> guess. >> - >> >> From java class , send as HTML body. While on submitting, need to get >> url parameters. >> >> @ Dulanja, Please add If I miss anything. >> >> >> Your comments and suggestions are highly appreciated. >> >> [1] >> *https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-#L116* >> <https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-%23L116> >> >> [2] http://stackoverflow.com/questions/4205980/java-sending- >> http-parameters-via-post-method-easily >> >> [3] https://localhost:9443/samlsso >> >> >> Thanks, >> >> >> Biruntha >> >> Associate Software Engineer >> WSO2 >> Email : [email protected] >> Linkedin : https://lk.linkedin.com/in/biruntha >> Mobile : +94773718986 >> > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
