Hi Biruntha, Thanks for fixing the issue. Can you please send the relevant PR to [1] extension. We don't use the carbon-identity repository now.
Thanks, Kasun. [1] https://github.com/wso2-extensions/identity-inbound-auth-saml/blob/master/components/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderServlet.java On Tue, Aug 23, 2016 at 4:48 PM, Johann Nallathamby <joh...@wso2.com> wrote: > > > On Tue, Aug 23, 2016 at 4:14 PM, Biruntha Gnaneswaran <birun...@wso2.com> > wrote: > >> Hi, >> >> I created jira [1] and fixed in [2]. >> >> @ IS team please verify and merge. >> >> [1] - https://wso2.org/jira/browse/IDENTITY-5027 >> >> [2] - https://github.com/wso2/carbon-identity/pull/1748 >> >> Thanks, >> >> Biruntha >> >> Associate Software Engineer >> WSO2 >> Email : birun...@wso2.com >> Linkedin : https://lk.linkedin.com/in/biruntha >> Mobile : +94773718986 >> >> On Tue, Aug 23, 2016 at 6:05 AM, Malaka Silva <mal...@wso2.com> wrote: >> >>> Hi Biruntha, >>> >>> Good investigation on this matter. However we are not sure the impact of >>> this change. Can you create a jira [1] and add the PR so that IS team can >>> verify this in coming releases? >>> >>> [1] https://wso2.org/jira/browse/IDENTITY >>> >>> On Mon, Aug 22, 2016 at 6:04 PM, Biruntha Gnaneswaran <birun...@wso2.com >>> > wrote: >>> >>>> Hi All, >>>> >>>> While posting a form from Mepin Authenticator to Authentication >>>> endpoint, [1] will be executed. So it goes to [2]. From that method, it >>>> only support for url redirecting not support for form posting. So, I >>>> replace the logic [3] by [4]. Now it is working fine .So, To support post >>>> request in authentication endpoint, we need to modify sso-saml module. >>>> >>>> [1] - https://github.com/wso2/carbon-identity/blob/master/componen >>>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSer >>>> vlet.java#L157-#L161 >>>> >>>> [2] - https://github.com/wso2/carbon-identity/blob/master/componen >>>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSer >>>> vlet.java#L980 >>>> >>>> [3] - https://github.com/wso2/carbon-identity/blob/master/componen >>>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSer >>>> vlet.java#L992 >>>> >>>> [4] - https://github.com/wso2/carbon-identity/blob/master/componen >>>> ts/sso-saml/org.wso2.carbon.identity.sso.saml/src/main/java/ >>>> org/wso2/carbon/identity/sso/saml/servlet/SAMLSSOProviderSer >>>> vlet.java#L1031-#L1035 >>>> >>>> >>>> Thanks, >>>> >>>> Biruntha >>>> >>>> Associate Software Engineer >>>> WSO2 >>>> Email : birun...@wso2.com >>>> Linkedin : https://lk.linkedin.com/in/biruntha >>>> Mobile : +94773718986 >>>> >>>> On Fri, Aug 12, 2016 at 10:18 PM, Biruntha Gnaneswaran < >>>> birun...@wso2.com> wrote: >>>> >>>>> Hi All, >>>>> >>>>> >>>>> To solve the issue in $subject, i tried to post a html form from >>>>> Authenticator to mepin.jsp using [1]. But still i couldn't solve that >>>>> issue. It's again redirected to [2]. >>>>> Can anyone help me to solve this issue? >>>>> >>>>> [1] >>>>> >>>>> response.setContentType(*"text/html"*);java.io.PrintWriter out = >>>>> response.getWriter(); >>>>> out.println(*"<html><head>"*);out.println(*"</head><body>"*);out.println(*"<form >>>>> name=**\"**loginform**\"* *method=**\"**post**\"* >>>>> *action=**\"**/mepinauthenticationendpoint/mepin.jsp**\"**>"*);out.println(*"<input >>>>> type=**\"**hidden**\"* *id=**\"**param1**\"* *name=**\"**param1**\"* >>>>> *value=**\"**"*+param1+*"**\"**/>"*);out.println(*"<input >>>>> type=**\"**hidden**\"* *id=**\"**param2**\"* *name=**\"**param2**\"* >>>>> *value=**\"**"*+param2+*"**\"**/>"*);out.println(*"</form></body></html>"*); >>>>> >>>>> [2] https://localhost:9443/samlsso >>>>> >>>>> Thanks, >>>>> >>>>> Biruntha >>>>> >>>>> Associate Software Engineer >>>>> WSO2 >>>>> Email : birun...@wso2.com >>>>> Linkedin : https://lk.linkedin.com/in/biruntha >>>>> Mobile : +94773718986 >>>>> >>>>> On Fri, Jul 29, 2016 at 11:46 PM, Biruntha Gnaneswaran < >>>>> birun...@wso2.com> wrote: >>>>> >>>>>> Hi Devs, >>>>>> >>>>>> In Mepin authenticator, some URL parameters are send to Mepin UI page >>>>>> using GET method [1]. When I try to send these parameters via POST method >>>>>> using HttpURLConnection class [2], it redirects to [3] not to the >>>>>> actual Mepin UI page. While I try, I got the following Log . >>>>>> >>>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler} >>>>>> - In authentication flow >>>>>> >>>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>>> - Executing the Step Based Authentication... >>>>>> >>>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>>> - Starting Step: 1 >>>>>> >>>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.util.FrameworkUtils} - Finding >>>>>> already authenticated IdPs of the Step >>>>>> >>>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>>> - Receive a response from the external party >>>>>> >>>>>> [2016-07-29 23:30:00,903] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>>> - BasicAuthenticator can handle the request. >>>>>> >>>>>> [2016-07-29 23:30:00,929] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>>> - BasicAuthenticator returned: SUCCESS_COMPLETED >>>>>> >>>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>>> - Step 1 is completed. Going to get the next one. >>>>>> >>>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>>> - Starting Step: 2 >>>>>> >>>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.util.FrameworkUtils} - Finding >>>>>> already authenticated IdPs of the Step >>>>>> >>>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>>> - Step contains only a single IdP. Going to call it directly >>>>>> >>>>>> [2016-07-29 23:30:00,930] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.config.ConfigurationFacade} - >>>>>> Trying to find the IdP for name: mepin >>>>>> >>>>>> [2016-07-29 23:30:00,934] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.config.ConfigurationFacade} - A >>>>>> registered IdP was found >>>>>> >>>>>> [2016-07-29 23:30:03,520] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>>> - MePINAuthenticator returned: INCOMPLETE >>>>>> >>>>>> [2016-07-29 23:30:03,521] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>>> - MePINAuthenticator is redirecting >>>>>> >>>>>> [2016-07-29 23:30:03,521] DEBUG {org.wso2.carbon.identity.appl >>>>>> ication.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler} >>>>>> - Step is not complete yet. Redirecting to outside. >>>>>> >>>>>> >>>>>> So, I had offline chat with Dulanja. He said that it is not a direct >>>>>> method when using POST method. POST method is not really needed. >>>>>> Because, even facebook authenticator uses GET method to send URL >>>>>> parameters. And also he give some suggestion, >>>>>> >>>>>> - >>>>>> >>>>>> For example, To send parameter called username, instead of using >>>>>> username as a name we can use “a” or “A” so from outside it can’t >>>>>> be guess. >>>>>> - >>>>>> >>>>>> From java class , send as HTML body. While on submitting, need to >>>>>> get url parameters. >>>>>> >>>>>> @ Dulanja, Please add If I miss anything. >>>>>> >>>>>> >>>>>> Your comments and suggestions are highly appreciated. >>>>>> >>>>>> [1] >>>>>> *https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-#L116* >>>>>> <https://github.com/wso2-extensions/identity-outbound-auth-mepin/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/mepin/MepinAuthenticator.java#L112-%23L116> >>>>>> >>>>>> [2] http://stackoverflow.com/questions/4205980/java-sending-http >>>>>> -parameters-via-post-method-easily >>>>>> >>>>>> [3] https://localhost:9443/samlsso >>>>>> >>>>>> >>>>>> Thanks, >>>>>> >>>>>> >>>>>> Biruntha >>>>>> >>>>>> Associate Software Engineer >>>>>> WSO2 >>>>>> Email : birun...@wso2.com >>>>>> Linkedin : https://lk.linkedin.com/in/biruntha >>>>>> Mobile : +94773718986 >>>>>> >>>>> >>>>> >>>> >>> >>> >>> -- >>> >>> Best Regards, >>> >>> Malaka Silva >>> Senior Technical Lead >>> M: +94 777 219 791 >>> Tel : 94 11 214 5345 >>> Fax :94 11 2145300 >>> Skype : malaka.sampath.silva >>> LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77 >>> Blog : http://mrmalakasilva.blogspot.com/ >>> >>> WSO2, Inc. >>> lean . enterprise . middleware >>> https://wso2.com/signature >>> http://www.wso2.com/about/team/malaka-silva/ >>> <http://wso2.com/about/team/malaka-silva/> >>> https://store.wso2.com/store/ >>> >>> Don't make Trees rare, we should keep them with care >>> >> >> > > > -- > Thanks & Regards, > > *Johann Dilantha Nallathamby* > Technical Lead & Product Lead of WSO2 Identity Server > Governance Technologies Team > WSO2, Inc. > lean.enterprise.middleware > > Mobile - *+94777776950* > Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* > -- Kasun Bandara *Software Engineer* Mobile : +94 (0) 718 338 360 <%2B94%20%280%29%20773%20451194> kas...@wso2.com <thili...@wso2.com>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
