> Can you post the pre- and post- request/response headers for that handshake?
Here goes (with some editing for privacy and brevity)... [Load the sign in page] :::::::::::::: GET /openid HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.1) Gecko/20060313 Fedora/1.5.0.1-9 Firefox/1.5.0.1 pango-te xt Accept: text/xml,application/xml,application/xhtml +xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.7,ja;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: languagePref=en; cookieSupport=true; JSESSIONID=f5n iml6s6ts9 Cache-Control: max-age=0 [ok] :::::::::::::: HTTP/1.1 200 Content-Type: text/html; charset=utf-8 Content-Language: en Pragma: no-cache Cache-Control: no-cache, max-age=0, must-revalidate [Submit the signin page] :::::::::::::: POST /openid/signIn/?wicket:interface=:3:form.openId::IFormSubmitListener:: HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.1) Gecko/20060313 Fedora/1.5.0.1-9 Firefox/1.5.0.1 pango-te xt Accept: text/xml,application/xml,application/xhtml +xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.7,ja;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: languagePref=en; cookieSupport=true; JSESSIONID=f5n iml6s6ts9 Referer: http://localhost:8080/openid Content-Type: application/x-www-form-urlencoded Content-Length: 21 [Redirect to OpenID handler)] :::::::::::::: HTTP/1.1 302 Location: http://localhost:8080/openid/authorization/?uid=https%3A%2F% 2Fme.yahoo.com [Resubmit request to OpenId handler using requested OpenID for auth] :::::::::::::: GET /openid/authorization/?uid=https%3A%2F%2Fme.yahoo.com HTTP/1.1 Host: localhost:8080 User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.1) Gecko/20060313 Fedora/1.5.0.1-9 Firefox/1.5.0.1 pango-te xt Accept: text/xml,application/xml,application/xhtml +xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.7,ja;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: languagePref=en; cookieSupport=true; JSESSIONID=f5n iml6s6ts9 Referer: http://localhost:8080/openid [Redirect to Yahoo (our OpenID Provider)] :::::::::::::: HTTP/1.1 302 Location: https://open.login.yahooapis.com/openid/op/auth?lotsofparams [Yahoo is verifying our identity before processing the auth] [**Note that from here on, we lose our session id because a new one was created] :::::::::::::: GET /openid/verification HTTP/1.1 Host: www.bioscene.co.jp Accept: application/xrds+xml,text/html,text/plain Max-Forwards: 9 X-Forwarded-Host: www.bioscene.co.jp, www.bioscene.co.jp [Tell Yahoo what they want to know] :::::::::::::: HTTP/1.1 200 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: cookieSupport=true;Path=/;Expires=Sat, 22-Nov-08 05:20:40 GMT Set-Cookie: JSESSIONID=o8cfish2xt6v;Path=/ Content-Type: text/html; charset=utf-8 Content-Language: en-US X-XRDS-Location: locationOfXrds Pragma: no-cache Cache-Control: no-cache, max-age=0, must-revalidate, no-store [Yahoo has accepted the auth and replies with an auth token] [*Note that once again we have a different session id] :::::::::::::: GET /openid/verification?authToken HTTP/1.1 Host: www.bioscene.co.jp User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.1) Gecko/20060313 Fedora/1.5.0.1-9 Firefox/1.5.0.1 pango-te xt Accept: text/xml,application/xml,application/xhtml +xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.7,ja;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Cookie: cookieSupport=true; languagePref=en; JSESSIONID=iwjw2dd164zn Max-Forwards: 9 X-Forwarded-Host: www.bioscene.co.jp, www.bioscene.co.jp [We can now carry on... except that this is not longer the same session] :::::::::::::: HTTP/1.1 200 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=pb0x661fuk0r;Path=/ Content-Type: text/html; charset=utf-8 Content-Language: en Pragma: no-cache Cache-Control: no-cache, max-age=0, must-revalidate _______________________________________________ general mailing list general@lists.ops4j.org http://lists.ops4j.org/mailman/listinfo/general
