[Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-17 Thread Thulasika Vijayanathan 
Hi,

I am verifying the authenticators with IS 5.3.0. When I test Duo security
authenticator with IS 5.3.0, I got the blank page, but it works with IS
5.2.0. It seems redirect URL and signature are correct, because If we give
the wrong signature, the page will display as Access denied, Duo
Provisioning connector works fine with both IS 5.2.0 and 5.3.0.

Redirect URL in IS 5.3.0
https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|f4345a7f517828d259b235703310c09b594b736c:APP|YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|f65d989f837105e4a4d77167911f5abf09b7095c&sessionDataKey=bd19a4d8-f08e-4322-b0a8-cbbb31a144a7&duoHost=api-.duosecurity.com

[image: Inline image 3]

Redirect URL in IS 5.2.0
https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|969c487f980bfb10e7a45a4b43d06543a78b9500:APP|YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|bb3be42f90aa3cfc38a5f42600fa4a9ed8776421&sessionDataKey=04c82f8e-ce66-454b-9cbf-a671404109d7&duoHost=api-.duosecurity.com

[image: Inline image 2]
Can you please suggest what could be the reason?


Thanks,
Thulasika.

-- 
Thulasika
Associate Software Engineer
Mobile:0778014295
email: thulas...@wso2.com 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-18 Thread Nuwandi Wickramasinghe 
Hi Thulasika,

Are you using same duo API configuration values (i.e Secret Key,
Integration Key, Admin Secret Key, Admin Integration key ) in both 5.2.0
and 5.3.0?

thanks
Nuwandi

On Tue, Jan 17, 2017 at 2:24 PM, Thulasika Vijayanathan 
wrote:

> Hi,
>
> I am verifying the authenticators with IS 5.3.0. When I test Duo security
> authenticator with IS 5.3.0, I got the blank page, but it works with IS
> 5.2.0. It seems redirect URL and signature are correct, because If we give
> the wrong signature, the page will display as Access denied, Duo
> Provisioning connector works fine with both IS 5.2.0 and 5.3.0.
>
> Redirect URL in IS 5.3.0
> https://localhost:9443/duoauthenticationendpoint/
> duoAuth.jsp?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|
> YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|
> f4345a7f517828d259b235703310c09b594b736c:APP|
> YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|
> f65d989f837105e4a4d77167911f5abf09b7095c&sessionDataKey=
> bd19a4d8-f08e-4322-b0a8-cbbb31a144a7&duoHost=api-.duosecurity.com
>
> [image: Inline image 3]
>
> Redirect URL in IS 5.2.0
> https://localhost:9443/duoauthenticationendpoint/
> duoAuth.jsp?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|
> YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|
> 969c487f980bfb10e7a45a4b43d06543a78b9500:APP|
> YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|
> bb3be42f90aa3cfc38a5f42600fa4a9ed8776421&sessionDataKey=
> 04c82f8e-ce66-454b-9cbf-a671404109d7&duoHost=api-.duosecurity.com
>
> [image: Inline image 2]
> Can you please suggest what could be the reason?
>
>
> Thanks,
> Thulasika.
>
> --
> Thulasika
> Associate Software Engineer
> Mobile:0778014295
> email: thulas...@wso2.com 
>



-- 

Best Regards,

Nuwandi Wickramasinghe

Software Engineer

WSO2 Inc.

Web : http://wso2.com

Mobile : 0719214873
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-18 Thread Thulasika Vijayanathan 
Hi Nuwandi,

Yes, I use the same values.

Thanks.

On Wed, Jan 18, 2017 at 9:59 PM, Nuwandi Wickramasinghe 
wrote:

> Hi Thulasika,
>
> Are you using same duo API configuration values (i.e Secret Key,
> Integration Key, Admin Secret Key, Admin Integration key ) in both 5.2.0
> and 5.3.0?
>
> thanks
> Nuwandi
>
> On Tue, Jan 17, 2017 at 2:24 PM, Thulasika Vijayanathan <
> thulas...@wso2.com> wrote:
>
>> Hi,
>>
>> I am verifying the authenticators with IS 5.3.0. When I test Duo security
>> authenticator with IS 5.3.0, I got the blank page, but it works with IS
>> 5.2.0. It seems redirect URL and signature are correct, because If we give
>> the wrong signature, the page will display as Access denied, Duo
>> Provisioning connector works fine with both IS 5.2.0 and 5.3.0.
>>
>> Redirect URL in IS 5.3.0
>> https://localhost:9443/duoauthenticationendpoint/duoAuth.
>> jsp?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=
>> TX|YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|f434
>> 5a7f517828d259b235703310c09b594b736c:APP|YWRtaW58REkySjlaVk4
>> 0NEM4UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|f65d989f837105e4a4d7716791
>> 1f5abf09b7095c&sessionDataKey=bd19a4d8-f08e-4322-b0a8-cbbb31
>> a144a7&duoHost=api-.duosecurity.com
>>
>> [image: Inline image 3]
>>
>> Redirect URL in IS 5.2.0
>> https://localhost:9443/duoauthenticationendpoint/duoAuth.
>> jsp?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=
>> TX|YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|969c
>> 487f980bfb10e7a45a4b43d06543a78b9500:APP|YWRtaW58REkySjlaVk4
>> 0NEM4UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|bb3be42f90aa3cfc38a5f42600
>> fa4a9ed8776421&sessionDataKey=04c82f8e-ce66-454b-9cbf-a67140
>> 4109d7&duoHost=api-.duosecurity.com
>>
>> [image: Inline image 2]
>> Can you please suggest what could be the reason?
>>
>>
>> Thanks,
>> Thulasika.
>>
>> --
>> Thulasika
>> Associate Software Engineer
>> Mobile:0778014295
>> email: thulas...@wso2.com 
>>
>
>
>
> --
>
> Best Regards,
>
> Nuwandi Wickramasinghe
>
> Software Engineer
>
> WSO2 Inc.
>
> Web : http://wso2.com
>
> Mobile : 0719214873
>



-- 
Thulasika
Associate Software Engineer
Mobile:0778014295
email: thulas...@wso2.com 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-18 Thread Nuwandi Wickramasinghe 
Hi Thulasika,

I could successfully load the iframe by getting rid of *HttpServletResponse*
.*encodeRedirectURL() *method at [1]. Since the *DuoUrl *contain some data
with special characters, you need to URL encode them in order to get this
working. I have attached the patch file with the code changes I did to get
it working.

However, I could not figure out why *HttpServletResponse*.*encodeRedirectURL()
*causes issues only in 5.3.0. There's no javax.servlet api version change
between 5.2.0 and 5.3.0 AFAIS.

[1]
https://github.com/wso2-extensions/identity-outbound-auth-duo/blob/org.wso2.carbon.extension.identity.authenticator.duo-1.0.1/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/duo/DuoAuthenticator.java#L134

On Wed, Jan 18, 2017 at 10:09 PM, Thulasika Vijayanathan  wrote:

> Hi Nuwandi,
>
> Yes, I use the same values.
>
> Thanks.
>
> On Wed, Jan 18, 2017 at 9:59 PM, Nuwandi Wickramasinghe  > wrote:
>
>> Hi Thulasika,
>>
>> Are you using same duo API configuration values (i.e Secret Key,
>> Integration Key, Admin Secret Key, Admin Integration key ) in both 5.2.0
>> and 5.3.0?
>>
>> thanks
>> Nuwandi
>>
>> On Tue, Jan 17, 2017 at 2:24 PM, Thulasika Vijayanathan <
>> thulas...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> I am verifying the authenticators with IS 5.3.0. When I test Duo
>>> security authenticator with IS 5.3.0, I got the blank page, but it works
>>> with IS 5.2.0. It seems redirect URL and signature are correct, because If
>>> we give the wrong signature, the page will display as Access denied, Duo
>>> Provisioning connector works fine with both IS 5.2.0 and 5.3.0.
>>>
>>> Redirect URL in IS 5.3.0
>>> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
>>> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|
>>> YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|f4345a7
>>> f517828d259b235703310c09b594b736c:APP|YWRtaW58REkySjlaVk40NE
>>> M4UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|f65d989f837105e4a4d77167911f5
>>> abf09b7095c&sessionDataKey=bd19a4d8-f08e-4322-b0a8-cbbb31a14
>>> 4a7&duoHost=api-.duosecurity.com
>>>
>>> [image: Inline image 3]
>>>
>>> Redirect URL in IS 5.2.0
>>> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
>>> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|
>>> YWRtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|969c487
>>> f980bfb10e7a45a4b43d06543a78b9500:APP|YWRtaW58REkySjlaVk40NE
>>> M4UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|bb3be42f90aa3cfc38a5f42600fa4
>>> a9ed8776421&sessionDataKey=04c82f8e-ce66-454b-9cbf-a67140410
>>> 9d7&duoHost=api-.duosecurity.com
>>>
>>> [image: Inline image 2]
>>> Can you please suggest what could be the reason?
>>>
>>>
>>> Thanks,
>>> Thulasika.
>>>
>>> --
>>> Thulasika
>>> Associate Software Engineer
>>> Mobile:0778014295
>>> email: thulas...@wso2.com 
>>>
>>
>>
>>
>> --
>>
>> Best Regards,
>>
>> Nuwandi Wickramasinghe
>>
>> Software Engineer
>>
>> WSO2 Inc.
>>
>> Web : http://wso2.com
>>
>> Mobile : 0719214873
>>
>
>
>
> --
> Thulasika
> Associate Software Engineer
> Mobile:0778014295
> email: thulas...@wso2.com 
>



-- 

Best Regards,

Nuwandi Wickramasinghe

Software Engineer

WSO2 Inc.

Web : http://wso2.com

Mobile : 0719214873
Index: identity-outbound-auth-duo/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/duo/DuoAuthenticator.java
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===
--- identity-outbound-auth-duo/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/duo/DuoAuthenticator.java	(date 147195590)
+++ identity-outbound-auth-duo/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/duo/DuoAuthenticator.java	(revision )
@@ -19,6 +19,7 @@
 
 package org.wso2.carbon.identity.authenticator.duo;
 
+import org.apache.catalina.util.URLEncoder;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -120,18 +121,20 @@
 authenticatorProperties.get(DuoAuthenticatorConstants.SECRET_KEY), integrationSecretKey, username);
 String enrollmentPage = ConfigurationFacade.getInstance().getAuthenticationEndpointURL()
 .replace(loginPage, DuoAuthenticatorConstants.DUO_PAGE);
+
+URLEncoder encoder = new URLEncoder();
 String DuoUrl = enrollmentPage + "?" + FrameworkConstants.RequestParams.AUTHENTICATOR +
-"=" + getName() + ":" + FrameworkConstants.LOCAL_IDP_NAME + "&" +
+"=" + encoder.encode(getName() + ":" + FrameworkConstants.LOCAL_IDP_NAME)  + "&" +
 FrameworkConstants.RequestParams.TYPE + "=" +
 DuoAuthenticatorConstants.RequestParams.DUO + "&" +
 DuoAuthenticatorConstants.RequestParams.SIG_REQUEST + "=" +
-

Re: [Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-18 Thread Thulasika Vijayanathan 
Hi Nuwandi,

The solution you have provided is working, Thank you for your help.

Thanks,
Thulasika.

On Wed, Jan 18, 2017 at 11:14 PM, Nuwandi Wickramasinghe 
wrote:

> Hi Thulasika,
>
> I could successfully load the iframe by getting rid of
> *HttpServletResponse*.*encodeRedirectURL() *method at [1]. Since the *DuoUrl
> *contain some data with special characters, you need to URL encode them
> in order to get this working. I have attached the patch file with the code
> changes I did to get it working.
>
> However, I could not figure out why *HttpServletResponse*.*encodeRedirectURL()
> *causes issues only in 5.3.0. There's no javax.servlet api version change
> between 5.2.0 and 5.3.0 AFAIS.
>
> [1] https://github.com/wso2-extensions/identity-outbound-
> auth-duo/blob/org.wso2.carbon.extension.identity.authenticator.duo-1.0.1/
> component/authenticator/src/main/java/org/wso2/carbon/
> identity/authenticator/duo/DuoAuthenticator.java#L134
>
> On Wed, Jan 18, 2017 at 10:09 PM, Thulasika Vijayanathan <
> thulas...@wso2.com> wrote:
>
>> Hi Nuwandi,
>>
>> Yes, I use the same values.
>>
>> Thanks.
>>
>> On Wed, Jan 18, 2017 at 9:59 PM, Nuwandi Wickramasinghe <
>> nuwan...@wso2.com> wrote:
>>
>>> Hi Thulasika,
>>>
>>> Are you using same duo API configuration values (i.e Secret Key,
>>> Integration Key, Admin Secret Key, Admin Integration key ) in both
>>> 5.2.0 and 5.3.0?
>>>
>>> thanks
>>> Nuwandi
>>>
>>> On Tue, Jan 17, 2017 at 2:24 PM, Thulasika Vijayanathan <
>>> thulas...@wso2.com> wrote:
>>>
 Hi,

 I am verifying the authenticators with IS 5.3.0. When I test Duo
 security authenticator with IS 5.3.0, I got the blank page, but it works
 with IS 5.2.0. It seems redirect URL and signature are correct, because If
 we give the wrong signature, the page will display as Access denied, Duo
 Provisioning connector works fine with both IS 5.2.0 and 5.3.0.

 Redirect URL in IS 5.3.0
 https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
 ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
 RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|f4345a7f5
 17828d259b235703310c09b594b736c:APP|YWRtaW58REkySjlaVk40NEM4
 UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|f65d989f837105e4a4d77167911f5a
 bf09b7095c&sessionDataKey=bd19a4d8-f08e-4322-b0a8-cbbb31a144
 a7&duoHost=api-.duosecurity.com

 [image: Inline image 3]

 Redirect URL in IS 5.2.0
 https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
 ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
 RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|969c487f9
 80bfb10e7a45a4b43d06543a78b9500:APP|YWRtaW58REkySjlaVk40NEM4
 UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|bb3be42f90aa3cfc38a5f42600fa4a
 9ed8776421&sessionDataKey=04c82f8e-ce66-454b-9cbf-a671404109
 d7&duoHost=api-.duosecurity.com

 [image: Inline image 2]
 Can you please suggest what could be the reason?


 Thanks,
 Thulasika.

 --
 Thulasika
 Associate Software Engineer
 Mobile:0778014295
 email: thulas...@wso2.com 

>>>
>>>
>>>
>>> --
>>>
>>> Best Regards,
>>>
>>> Nuwandi Wickramasinghe
>>>
>>> Software Engineer
>>>
>>> WSO2 Inc.
>>>
>>> Web : http://wso2.com
>>>
>>> Mobile : 0719214873
>>>
>>
>>
>>
>> --
>> Thulasika
>> Associate Software Engineer
>> Mobile:0778014295
>> email: thulas...@wso2.com 
>>
>
>
>
> --
>
> Best Regards,
>
> Nuwandi Wickramasinghe
>
> Software Engineer
>
> WSO2 Inc.
>
> Web : http://wso2.com
>
> Mobile : 0719214873
>



-- 
Thulasika
Associate Software Engineer
Mobile:0778014295
email: thulas...@wso2.com 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-19 Thread Malaka Silva 
Shall we fix. We need to,


   1. Verify the fix with previous versions.
   2. Update the store to mention that it supports IS 510, 520 and 530

@Thulasika - Please check this after doc-sign.

On Thu, Jan 19, 2017 at 9:17 AM, Thulasika Vijayanathan 
wrote:

> Hi Nuwandi,
>
> The solution you have provided is working, Thank you for your help.
>
> Thanks,
> Thulasika.
>
> On Wed, Jan 18, 2017 at 11:14 PM, Nuwandi Wickramasinghe <
> nuwan...@wso2.com> wrote:
>
>> Hi Thulasika,
>>
>> I could successfully load the iframe by getting rid of
>> *HttpServletResponse*.*encodeRedirectURL() *method at [1]. Since the *DuoUrl
>> *contain some data with special characters, you need to URL encode them
>> in order to get this working. I have attached the patch file with the code
>> changes I did to get it working.
>>
>> However, I could not figure out why 
>> *HttpServletResponse*.*encodeRedirectURL()
>> *causes issues only in 5.3.0. There's no javax.servlet api version
>> change between 5.2.0 and 5.3.0 AFAIS.
>>
>> [1] https://github.com/wso2-extensions/identity-outbound-aut
>> h-duo/blob/org.wso2.carbon.extension.identity.authenticator.
>> duo-1.0.1/component/authenticator/src/main/java/org/wso2/carbon/identity/
>> authenticator/duo/DuoAuthenticator.java#L134
>>
>> On Wed, Jan 18, 2017 at 10:09 PM, Thulasika Vijayanathan <
>> thulas...@wso2.com> wrote:
>>
>>> Hi Nuwandi,
>>>
>>> Yes, I use the same values.
>>>
>>> Thanks.
>>>
>>> On Wed, Jan 18, 2017 at 9:59 PM, Nuwandi Wickramasinghe <
>>> nuwan...@wso2.com> wrote:
>>>
 Hi Thulasika,

 Are you using same duo API configuration values (i.e Secret Key,
 Integration Key, Admin Secret Key, Admin Integration key ) in both
 5.2.0 and 5.3.0?

 thanks
 Nuwandi

 On Tue, Jan 17, 2017 at 2:24 PM, Thulasika Vijayanathan <
 thulas...@wso2.com> wrote:

> Hi,
>
> I am verifying the authenticators with IS 5.3.0. When I test Duo
> security authenticator with IS 5.3.0, I got the blank page, but it works
> with IS 5.2.0. It seems redirect URL and signature are correct, because If
> we give the wrong signature, the page will display as Access denied, Duo
> Provisioning connector works fine with both IS 5.2.0 and 5.3.0.
>
> Redirect URL in IS 5.3.0
> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
> RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|f4345a7f5
> 17828d259b235703310c09b594b736c:APP|YWRtaW58REkySjlaVk40NEM4
> UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|f65d989f837105e4a4d77167911f5ab
> f09b7095c&sessionDataKey=bd19a4d8-f08e-4322-b0a8-cbbb31a144a
> 7&duoHost=api-.duosecurity.com
>
> [image: Inline image 3]
>
> Redirect URL in IS 5.2.0
> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
> RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|969c487f9
> 80bfb10e7a45a4b43d06543a78b9500:APP|YWRtaW58REkySjlaVk40NEM4
> UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|bb3be42f90aa3cfc38a5f42600fa4a9
> ed8776421&sessionDataKey=04c82f8e-ce66-454b-9cbf-a671404109d
> 7&duoHost=api-.duosecurity.com
>
> [image: Inline image 2]
> Can you please suggest what could be the reason?
>
>
> Thanks,
> Thulasika.
>
> --
> Thulasika
> Associate Software Engineer
> Mobile:0778014295 <077%20801%204295>
> email: thulas...@wso2.com 
>



 --

 Best Regards,

 Nuwandi Wickramasinghe

 Software Engineer

 WSO2 Inc.

 Web : http://wso2.com

 Mobile : 0719214873 <071%20921%204873>

>>>
>>>
>>>
>>> --
>>> Thulasika
>>> Associate Software Engineer
>>> Mobile:0778014295 <077%20801%204295>
>>> email: thulas...@wso2.com 
>>>
>>
>>
>>
>> --
>>
>> Best Regards,
>>
>> Nuwandi Wickramasinghe
>>
>> Software Engineer
>>
>> WSO2 Inc.
>>
>> Web : http://wso2.com
>>
>> Mobile : 0719214873 <071%20921%204873>
>>
>
>
>
> --
> Thulasika
> Associate Software Engineer
> Mobile:0778014295 <077%20801%204295>
> email: thulas...@wso2.com 
>



-- 

Best Regards,

Malaka Silva
Associate Director / Architect
M: +94 777 219 791
Tel : 94 11 214 5345
Fax :94 11 2145300
Skype : malaka.sampath.silva
LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77
Blog : http://mrmalakasilva.blogspot.com/

WSO2, Inc.
lean . enterprise . middleware
https://wso2.com/signature
http://www.wso2.com/about/team/malaka-silva/

https://store.wso2.com/store/

Don't make Trees rare, we should keep them with care
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-19 Thread Thulasika Vijayanathan 
Hi Malaka,

I already fixed and checked with previous versions(5.0.1, 5.0.2, 5.0.3). It
works fine with all versions.I released and published in the store as well.

Thanks,
Thulasika.

On Fri, Jan 20, 2017 at 5:35 AM, Malaka Silva  wrote:

> Shall we fix. We need to,
>
>
>1. Verify the fix with previous versions.
>2. Update the store to mention that it supports IS 510, 520 and 530
>
> @Thulasika - Please check this after doc-sign.
>
> On Thu, Jan 19, 2017 at 9:17 AM, Thulasika Vijayanathan <
> thulas...@wso2.com> wrote:
>
>> Hi Nuwandi,
>>
>> The solution you have provided is working, Thank you for your help.
>>
>> Thanks,
>> Thulasika.
>>
>> On Wed, Jan 18, 2017 at 11:14 PM, Nuwandi Wickramasinghe <
>> nuwan...@wso2.com> wrote:
>>
>>> Hi Thulasika,
>>>
>>> I could successfully load the iframe by getting rid of
>>> *HttpServletResponse*.*encodeRedirectURL() *method at [1]. Since the *DuoUrl
>>> *contain some data with special characters, you need to URL encode them
>>> in order to get this working. I have attached the patch file with the code
>>> changes I did to get it working.
>>>
>>> However, I could not figure out why 
>>> *HttpServletResponse*.*encodeRedirectURL()
>>> *causes issues only in 5.3.0. There's no javax.servlet api version
>>> change between 5.2.0 and 5.3.0 AFAIS.
>>>
>>> [1] https://github.com/wso2-extensions/identity-outbound-aut
>>> h-duo/blob/org.wso2.carbon.extension.identity.authenticator.
>>> duo-1.0.1/component/authenticator/src/main/java/org/wso2/
>>> carbon/identity/authenticator/duo/DuoAuthenticator.java#L134
>>>
>>> On Wed, Jan 18, 2017 at 10:09 PM, Thulasika Vijayanathan <
>>> thulas...@wso2.com> wrote:
>>>
 Hi Nuwandi,

 Yes, I use the same values.

 Thanks.

 On Wed, Jan 18, 2017 at 9:59 PM, Nuwandi Wickramasinghe <
 nuwan...@wso2.com> wrote:

> Hi Thulasika,
>
> Are you using same duo API configuration values (i.e Secret Key,
> Integration Key, Admin Secret Key, Admin Integration key ) in both
> 5.2.0 and 5.3.0?
>
> thanks
> Nuwandi
>
> On Tue, Jan 17, 2017 at 2:24 PM, Thulasika Vijayanathan <
> thulas...@wso2.com> wrote:
>
>> Hi,
>>
>> I am verifying the authenticators with IS 5.3.0. When I test Duo
>> security authenticator with IS 5.3.0, I got the blank page, but it works
>> with IS 5.2.0. It seems redirect URL and signature are correct, because 
>> If
>> we give the wrong signature, the page will display as Access denied, Duo
>> Provisioning connector works fine with both IS 5.2.0 and 5.3.0.
>>
>> Redirect URL in IS 5.3.0
>> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
>> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
>> RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|f4345a7f5
>> 17828d259b235703310c09b594b736c:APP|YWRtaW58REkySjlaVk40NEM4
>> UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|f65d989f837105e4a4d77167911f5ab
>> f09b7095c&sessionDataKey=bd19a4d8-f08e-4322-b0a8-cbbb31a144a
>> 7&duoHost=api-.duosecurity.com
>>
>> [image: Inline image 3]
>>
>> Redirect URL in IS 5.2.0
>> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
>> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
>> RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|969c487f9
>> 80bfb10e7a45a4b43d06543a78b9500:APP|YWRtaW58REkySjlaVk40NEM4
>> UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|bb3be42f90aa3cfc38a5f42600fa4a9
>> ed8776421&sessionDataKey=04c82f8e-ce66-454b-9cbf-a671404109d
>> 7&duoHost=api-.duosecurity.com
>>
>> [image: Inline image 2]
>> Can you please suggest what could be the reason?
>>
>>
>> Thanks,
>> Thulasika.
>>
>> --
>> Thulasika
>> Associate Software Engineer
>> Mobile:0778014295 <077%20801%204295>
>> email: thulas...@wso2.com 
>>
>
>
>
> --
>
> Best Regards,
>
> Nuwandi Wickramasinghe
>
> Software Engineer
>
> WSO2 Inc.
>
> Web : http://wso2.com
>
> Mobile : 0719214873 <071%20921%204873>
>



 --
 Thulasika
 Associate Software Engineer
 Mobile:0778014295 <077%20801%204295>
 email: thulas...@wso2.com 

>>>
>>>
>>>
>>> --
>>>
>>> Best Regards,
>>>
>>> Nuwandi Wickramasinghe
>>>
>>> Software Engineer
>>>
>>> WSO2 Inc.
>>>
>>> Web : http://wso2.com
>>>
>>> Mobile : 0719214873 <071%20921%204873>
>>>
>>
>>
>>
>> --
>> Thulasika
>> Associate Software Engineer
>> Mobile:0778014295 <077%20801%204295>
>> email: thulas...@wso2.com 
>>
>
>
>
> --
>
> Best Regards,
>
> Malaka Silva
> Associate Director / Architect
> M: +94 777 219 791 <+94%2077%20721%209791>
> Tel : 94 11 214 5345
> Fax :94 11 2145300
> Skype : malaka.sampath.silva
> LinkedIn : http://www.linkedin.com/pub/malaka-silva/6/33/77
> Blog : http://mrmalakasilva.blogspot.com/
>
> WSO2, Inc.
> lean . enterprise . middleware
> https://wso2.com/sig

Re: [Dev] Getting blank page while verifying the Duo Security authenticator with IS 5.3.0

2017-01-19 Thread Thulasika Vijayanathan 
Please ignore the above mentioned tested versions. I tested with IS 5.1.0 ,
5.2.0 and 5.3.0.

On Fri, Jan 20, 2017 at 9:08 AM, Thulasika Vijayanathan 
wrote:

> Hi Malaka,
>
> I already fixed and checked with previous versions(5.0.1, 5.0.2, 5.0.3).
> It works fine with all versions.I released and published in the store as
> well.
>
> Thanks,
> Thulasika.
>
> On Fri, Jan 20, 2017 at 5:35 AM, Malaka Silva  wrote:
>
>> Shall we fix. We need to,
>>
>>
>>1. Verify the fix with previous versions.
>>2. Update the store to mention that it supports IS 510, 520 and 530
>>
>> @Thulasika - Please check this after doc-sign.
>>
>> On Thu, Jan 19, 2017 at 9:17 AM, Thulasika Vijayanathan <
>> thulas...@wso2.com> wrote:
>>
>>> Hi Nuwandi,
>>>
>>> The solution you have provided is working, Thank you for your help.
>>>
>>> Thanks,
>>> Thulasika.
>>>
>>> On Wed, Jan 18, 2017 at 11:14 PM, Nuwandi Wickramasinghe <
>>> nuwan...@wso2.com> wrote:
>>>
 Hi Thulasika,

 I could successfully load the iframe by getting rid of
 *HttpServletResponse*.*encodeRedirectURL() *method at [1]. Since the 
 *DuoUrl
 *contain some data with special characters, you need to URL encode
 them in order to get this working. I have attached the patch file with the
 code changes I did to get it working.

 However, I could not figure out why 
 *HttpServletResponse*.*encodeRedirectURL()
 *causes issues only in 5.3.0. There's no javax.servlet api version
 change between 5.2.0 and 5.3.0 AFAIS.

 [1] https://github.com/wso2-extensions/identity-outbound-aut
 h-duo/blob/org.wso2.carbon.extension.identity.authenticator.
 duo-1.0.1/component/authenticator/src/main/java/org/wso2/car
 bon/identity/authenticator/duo/DuoAuthenticator.java#L134

 On Wed, Jan 18, 2017 at 10:09 PM, Thulasika Vijayanathan <
 thulas...@wso2.com> wrote:

> Hi Nuwandi,
>
> Yes, I use the same values.
>
> Thanks.
>
> On Wed, Jan 18, 2017 at 9:59 PM, Nuwandi Wickramasinghe <
> nuwan...@wso2.com> wrote:
>
>> Hi Thulasika,
>>
>> Are you using same duo API configuration values (i.e Secret Key,
>> Integration Key, Admin Secret Key, Admin Integration key ) in both
>> 5.2.0 and 5.3.0?
>>
>> thanks
>> Nuwandi
>>
>> On Tue, Jan 17, 2017 at 2:24 PM, Thulasika Vijayanathan <
>> thulas...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> I am verifying the authenticators with IS 5.3.0. When I test Duo
>>> security authenticator with IS 5.3.0, I got the blank page, but it works
>>> with IS 5.2.0. It seems redirect URL and signature are correct, because 
>>> If
>>> we give the wrong signature, the page will display as Access denied, Duo
>>> Provisioning connector works fine with both IS 5.2.0 and 5.3.0.
>>>
>>> Redirect URL in IS 5.3.0
>>> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
>>> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
>>> RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDUwMg==|f4345a7f5
>>> 17828d259b235703310c09b594b736c:APP|YWRtaW58REkySjlaVk40NEM4
>>> UlZRQzdTUkJ8MTQ4NDY0MzgwMg==|f65d989f837105e4a4d77167911f5ab
>>> f09b7095c&sessionDataKey=bd19a4d8-f08e-4322-b0a8-cbbb31a144a
>>> 7&duoHost=api-.duosecurity.com
>>>
>>> [image: Inline image 3]
>>>
>>> Redirect URL in IS 5.2.0
>>> https://localhost:9443/duoauthenticationendpoint/duoAuth.jsp
>>> ?authenticator=DuoAuthenticator:LOCAL&type=duo&signreq=TX|YW
>>> RtaW58REkySjlaVk40NEM4UlZRQzdTUkJ8MTQ4NDY0MDcxMQ==|969c487f9
>>> 80bfb10e7a45a4b43d06543a78b9500:APP|YWRtaW58REkySjlaVk40NEM4
>>> UlZRQzdTUkJ8MTQ4NDY0NDAxMQ==|bb3be42f90aa3cfc38a5f42600fa4a9
>>> ed8776421&sessionDataKey=04c82f8e-ce66-454b-9cbf-a671404109d
>>> 7&duoHost=api-.duosecurity.com
>>>
>>> [image: Inline image 2]
>>> Can you please suggest what could be the reason?
>>>
>>>
>>> Thanks,
>>> Thulasika.
>>>
>>> --
>>> Thulasika
>>> Associate Software Engineer
>>> Mobile:0778014295 <077%20801%204295>
>>> email: thulas...@wso2.com 
>>>
>>
>>
>>
>> --
>>
>> Best Regards,
>>
>> Nuwandi Wickramasinghe
>>
>> Software Engineer
>>
>> WSO2 Inc.
>>
>> Web : http://wso2.com
>>
>> Mobile : 0719214873 <071%20921%204873>
>>
>
>
>
> --
> Thulasika
> Associate Software Engineer
> Mobile:0778014295 <077%20801%204295>
> email: thulas...@wso2.com 
>



 --

 Best Regards,

 Nuwandi Wickramasinghe

 Software Engineer

 WSO2 Inc.

 Web : http://wso2.com

 Mobile : 0719214873 <071%20921%204873>

>>>
>>>
>>>
>>> --
>>> Thulasika
>>> Associate Software Engineer
>>> Mobile:0778014295 <077%20801%204295>
>>> email: thulas...@wso2.com 
>>>
>>
>>
>>
>> --
>>
>> Best Regards,