Home

Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Open ID login

  1. #1

    Open ID login

    When trying to login with OpenID (google account in my case) i get the message "failed to login"
    Credentials foor Google are OK
    any suggestions ?

    Thanks

    Jan Hoetink
    Isendoorn College
    Warnsveld

  2. #2
    Join Date
    Sep 2007
    Posts
    6,103

    Re: Open ID login

    vanbruggen wrote:

    >
    > When trying to login with OpenID (google account in my case) i get the
    > message "failed to login"
    > Credentials foor Google are OK
    > any suggestions ?


    Is this an actual gmail.com e-mail address?

    --
    Your world is on the move. http://www.novell.com/mobility/
    We know what your world looks like. http://www.novell.com/yourworld/

  3. #3
    Join Date
    Feb 2008
    Posts
    200

    Re: Open ID login

    HI,

    I also have the same issue....nowhere i have seen the setup speak about internet access for the filr appliance, surely this must be there?.... we are behind a firewall/proxy setup, any special ports etc needs to be opened, normal internet access for filr is fine ... we need something more?...

  4. #4
    Georg Fritsch NNTP User

    Re: Open ID login

    Hi,

    I could not get it to work either.

    As our Filr-Appliance needs to go through a proxy to access the internet and
    i could not find a proxy server setting in the network configuration i was
    not really surprised.

    Looks like Filr is using openid4java and Novell neglected the really simple
    ---
    If your Relying Party / consumer site needs to access the internet through a
    proxy, the following proxy configuration is necessary, before the
    ConsumerManager is instantiated:

    // --- Forward proxy setup (only if needed) ---
    ProxyProperties proxyProps = new ProxyProperties();
    proxyProps.setProxyName("proxy.example.com");
    proxyProps.setProxyPort(8080);
    HttpClientFactory.setProxyProperties(proxyProps);
    ---
    steps from the openid4java wiki.

    Enhancement again...

    Georg

    >>> tdebeer<tdebeer@no-mx.forums.novell.com> schrieb am 06.05.2013 um 15:56

    in
    Nachricht <tdebeer.5ux93c@no-mx.forums.novell.com>:

    > HI,
    >
    > I also have the same issue....nowhere i have seen the setup speak about
    > internet access for the filr appliance, surely this must be there?....
    > we are behind a firewall/proxy setup, any special ports etc needs to be
    > opened, normal internet access for filr is fine ... we need something
    > more?...


  5. #5
    Join Date
    Sep 2007
    Posts
    6,103

    Re: Open ID login

    Georg Fritsch wrote:

    > Looks like Filr is using openid4java and Novell neglected the really
    > simple ---


    Thanks for posting this. I've passed this along to engineering. Right
    now we're determining if a section to the docs will be added on how to
    configure this, or if this will simply be a TID. One way or another
    we'll get this configuration documented.

    --
    Your world is on the move. http://www.novell.com/mobility/
    We know what your world looks like. http://www.novell.com/yourworld/

  6. #6
    Join Date
    Feb 2008
    Posts
    200

    Re: Open ID login

    Ah thought it had to be the proxy...great but stupid is at the door again, where in the world do i add this config...which config file???

  7. #7
    Georg Fritsch NNTP User

    Re: Open ID login

    Hi Joseph,

    IMO this is a very easy to fix in the source code but quite hard on the
    deployed appliance.

    Just changing the tomcat/java system settings by including the required
    switches in setenv.sh in /opt/novell/filr/apache-tomcat/bin does not do the
    trick.

    Maybe there are some other configuration files which are read on system
    startup and allow a proxy for the openid4java calls. I couldn't find them.

    I had to decompile OpenID4JavaConsumer.class from
    /opt/novell/filr/apache-tomcat/lib/ext/spring-security-openid.jar,
    fix the OpenID4JavaConsumer constructor,
    get it to compile again,
    and update the jar on the appliance.

    ---
    public OpenID4JavaConsumer(ConsumerManager consumerManager, final
    List<OpenIDAttribute> attributes)
    throws ConsumerException
    {
    logger = LogFactory.getLog(getClass());

    // Proxy support
    ProxyProperties proxyProps = new ProxyProperties();
    proxyProps.setProxyHostName("filrproxy");
    proxyProps.setProxyPort(8080);
    HttpClientFactory.setProxyProperties(proxyProps);
    //

    this.consumerManager = new ConsumerManager();
    this .attributesToFetchFactory = new AxFetchListFactory() {
    private final List<OpenIDAttribute> fetchAttrs =
    Collections.unmodifiableList(attributes);

    public List<OpenIDAttribute> createAttributeList(String
    identifier) {
    return fetchAttrs;
    }
    };
    }
    ---

    With this change i can use OpenID login from my appliance over our proxy.
    (cascaded squid3, btw)

    Georg

    PS: I would really like an easier way of doing this... Is there a properties
    file, etc. which accomplishes the same thing?


    >>> Joseph Marton<jmarton@no-mx.forums.novell.com> schrieb am 07.05.2013 um

    00:17 in Nachricht <e_Vht.1993$8q1.91@kozak.provo.novell.com>:
    > Georg Fritsch wrote:
    >
    >> Looks like Filr is using openid4java and Novell neglected the really
    >> simple ---

    >
    > Thanks for posting this. I've passed this along to engineering. Right
    > now we're determining if a section to the docs will be added on how to
    > configure this, or if this will simply be a TID. One way or another
    > we'll get this configuration documented.


  8. #8
    Join Date
    Feb 2008
    Posts
    200

    Re: Open ID login

    WOW!! that is one hell of a way to change a proxy setting!!!..please let us know of a better way...surely Novell, most of you cutomers are enterprise, which will most of the times be gebhind frirewall/proxies?.....

  9. #9
    Join Date
    Sep 2007
    Posts
    6,103

    Re: Open ID login

    Georg Fritsch wrote:

    > I had to decompile OpenID4JavaConsumer.class from
    > /opt/novell/filr/apache-tomcat/lib/ext/spring-security-openid.jar,
    > fix the OpenID4JavaConsumer constructor,
    > get it to compile again,
    > and update the jar on the appliance.


    I've passed along all these details to engineering. Thank you very
    much for posting this!

    > PS: I would really like an easier way of doing this... Is there a
    > properties file, etc. which accomplishes the same thing?


    Not sure but I've asked engineering.

    --
    Your world is on the move. http://www.novell.com/mobility/
    We know what your world looks like. http://www.novell.com/yourworld/

  10. #10
    Join Date
    Sep 2007
    Posts
    6,103

    Re: Open ID login

    tdebeer wrote:

    >
    > WOW!! that is one hell of a way to change a proxy setting!!!..please
    > let us know of a better way...surely Novell, most of you cutomers are
    > enterprise, which will most of the times be gebhind
    > frirewall/proxies?.....


    Based on Georg's feedback, engineering has come up with the following
    steps which should be a bit easier.

    First, please download and extract the following file.

    ftp://ftp.novell.com/outgoing/openid_patch_05072013.zip

    1. Place attached openid_patch_05072013.jar into
    /opt/novell/filr/apache-tomcat/lib/custom-ext (make sure file
    protection on the jar is proper).

    2. Place attached security-ext.xml into
    /opt/novell/filr/apache-tomcat/webapps/ssf/WEB-INF/context.

    3. Edit
    /opt/novell/filr/apache-tomcat/webapps/ssf/WEB-INF/classes/config/ssf-ex
    t.properties, and append the following two properties with values
    appropriate to the customer environment.

    openid.proxy.hostname=<proxy server host name>
    openid.proxy.port=<proxy server port>

    The nice thing about this procedure is that you won't lose these custom
    files and settings after system re-configuration. However, PLEASE NOTE
    that this is merely a one-off work around and that we will NOT provide
    automatic update/migration for this when we release the next version of
    Filr containing real fix. Most likely, when you update to the next Filr
    release, you will have to manually undo these changes (1 and 2 in
    particular).

    I have asked to get this written up in a TID as well.

    --
    Your world is on the move. http://www.novell.com/mobility/
    We know what your world looks like. http://www.novell.com/yourworld/

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •