search

LLG20111699 / openid4java

Automatically exported from code.google.com/p/openid4java
Apache License 2.0
0 stars 0 forks source link

Reduce log level for failed association #152

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Steps to reproduce:
1. Try to login using openid4java to livejournal.com

In logs:
{{{
30 апр 2011 09:04:38,927 WARN qtp1278514289-16 
org.openid4java.consumer.ConsumerManager - Could not create association of 
type: no-encryption:HMAC-SHA1:OpenID2
30 апр 2011 09:04:38,927 WARN qtp1278514289-16 
org.openid4java.consumer.ConsumerManager - Could not create association of 
type: no-encryption:HMAC-SHA256:OpenID2
30 апр 2011 09:04:39,220 ERROR qtp1278514289-16 
org.openid4java.consumer.ConsumerManager - Error encountered during association 
attempt.
org.openid4java.message.MessageException: 0x100: Required parameter missing: 
assoc_handle
        at org.openid4java.message.Message.validate(Message.java:188)
        at org.openid4java.message.AssociationResponse.validate(AssociationResponse.java:235)
        at org.openid4java.message.AssociationResponse.createAssociationResponse(AssociationResponse.java:118)
        at org.openid4java.consumer.ConsumerManager.associate(ConsumerManager.java:787)
        at org.openid4java.consumer.ConsumerManager.associate(ConsumerManager.java:664)
        at org.springframework.security.openid.OpenID4JavaConsumer.beginConsumption(OpenID4JavaConsumer.java:84)
        at org.springframework.security.openid.OpenIDAuthenticationFilter.attemptAuthentication(OpenIDAuthenticationFilter.java:132)
30 апр 2011 09:04:49,300 ERROR qtp1278514289-16 
org.openid4java.consumer.ConsumerManager - Error talking to 
http://www.livejournal.com/openid/server.bml response code: -1
java.net.SocketTimeoutException: Read timed out
        at java.net.SocketInputStream.socketRead0(Native Method)
        at java.net.SocketInputStream.read(SocketInputStream.java:129)
        at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
        at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
        at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78)
        at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106)
        at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116)
}}}

According to spec: "assoc_handle" parameter is optional. Moreover association 
step is optional as well. 

Expected:
 * WARN and ERROR levels should be INFO. 
 * No stacktrace for missing optional parameter.
 * do not start association step if "assoc_handle" parameter is missing

Version:
 * 0.9.5. Within spring.

Original issue reported on code.google.com by dernashe...@gmail.com on 30 Apr 2011 at 10:04

GoogleCodeExporter commented 9 years ago 
assoc_handle is optional in authentication requests but required in association 
response; implementation is correct in this respect. It is the latter that 
gives you a (legitimate) protocol error (and stacktrace).

Warning also seems appropriate: your consumer manager is unable to associate 
using one of the association types with which it is configured.

Original comment by Johnny.B...@gmail.com on 31 Oct 2012 at 9:41