ramarao1990 / openid4java

Automatically exported from code.google.com/p/openid4java
Apache License 2.0
0 stars 0 forks source link

When you switch the OpenID Server with a new certificate. Authentication fails #106

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Move the OpenID server to a new server with a new certificate
2. Name the OpenID server with the same host name
3. Authenticate to this new server will fail

What is the expected output? What do you see instead?
Should log in with the credentials supplied
The Errors seen are
01/20/10 13:44:44 ERROR TP-Processor15
org.openid4java.consumer.ConsumerManager - No service element found to
match the ClaimedID / OP-endpoint in the assertion.
01/20/10 13:44:44 ERROR TP-Processor15
org.openid4java.consumer.ConsumerManager - Discovered information
verification failed.

What version of the product are you using? On what operating system?

Please provide any additional information below.
Need a mechanism to clear the Store that is used to keep the old 
association information without restarting the application!!!

      // we'll keep looking for a service for which we already have an
      // association. Only if we don't find any do we return the first 
match
      Association assoc = 
consumerManager.getPrivateAssociationStore().load(
          service.getOPEndpoint().toString(),
          authResp.getHandle());

Original issue reported on code.google.com by sridhar....@gmail.com on 20 Jan 2010 at 11:04

GoogleCodeExporter commented 8 years ago
This is a responsibility of the OpenID Provider. If it knows it is about to 
perform 
operational changes, it should respond accordingly to association requests, 
perhaps 
by disabling associations altogether temporarily, or with a lower expires_in 
value.

Original comment by Johnny.B...@gmail.com on 24 Mar 2010 at 1:25