Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-2707

Upgrade Crowd's openid4java client to 0.9.6

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Medium
    • 2.4
    • 2.3.2
    • OpenID
    • None

    Description

      Many OpenID implementations (including Gerrit 2.1.7) are developed based on the newer openid4java 0.9.6 to fix a security issue with 0.9.5, which requires servers to sign attributes to prevent them from being forged.

      The following is an error thrown when attempting to login to Gerrit with Crowd OpenID:

      [2011-10-05 17:46:24,014] WARN / : Unexpected error during authentication
org.openid4java.message.MessageException: 0x100: Namespace declaration for extension http://openid.net/sreg/1.0 MUST be signed
at org.openid4java.message.Message.getExtension(Message.java:495)

      We have to repackage and test Crowd OpenID with the latest version of the openid4java. Crowd currently ships with openid4java-0.9.5, we would need to test it with 0.9.6.

      Attachments

        Issue Links

          is duplicated by

          Suggestion - CWD-2598 Upgrade to openid4java 0.9.6

          • Closed

          Activity

            People

              jwalton joe
              fsim Foo Sim (Inactive)
              Votes:
              2 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: