[Code] (no subject)

[Yang Zhao]

2009/9/10 Markus Jelsma - Buyways B.V. <markus at buyways.nl>
> I think i have not made myself very clear and i am sorry for that. It is OpenID where the problem is. First i authenticate with the OpenID server and then i verify that authentication with that same OpenID server, our own protocol has not yet even started yet because it already (sometimes) failes in the OpenID check.

OK. When you said OpenID authentication works fine, I assumed the
check_authentication step was completing successfully as well.  The
authentication isn't really completed until that is done.  In any
case, your cetralized server is not involved at all yet.  Good to get
that cleared up.


> First i do the redirect to the OpenID server for the user to fill in his password, then it will redirect back to a location...
>
> This step should return, somewhere in the body, a is_valid: true, but it _sometimes_ returns an is_valid: false instead, thus failing the authentication.

If it's random failures with the same identity, the thing to do would
be to examine any debugging logs that's available at the OP or
consumer.  If there aren't such things, try and get dumps of the
exchange that happens and verify that it is indeed valid by hand.

If you're convinced that it's a library problem, then telling us what
that library is would be a start.  If that's proprietary, then I'm not
sure what else we can do to help here; you just have a bug in an
otherwise conforming implementation.

--
Yang Zhao
http://yangman.ca