[OpenID] Login to an RP fails with a Yahoo OpenID

Allen Tom atom at yahoo-inc.com
Wed Feb 6 06:24:01 UTC 2008 

Hi Prabath,

The Yahoo OP requires that you have a proper TLD (no IP addresses) and 
that you're running your web server on a standard port (80 or 443). 
These restrictions were meant to keep the Yahoo OP consistent with Yahoo 
BBAuth, although this might be a bit too restrictive for developers that 
are experimenting with OpenID in development/test environment.

Thanks,
Allen


Prabath Siriwardena wrote:
> [this is the same as my previous post, with two spelling mistakes corrected]
>
> Thanks Tatsuya, for the reply.
>
> Even after disabling the sreg, same issue re-occured.
>
> Following is my complete request.
>
> https://open.login.yahooapis.com/openid/op/auth?
> openid.ns:http://specs.openid.net/auth/2.0
> openid.claimed_id:https://me.yahoo.com/prabathsiriwardena
> openid.identity:https://me.yahoo.com/prabathsiriwardena
> openid.return_to:https://localhost:12443/OpenIDCallback.action
> openid.realm:https://localhost:12443/OpenIDCallback.action
> openid.assoc_handle:7qPyTxudRAFJ892AgTg8fUHPxPSgIIRBEcCE.i2hW33O2rmaf8Kuoqb_WNBYgReaAQrAe6XQU.nMh2TPFX1x_ua_pHKzFB8GC8dLP3xa4KicqP8tnI_Xq1_7j6tYn2Q-
> openid.mode:checkid_setup
>
> I have tested the same RP with other OPs, which I succeeded. Any thoughts?
>
> I don't think having localhost for return_to will cause a problem,
> since it's a browser redirect.
>
> Thanks & regards.
> - Prabath
>
>
> On Feb 6, 2008 10:34 AM, Tatsuya KATSUHARA <t-katsuhara at nri.co.jp> wrote:
>   
>> Hi Prabath
>>
>>  > Both the discovery and association succeeded, but finally failed, by
>>  > redirecting to a web page stating the following.
>> Can you get possitive assersion?
>> If you doesn't get possitive assersion from yahoo op, it's worth
>> trying to disable sreg.
>>
>>  > In the request for authentication, my RP asks for a set of sreg
>>  > attributes.
>> Though I'm not sure how yahoo op handle sreg request, Yahoo OpenID
>> server can't accept sreg for the concern of one's privacy.
>>
>> Regards
>>
>> --
>> Tatsuya KATSUHARA (http://xri.net/=katsuhara)
>>
>>
>> Prabath Siriwardena wrote:
>>  > Hi;
>>  >
>>  > Appreciate a lot, if somebody from Yahoo [or anybody else], could
>> answer this.
>>  >
>>  > I tried to login to an RP [which is developed on top of openid4java]
>>  > with a Yahoo OpenID.
>>  >
>>  > Both the discovery and association succeeded, but finally failed, by
>>  > redirecting to a web page stating the following.
>>  >
>>  > "Sorry! Something is not quite right with the request we received from
>>  > the website you are trying to use. Please try again in a few minutes.
>>  > If this error persists, please contact the site administrator for the
>>  > website you are trying to use. "
>>  >
>>  > In the request for authentication, my RP asks for a set of sreg
>> attributes.
>>  >
>>  > Thanks & regards.
>>  >
>>  > - Prabath
>>  > _______________________________________________
>>  > general mailing list
>>  > general at openid.net
>>  > http://openid.net/mailman/listinfo/general
>>
>>     
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general
>   

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20080205/2f575f8a/attachment-0002.htm>

More information about the general mailing list