Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 361592

Summary: [sites] Can't log into self hosted site with a Google account
Product: [ECD] Orion Reporter: Mark Macdonald <mamacdon>
Component: ClientAssignee: Mark Macdonald <mamacdon>
Status: RESOLVED WONTFIX QA Contact:
Severity: normal    
Priority: P3 CC: jarthana, malgorzata.tomczyk, Szymon.Brandys
Version: 0.3   
Target Milestone: 6.0 M1   
Hardware: PC   
OS: All   
Whiteboard:

Description Mark Macdonald CLA 2011-10-20 16:46:46 EDT 
Orion 0.3RC3

1. Create a self-hosted site and launch it. Go to Security > Sign In.
2. Click the Google icon in the login pane.
3. You'll see an error:

Could not discover: https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
Comment 1 Tomasz Zarna CLA 2011-10-27 06:40:58 EDT 
Isn't the culprit the same as on bug 346185?
Comment 2 Mark Macdonald CLA 2011-10-27 09:31:07 EDT 
(In reply to comment #1)
> Isn't the culprit the same as on bug 346185?

Maybe it is -- I haven't had a chance to debug yet. This bug has a different stack trace, and it only happens when logging into a self-hosted site (not localhost)

> !ENTRY org.eclipse.orion.server.authentication.formopenid 4 0 2011-10-27 09:19:41.013
> !MESSAGE An error occurred redirecting to OpenId provider
> !STACK 0
> org.eclipse.orion.server.openid.core.OpenIdException: Could not discover: https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
> 	at org.eclipse.orion.server.openid.core.OpenIdHelper.redirectToOpenIdProvider(OpenIdHelper.java:120)
> 	at org.eclipse.orion.server.authentication.formopenid.servlets.FormOpenIdLoginServlet.doPost(FormOpenIdLoginServlet.java:96)
> 	at org.eclipse.orion.server.authentication.formopenid.servlets.FormOpenIdLoginServlet.doGet(FormOpenIdLoginServlet.java:180)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
> 	at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
> 	at org.eclipse.equinox.http.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:38)
>         ...
> Caused by: org.eclipse.core.runtime.CoreException: Could not discover: https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
> 	at org.eclipse.orion.server.openid.core.OpenidConsumer.authRequest(OpenidConsumer.java:81)
> 	at org.eclipse.orion.server.openid.core.OpenIdHelper.redirectToOpenIdProvider(OpenIdHelper.java:115)
> 	... 49 more
> Caused by: org.openid4java.discovery.yadis.YadisException: 0x704: I/O transport error: 
> 	at org.openid4java.discovery.yadis.YadisResolver.retrieveXrdsLocation(YadisResolver.java:432)
> 	at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:229)
> 	at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:221)
> 	at org.openid4java.discovery.yadis.YadisResolver.discover(YadisResolver.java:179)
> 	at org.openid4java.discovery.Discovery.discover(Discovery.java:134)
> 	at org.openid4java.discovery.Discovery.discover(Discovery.java:114)
> 	at org.openid4java.consumer.ConsumerManager.discover(ConsumerManager.java:527)
> 	at org.eclipse.orion.server.openid.core.OpenidConsumer.authRequest(OpenidConsumer.java:79)
> 	... 50 more
> Caused by: java.net.UnknownHostException: https
> 	at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:196)
> 	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:378)
> 	at java.net.Socket.connect(Socket.java:528)
> 	at java.net.Socket.connect(Socket.java:477)
> 	at java.net.Socket.<init>(Socket.java:374)
> 	at java.net.Socket.<init>(Socket.java:248)
> 	at org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory.createSocket(DefaultProtocolSocketFactory.java:80)
> 	at org.apache.commons.httpclient.protocol.ControllerThreadSocketFactory$1.doit(ControllerThreadSocketFactory.java:91)
> 	at org.apache.commons.httpclient.protocol.ControllerThreadSocketFactory$SocketTask.run(ControllerThreadSocketFactory.java:158)
> 	at java.lang.Thread.run(Thread.java:736)
>
Comment 3 Malgorzata Janczarska CLA 2011-10-27 11:46:31 EDT 
(In reply to comment #1)
> Isn't the culprit the same as on bug 346185?

This error indicates that there is something wrong with connection with the OpenId provider. In bug 346185 this is shown because of myopenid fault (I think their certificate is not valid any more), but here google accounts work normally, so it's probably something we are doing wrong. I'll debug it later.
Other thing is that why are we displaying "%3A%2F%2F" but "://". I'll try to find out where it gets changed.
Comment 4 Mark Macdonald CLA 2012-02-22 10:00:32 EST 
(In reply to comment #3)
> Other thing is that why are we displaying "%3A%2F%2F" but "://". I'll try to
> find out where it gets changed.

This may've been caused by bug 369811, which has been fixed.

However, OpenId login still doesn't work through self-hosting. I will investigate for 0.5.
Comment 5 Mark Macdonald CLA 2012-05-22 11:27:59 EDT 
Won't have time for M2, deferring..
Comment 6 Mark Macdonald CLA 2012-06-13 14:16:29 EDT 
In this case, OpenID requests are being constructed and verified against 'localhost' (because requests for /login are proxied to localhost). They need to use the hostname of the selfhosted site instead, so that the appropriate cookies are set and so on.

Fixing this is not low-risk so deferring yet again.
Comment 7 John Arthorne CLA 2015-05-05 14:44:11 EDT 
Closing as part of a mass clean up of inactive bugs. Please reopen if this problem still occurs or is relevant to you. For more details see:

https://dev.eclipse.org/mhonarc/lists/orion-dev/msg03444.html