-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
jenkins-1.464 is running inside tomcat-7.0.27, behing apache configured with
{quote}
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
{quote}
Security Realm is configured as OpenID SSO (https://www.google.com/accounts/o8/id)
and Authorization is "Anyone can do anything"jenkins-1.464 is running inside tomcat-7.0.27, behing apache configured with {quote} ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ {quote} Security Realm is configured as OpenID SSO ( https://www.google.com/accounts/o8/id ) and Authorization is "Anyone can do anything"
After I come back to jenkins from Gmail's login page, I get the error page attached.
Relevant logs (from catalina.out) below
May 22, 2012 4:21:36 PM org.openid4java.consumer.ConsumerManager verify INFO: Verifying authentication response... May 22, 2012 4:21:36 PM org.openid4java.consumer.ConsumerManager verify INFO: Received positive auth response. May 22, 2012 4:21:36 PM org.openid4java.discovery.Discovery discover INFO: Starting discovery on URL identifier: https://www.google.com/accounts/o8/id?id=AItOawmV_fjQPn7VrVqswi9gTaZhXkvgZYZpv88 May 22, 2012 4:21:36 PM org.openid4java.discovery.yadis.YadisResolver discover INFO: Yadis discovered 5 endpoints from: https://www.google.com/accounts/o8/id?id=AItOawmV_fjQPn7VrVqswi9gTaZhXkvgZYZpv88 May 22, 2012 4:21:36 PM org.openid4java.discovery.Discovery discover INFO: Discovered 5 OpenID endpoints. May 22, 2012 4:21:36 PM org.openid4java.consumer.ConsumerManager verifySignature INFO: Found association: AMlYA9Xpcl6dLgCNkbFmVM1zizZKFKErxA6kVEnHY0oslyn2tAWr8WVp7YtP5WKy-TyttwKt verifying signature locally... May 22, 2012 4:21:36 PM org.openid4java.consumer.ConsumerManager verifySignature SEVERE: Verification failed for: https://www.google.com/accounts/o8/id?id=AItOawmV_fjQPn7VrVqswi9gTaZhXkvgZYZpv88 reason: null
This should be pretty much the default use case for this plugin.
I'm wondering if there's something wrong with my environment or Gmail has done something to their openID implementation.
It's hard to believe it just doesn't work