Announcement Announcement Module
Collapse
No announcement yet.
Samples - OpenId - Google Login - Hostname in Certificate didn't match Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Samples - OpenId - Google Login - Hostname in Certificate didn't match

    Hello,
    I am trying to run the OpenId sample from the latest version in git. I start it up using 'gradle jettyRun' and proceed to localhost:8080. Once I get there, I click on google as my account provider and receive the following error message in the browser:

    "Your login attempt was not successful, try again.

    Reason: Unable to process claimed identity 'https://www.google.com/accounts/o8/id'."

    There is a stack trace on the console - the main points are here:

    o.s.s.o.OpenIDAuthenticationFilter - Failed to consume claimedIdentity: https://www.google.com/accounts/o8/id org.springframework.security.openid.OpenIDConsumer Exception: Error during discovery
    Caused by: org.openid4java.discovery.yadis.YadisException: 0x704: I/O transport error: hostname in certificate didn't match: <www.google.com/74.125.225.82> != <www.google.com>
    Caused by: javax.net.ssl.SSLException: hostname in certificate didn't match: <www.google.com/74.125.225.82> != <www.google.com>

    I've attached the full stacktrace to this post rather than pollute the entire post with exceptions.


    Could someone please help me? I've been trying to learn how to use Spring Security with Google as an OpenId provider, and if I can't get the sample application working, I don't have much hope for being able to do it on my own.

    I am using Java 1.6.0_27 64 bit and this is happening on both of my Windows 7 64 bit computers.

    Any help would be greatly appreciated.


    Chris

  • #2
    It looks like the issue is similar to HTTPCLIENT-1118. Change openid/openid.gradle to use httpclient:4.1.1 instead of 4.1.2 will fix the issue so you can proceed. I will get a fix pushed out as soon as I am able.

    Cheers,

    Comment


    • #3
      Thank you very much, rwinch - I gave this a try and it worked!

      I have updated the issue I created for this https://jira.springsource.org/browse/SEC-1815 to reflect this workaround.

      Comment

      Working...
      X