<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none"><!-- p { margin-top: 0px; margin-bottom: 0px; }--></style>
</head>
<body dir="ltr">
<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Inconsolata;">
<p></p>
<p class="p1"><span class="s1">We were having problems with 1.1.3 and it was suggested to upgrade to 1.1.12. We haven't had much success, so I decided to run some tests in a very clean scenario with as little change as possible. So, here it is:</span></p>
<p class="p1"><span class="s1"><br>
</span></p>
<p class="p1"><span class="s1">I took a vainilla 1.1.3 and made one simple change to the sample client: add
<a href="http://www.duke.edu" id="lnk147249">http://www.duke.edu</a> as a redirect. I then whitelisted the client.</span></p>
<p class="p1"><span style="font-size: 12pt;">When calling </span><span style="font-size: 12pt;"><a href="http://xxx/ldap-openid-connect-server-113/authorize?client_id=client&redirect_uri=http://www.duke.edu&scope=openid%20profile&response_type=code" id="lnk507984">http://xxx/ldap-openid-connect-server-113/authorize?client_id=client&redirect_uri=http://www.duke.edu&scope=openid%20profile&response_type=code</a> </span><span style="font-size: 12pt;">it </span><span style="font-size: 12pt;">prompts
me f</span><span style="font-size: 12pt;">or credentials and then redirects me to
</span><a href="http://www.duke.edu/?code=xxxxxxx" id="lnk660789" style="font-size: 12pt;">http://www.duke.edu/?code=xxxxxxx</a><span style="font-size: 12pt;">​ </span></p>
<p class="p1"><span class="s1"></span><span style="font-size: 12pt;">Subsequent ac</span><span style="font-size: 12pt;">cess sends me directly w/o prompting for credentials.</span></p>
<p class="p1"><span style="font-size: 12pt;">On the management page it shows "</span><span style="font-size: 12pt;">There have been 1 user of this system who have logged in to 1 total site, for a total of 1 site approval" </span><span style="font-size: 12pt;">and
the client shows up </span><span style="font-size: 12pt;">in the “Manage Approved Sites” page.</span></p>
<p class="p2"><span class="s1"></span><br>
</p>
<p class="p1"><span class="s1">When trying to repeat that simple scenario in 1.1.12... added the redirect and whitelisted the client.</span></p>
<p class="p1"><span class="s1"></span><span style="font-size: 12pt;"><a href="http://vml-catstools2:8080/ldap-openid-connect-server/authorize?client_id=client&redirect_uri=theclient://callback&scope=openid%20profile&response_type=code" id="lnk509122">http://xxx/ldap-openid-connect-server/authorize?client_id=client&redirect_uri=http://www.duke.edu&scope=openid%20profile&response_type=code</a>
it </span><span style="font-size: 12pt;">prompts me for credentials every time and after the credentials it redirects me to the http://xxx/ldap-openid-</span><span style="font-size: 12pt;">connect-server management page, where it displays "</span><span style="font-size: 12pt;">There
hav</span><span style="font-size: 12pt;">e been 0 users of this system who have authorized 0 applications, with a total of 0 site approvals" and the client never shows up in the "Manage Approved Sites" page.<br>
</span></p>
<p class="p1"><span style="font-size: 12pt;"><br>
</span></p>
<p class="p1">Was there some change that requires some extra step or configuration for this simple scenario to work on 1.1.12?<br>
</p>
<p class="p1"><br>
</p>
<p class="p1">Thanks,<br>
</p>
<p><br>
</p>
<p><br>
</p>
<div id="Signature">
<div name="divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:; margin:0">
<div style="font-size:13px; font-family:Tahoma">
<div class="BodyFragment"><font size="2">
<div class="PlainText">Felipe Polo-Wood<br>
Sr. Manager<br>
Clinical Applications Technical Services</div>
<div class="PlainText">Office: +1.919.668.2268<br>
Mobile: +1.919.741.4213<br>
</div>
</font></div>
</div>
</div>
</div>
</div>
</body>
</html>