<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Thanks for the writeup. Most of the things you’ve found are issues with running SimpleWebApp against the 1.2 branch, which it’s not set up to do. We try to keep the main branch of the SimpleWebApp demo application pointing to the production release, which is currently 1.1. Since you’re not the first to ask about it, though, it might be time to add a 1.2 branch to SimpleWebApp as well.<div class=""><br class=""></div><div class="">&nbsp;— Justin</div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Mar 9, 2015, at 9:12 PM, P Saraswat &lt;<a href="mailto:saraswat40@yahoo.com" class="">saraswat40@yahoo.com</a>&gt; wrote:</div><br class="Apple-interchange-newline"><div class="">

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
<div class=""><div style="background-color: rgb(255, 255, 255); font-family: HelveticaNeue, 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; font-size: 16px;" class=""><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Hi Guys,<br class=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Today I spent a few hours looking at Google OpenID integration that you guys have implemented. Over all you guys have done a great job.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">There are just a few things that I ran into that I wanted to let you guys know. Hopefully this will help someone.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">1. The OpenID-Connect-Java-Spring-Server ( openid-connect-parent ) project ( master ) builds fine and must be built on the local machine before starting with the simple-web-app project.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">2. As per <a href="https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Sample-Static-Configuration-for-using-Google-Authentication" class="">https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Sample-Static-Configuration-for-using-Google-Authentication</a>, the simple-web-app project works with the development branch only (as of 03/09/2015). This requires several changes.&nbsp;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>a). The master project has moved to spring-security-3.2.5 while the simple-web-app is still on spring-security 3.1.4</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>b). In step 4, you also need clientSecret. Else you get a "HTTP Status 401 - Authentication Failed: Unable to obtain Access Token: 400 Bad Request" error.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>c). In step 4, the <a href="https://my-redirect-uri-setup-in-google/" class="">https://my-redirect-uri-setup-in-google/</a> must be of the form <a href="http://localhost:8080/simple-web-app/openid_connect_login" class="">http://localhost:8080/simple-web-app/openid_connect_login</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><span class="" style="white-space:pre">        </span>d). in servlet-context.xml, <b class="">DefaultJWTSigningAndValidationService</b> is spelled as <b class="">DefaultJwtSigningAndValidationService</b> which results in a classnotfoundexception on startup</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">3. The final issue I ran into is that after authentication is complete I get a "request for "<a href="https://www.googleapis.com/plus/v1/people/me/openIdConnect" class="">https://www.googleapis.com/plus/v1/people/me/openIdConnect</a>" resulted in 403" error. The issue and the solution is described in detail here:</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><a href="http://stackoverflow.com/questions/19335503/keep-getting-a-daily-limit-for-unauthenticated-use-exceeded-continued-use-requ" class="">http://stackoverflow.com/questions/19335503/keep-getting-a-daily-limit-for-unauthenticated-use-exceeded-continued-use-requ</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">This is not an issue with your implementation but does prevent people from running the example successfully :)</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Hope this helps.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="" dir="ltr">Thanks</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">Prashant</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">--- a/pom.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+++ b/pom.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -11,8 +11,8 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;org.springframework-version&gt;3.2.3.RELEASE&lt;/org.springframework-version&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;org.aspectj-version&gt;1.6.9&lt;/org.aspectj-version&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;org.slf4j-version&gt;1.5.10&lt;/org.slf4j-version&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;spring.security.version&gt;3.1.4.RELEASE&lt;/spring.security.version&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;mitreid-connect-version&gt;1.1.12&lt;/mitreid-connect-version&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;spring.security.version&gt;3.2.5.RELEASE&lt;/spring.security.version&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;mitreid-connect-version&gt;1.2.0-SNAPSHOT&lt;/mitreid-connect-version&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &lt;/properties&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">diff --git a/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml b/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">index 4b2713c..7fd239d 100644</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">--- a/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+++ b/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -7,7 +7,7 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; xmlns:tx="<a href="http://www.springframework.org/schema/tx" class="">http://www.springframework.org/schema/tx</a>" xmlns:util="<a href="http://www.springframework.org/schema/util" class="">http://www.springframework.org/schema/util</a>"</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; xsi:schemaLocation="<a href="http://www.springframework.org/schema/security/oauth2" class="">http://www.springframework.org/schema/security/oauth2</a> <a href="http://www.springframework.org/schema/security/spring-security-oauth2.xsd" class="">http://www.springframework.org/schema/security/spring-security-oauth2.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/mvc" class="">http://www.springframework.org/schema/mvc</a> <a href="http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd" class="">http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/security" class="">http://www.springframework.org/schema/security</a> <a href="http://www.springframework.org/schema/security/spring-security-3.1.xsd" class="">http://www.springframework.org/schema/security/spring-security-3.1.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/security" class="">http://www.springframework.org/schema/security</a> <a href="http://www.springframework.org/schema/security/spring-security-3.2.xsd" class="">http://www.springframework.org/schema/security/spring-security-3.2.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/beans" class="">http://www.springframework.org/schema/beans</a> <a href="http://www.springframework.org/schema/beans/spring-beans-3.0.xsd" class="">http://www.springframework.org/schema/beans/spring-beans-3.0.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/util" class="">http://www.springframework.org/schema/util</a> <a href="http://www.springframework.org/schema/util/spring-util-3.0.xsd" class="">http://www.springframework.org/schema/util/spring-util-3.0.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/tx" class="">http://www.springframework.org/schema/tx</a> <a href="http://www.springframework.org/schema/tx/spring-tx-3.1.xsd" class="">http://www.springframework.org/schema/tx/spring-tx-3.1.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &lt;!--</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -430,7 +487,7 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; This service sets up a bunch of signers and validators based on our own keys.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Replace this keystore's contents for a production deployment.</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;--&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- &nbsp; &nbsp; &nbsp; &lt;bean id="defaultSignerService" class="org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService"&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ &nbsp; &nbsp; &nbsp; &lt;bean id="defaultSignerService" class="org.mitre.jwt.signer.service.impl.DefaultJWTSigningAndValidationService"&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;constructor-arg name="keyStore"&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;bean id="defaultKeyStore" class="org.mitre.jose.keystore.JWKSetKeyStore"&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &lt;property name="location" value="classpath:keystore.jwks" /&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -449,3 +506,4 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &lt;/bean&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp;&lt;/beans&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ &nbsp;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">\ No newline at end of file</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">diff --git a/src/main/webapp/WEB-INF/spring/root-context.xml b/src/main/webapp/WEB-INF/spring/root-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">index d5fd2c5..e3c96f4 100644</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">--- a/src/main/webapp/WEB-INF/spring/root-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+++ b/src/main/webapp/WEB-INF/spring/root-context.xml</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">@@ -8,7 +8,7 @@</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; xmlns:oauth="<a href="http://www.springframework.org/schema/security/oauth2" class="">http://www.springframework.org/schema/security/oauth2</a>"</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; xsi:schemaLocation="<a href="http://www.springframework.org/schema/security/oauth2" class="">http://www.springframework.org/schema/security/oauth2</a> <a href="http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd" class="">http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/mvc" class="">http://www.springframework.org/schema/mvc</a> <a href="http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd" class="">http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">- &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/security" class="">http://www.springframework.org/schema/security</a> <a href="http://www.springframework.org/schema/security/spring-security-3.1.xsd" class="">http://www.springframework.org/schema/security/spring-security-3.1.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">+ &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/security" class="">http://www.springframework.org/schema/security</a> <a href="http://www.springframework.org/schema/security/spring-security-3.2.xsd" class="">http://www.springframework.org/schema/security/spring-security-3.2.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/beans" class="">http://www.springframework.org/schema/beans</a> <a href="http://www.springframework.org/schema/beans/spring-beans-3.2.xsd" class="">http://www.springframework.org/schema/beans/spring-beans-3.2.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/tx" class="">http://www.springframework.org/schema/tx</a> <a href="http://www.springframework.org/schema/tx/spring-tx-3.2.xsd" class="">http://www.springframework.org/schema/tx/spring-tx-3.2.xsd</a></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style="">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <a href="http://www.springframework.org/schema/context" class="">http://www.springframework.org/schema/context</a> <a href="http://www.springframework.org/schema/context/spring-context-3.2.xsd" class="">http://www.springframework.org/schema/context/spring-context-3.2.xsd</a>"&gt;</div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div><div id="yui_3_16_0_1_1425914407853_95557" class="" style=""><br class="" style=""></div></div></div>_______________________________________________<br class="">mitreid-connect mailing list<br class=""><a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a><br class="">http://mailman.mit.edu/mailman/listinfo/mitreid-connect<br class=""></div></blockquote></div><br class=""></div></body></html>