Re: [Debconf-team] SSO problems?

To: Steve McIntyre <steve@einval.com>
Cc: debconf team list <debconf-team@lists.debconf.org>
Subject: Re: [Debconf-team] SSO problems?
From: ValessioBrito <valessio@gmail.com>
Date: Mon, 5 May 2014 21:50:38 -0300
Message-id: <[🔎] CAJd8MAkaM3oHsUDa-favzXMk8f0G=-_U9FB+zwVy7o3Ho9bLPg@mail.gmail.com>
In-reply-to: <[🔎] 20140505230437.GB14706@einval.com>
References: <[🔎] 20140505211911.GA14706@einval.com> <[🔎] 20140505223055.GA10897@virgil.dodds.net> <[🔎] 20140505230437.GB14706@einval.com>

Hi all,

This is what is occurring:

Can't login with my first_password; I change the password on Alioth
for a second_password.

The password that works is the first_password (above) and not the
second_password, newly registered.

...

2014-05-05 20:04 GMT-03:00 Steve McIntyre <steve@einval.com>:
> On Mon, May 05, 2014 at 03:30:55PM -0700, Steve Langasek wrote:
>>On Mon, May 05, 2014 at 10:19:11PM +0100, Steve McIntyre wrote:
>>> I've tried to log in a couple of times using my SSO password, now I'm
>>> getting this:
>>
>>> Forbidden
>>
>>> You don't have permission to access /o/authorize on this server.
>>> Apache Server at sso.debian.org Port 443
>>
>>Someone else has reported this on IRC, but gone idle before I could get any
>>details.  Maybe helpful if you can drop in one of the appropriate channels
>>so we can debug this in realtime.
>
> It's getting too late here for me to jump into IRC tonight, I'm
> afraid. So here's as much detail as I can give by mail...
>
>>I'm not able to reproduce the described problem.  Can you please give:
>>
>> - the URL of the page on summit.debconf.org that you followed the link from
>
> Following a link from
>
>   http://debconf14.debconf.org/registration.xhtml
>
> , pointing at
>
>    https://summit.debconf.org/debconf14/registration/
>
> . That redirected to
>
>   https://sso.debian.org/o/authorize?scope=openid+email+profile&state=WRVFSOMpGbT2Gsd0wBlSsZYqnnF5Tc1q&redirect_uri=https://summit.debconf.org/complete/debian-oauth2/&response_type=code&client_id=HUL=1jMcEEjGjYJecEI@xuJKF2N8i!LmVXpaeusm
>
> which is the page with the 403.
>
>> - the full URL of the link you were following
>> - if you had failed login attempts before hitting the error, how many times
>>   that happened before you got the Forbidden error (i.e., is this an
>>   account lockout kind of thing)
>
> I think it may well be that. I couldn't remember my SSO password
> (maybe 2 attempts there), so went and changed it. I tried again with
> the new password a couple of times (I'm guessing before settings had
> synced somewhere?), and that's when I started getting the 403
> page. I'm still seeing it now if I try again from the same browser
> (iceweasel). Switching to chromium a little later, I was able to log
> in successfully using the new SSO password.
>
>>Sorry for the trouble.  It seems that DebConf registration is really finding
>>the corner cases on the new SSO service.  Assuming the SSO team don't go on
>>strike in protest, I'm sure we'll have it all sorted out before too much
>>longer.
>
> Hopefully... :-)
>
> --
> Steve McIntyre, Cambridge, UK.                                steve@einval.com
> "Every time you use Tcl, God kills a kitten." -- Malcolm Ray
>
> _______________________________________________
> Debconf-team mailing list
> Debconf-team@lists.debconf.org
> http://lists.debconf.org/mailman/listinfo/debconf-team



-- 
://ValessioBrito.com.br
> Profissional de inovação
@valessiobrito / +55 (71) VALESSIO

Reply to:

References:
- [Debconf-team] SSO problems?
  - From: Steve McIntyre <steve@einval.com>
- Re: [Debconf-team] SSO problems?
  - From: Steve Langasek <vorlon@debian.org>
- Re: [Debconf-team] SSO problems?
  - From: Steve McIntyre <steve@einval.com>

Prev by Date: Re: [Debconf-team] SSO problems?
Next by Date: [Debconf-team] t-shirt artwork
Previous by thread: Re: [Debconf-team] SSO problems?
Next by thread: [Debconf-team] t-shirt artwork
Index(es):
- Date
- Thread