[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Debconf-team] SSO problems?

Hi all,

This is what is occurring:

Can't login with my first_password; I change the password on Alioth
for a second_password.

The password that works is the first_password (above) and not the
second_password, newly registered.


2014-05-05 20:04 GMT-03:00 Steve McIntyre <steve@einval.com>:
> On Mon, May 05, 2014 at 03:30:55PM -0700, Steve Langasek wrote:
>>On Mon, May 05, 2014 at 10:19:11PM +0100, Steve McIntyre wrote:
>>> I've tried to log in a couple of times using my SSO password, now I'm
>>> getting this:
>>> Forbidden
>>> You don't have permission to access /o/authorize on this server.
>>> Apache Server at sso.debian.org Port 443
>>Someone else has reported this on IRC, but gone idle before I could get any
>>details.  Maybe helpful if you can drop in one of the appropriate channels
>>so we can debug this in realtime.
> It's getting too late here for me to jump into IRC tonight, I'm
> afraid. So here's as much detail as I can give by mail...
>>I'm not able to reproduce the described problem.  Can you please give:
>> - the URL of the page on summit.debconf.org that you followed the link from
> Following a link from
>   http://debconf14.debconf.org/registration.xhtml
> , pointing at
>    https://summit.debconf.org/debconf14/registration/
> . That redirected to
>   https://sso.debian.org/o/authorize?scope=openid+email+profile&state=WRVFSOMpGbT2Gsd0wBlSsZYqnnF5Tc1q&redirect_uri=https://summit.debconf.org/complete/debian-oauth2/&response_type=code&client_id=HUL=1jMcEEjGjYJecEI@xuJKF2N8i!LmVXpaeusm
> which is the page with the 403.
>> - the full URL of the link you were following
>> - if you had failed login attempts before hitting the error, how many times
>>   that happened before you got the Forbidden error (i.e., is this an
>>   account lockout kind of thing)
> I think it may well be that. I couldn't remember my SSO password
> (maybe 2 attempts there), so went and changed it. I tried again with
> the new password a couple of times (I'm guessing before settings had
> synced somewhere?), and that's when I started getting the 403
> page. I'm still seeing it now if I try again from the same browser
> (iceweasel). Switching to chromium a little later, I was able to log
> in successfully using the new SSO password.
>>Sorry for the trouble.  It seems that DebConf registration is really finding
>>the corner cases on the new SSO service.  Assuming the SSO team don't go on
>>strike in protest, I'm sure we'll have it all sorted out before too much
> Hopefully... :-)
> --
> Steve McIntyre, Cambridge, UK.                                steve@einval.com
> "Every time you use Tcl, God kills a kitten." -- Malcolm Ray
> _______________________________________________
> Debconf-team mailing list
> Debconf-team@lists.debconf.org
> http://lists.debconf.org/mailman/listinfo/debconf-team

> Profissional de inovação
@valessiobrito / +55 (71) VALESSIO

Reply to: