[mod-auth-openid] Google Apps OpenID
gicodewarrior at gmail.com
Sat Mar 27 16:01:17 CDT 2010
On Sat, Mar 27, 2010 at 10:41 AM, Rusty Burchfield
<gicodewarrior at gmail.com>wrote:
> However, while submitting the retrieved identity provider by hand to the
> default login form redirects me to the authorization page for my domain,
> after accepting I am returned to the default login page with the message
> "There has been an error while attempting to authenticate."
> What is the best approach to debugging this sort of issue? I have
> increased the LogLevel on my vhost, but that is not providing any additional
> relevant information.
OK. I found where that message is referenced in the source code and
realized I needed to enable DEBUG at compile time. After doing that I came
to this message:
"[mod_auth_openid] Error in authentication: OP is not authorized to make an
assertion regarding the identity"
That message traces back to libopkele inside verify_OP. I am not sure what
it is trying to do in there though.
Independently I thought to check what server-side requests it was making and
noticed that it tries to retrieve my open id. Google reports this as
http://example.com/openid?id=... where example.com is the custom domain.
However there is nothing reasonable at that location so this may be part of
I will look into disabling the fetch of the Open ID and make a post to
the Google Federated Login API group to see if anyone there has an answer.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the mod-auth-openid