http://jira.codehaus.org/browse/TYNAMO-100
On Sun, Nov 23, 2014 at 1:38 PM, George Christman <gchrist...@cardaddy.com> wrote: > So the first time a user attempts to authenticate my app using facebook, > they always experience a 400 error. This generally means the redirect URL > doesn't match what is stored in facebook. The second time they attempt to > authenticate with facebook, they are successful and never will they > experience the 400 error again, well kinda. > > Anyhow after a tremendous amount of research I think I know the cause of > the issue. I have the remember me token set to true which I believe is the > cause of the issue. I may be wrong, so hopefully this can be clarified. > What I notice is on failing authentication attempts, the redirect URL > contains the session id which doesn't match the stored URL in facebook. > Like I said, my guess is this is do to the remember me option, but I could > be wrong. Once the cookie has been established for the first time, the > session id no longer exist in the URL and authentication is successful. > > Question, > How do we fix this? I seen this post > http://osdir.com/ml/java-tynamo-user/2011-08/msg00019.html But I'm not > sure how to fix this. > > example of a failing URL > > > https://www.domain.com/facebook/oauth/blank/https:$002f$002fwww.domain.com$002fsignin$003bjsessionid$003d32A0E9F9059699D8F1FE8FA0AF678770;jsessionid=32A0E9F9059699D8F1FE8FA0AF678770?code=AQCPSg_nXwOqyQwznL0nKLKURKgmTCVSRlSr2ZEyyTVdj7MXMhbY4UTEILJhtXz39kJtVNLsysUSCJ8bRSXXdGzsFqbOASDT_WwGWxlMtP15o8iOT9uyJebDMOW6pusDNtMatogF7KtbTjb2T-6H6dx_ruULNHFhS0vbiCHo-fceuEyvXpKCzr_LnHyXEUsL6aVyJiX_gznUyK77AtkCVY1q0CBy-wi9jBrH-STjEZQkhzAse28N_mycL6-mbyefExbqQUbEQ6Ap9te5AOlM6uAunm-bQkpIzRUXEQNyvAH3a3o8tjQ-aKKniTRtF-PYZFKMG_1wH-_qLakXFOSDkg7Z#_=_ > > > - George > > -- George Christman CEO www.CarDaddy.com P.O. Box 735 Johnstown, New York
