I ended up just using a url rewriter to remove the session id from the URI. Everything is now working perfectly.
On Sun, Nov 23, 2014 at 1:41 PM, George Christman <gchrist...@cardaddy.com> wrote: > http://jira.codehaus.org/browse/TYNAMO-100 > > On Sun, Nov 23, 2014 at 1:38 PM, George Christman <gchrist...@cardaddy.com > > wrote: > >> So the first time a user attempts to authenticate my app using facebook, >> they always experience a 400 error. This generally means the redirect URL >> doesn't match what is stored in facebook. The second time they attempt to >> authenticate with facebook, they are successful and never will they >> experience the 400 error again, well kinda. >> >> Anyhow after a tremendous amount of research I think I know the cause of >> the issue. I have the remember me token set to true which I believe is the >> cause of the issue. I may be wrong, so hopefully this can be clarified. >> What I notice is on failing authentication attempts, the redirect URL >> contains the session id which doesn't match the stored URL in facebook. >> Like I said, my guess is this is do to the remember me option, but I could >> be wrong. Once the cookie has been established for the first time, the >> session id no longer exist in the URL and authentication is successful. >> >> Question, >> How do we fix this? I seen this post >> http://osdir.com/ml/java-tynamo-user/2011-08/msg00019.html But I'm not >> sure how to fix this. >> >> example of a failing URL >> >> >> https://www.domain.com/facebook/oauth/blank/https:$002f$002fwww.domain.com$002fsignin$003bjsessionid$003d32A0E9F9059699D8F1FE8FA0AF678770;jsessionid=32A0E9F9059699D8F1FE8FA0AF678770?code=AQCPSg_nXwOqyQwznL0nKLKURKgmTCVSRlSr2ZEyyTVdj7MXMhbY4UTEILJhtXz39kJtVNLsysUSCJ8bRSXXdGzsFqbOASDT_WwGWxlMtP15o8iOT9uyJebDMOW6pusDNtMatogF7KtbTjb2T-6H6dx_ruULNHFhS0vbiCHo-fceuEyvXpKCzr_LnHyXEUsL6aVyJiX_gznUyK77AtkCVY1q0CBy-wi9jBrH-STjEZQkhzAse28N_mycL6-mbyefExbqQUbEQ6Ap9te5AOlM6uAunm-bQkpIzRUXEQNyvAH3a3o8tjQ-aKKniTRtF-PYZFKMG_1wH-_qLakXFOSDkg7Z#_=_ >> >> >> - George >> >> > > > -- > George Christman > CEO > www.CarDaddy.com > P.O. Box 735 > Johnstown, New York > > -- George Christman CEO www.CarDaddy.com P.O. Box 735 Johnstown, New York