I ended up just using a url rewriter to remove the session id from the URI.
Everything is now working perfectly.

On Sun, Nov 23, 2014 at 1:41 PM, George Christman <gchrist...@cardaddy.com>
wrote:

> http://jira.codehaus.org/browse/TYNAMO-100
>
> On Sun, Nov 23, 2014 at 1:38 PM, George Christman <gchrist...@cardaddy.com
> > wrote:
>
>> So the first time a user attempts to authenticate my app using facebook,
>> they always experience a 400 error. This generally means the redirect URL
>> doesn't match what is stored in facebook. The second time they attempt to
>> authenticate with facebook, they are successful and never will they
>> experience the 400 error again, well kinda.
>>
>> Anyhow after a tremendous amount of research I think I know the cause of
>> the issue. I have the remember me token set to true which I believe is the
>> cause of the issue. I may be wrong, so hopefully this can be clarified.
>> What I notice is on failing authentication attempts, the redirect URL
>> contains the session id which doesn't match the stored URL in facebook.
>> Like I said, my guess is this is do to the remember me option, but I could
>> be wrong. Once the cookie has been established for the first time, the
>> session id no longer exist in the URL and authentication is successful.
>>
>> Question,
>> How do we fix this? I seen this post
>> http://osdir.com/ml/java-tynamo-user/2011-08/msg00019.html But I'm not
>> sure how to fix this.
>>
>> example of a failing URL
>>
>>
>> https://www.domain.com/facebook/oauth/blank/https:$002f$002fwww.domain.com$002fsignin$003bjsessionid$003d32A0E9F9059699D8F1FE8FA0AF678770;jsessionid=32A0E9F9059699D8F1FE8FA0AF678770?code=AQCPSg_nXwOqyQwznL0nKLKURKgmTCVSRlSr2ZEyyTVdj7MXMhbY4UTEILJhtXz39kJtVNLsysUSCJ8bRSXXdGzsFqbOASDT_WwGWxlMtP15o8iOT9uyJebDMOW6pusDNtMatogF7KtbTjb2T-6H6dx_ruULNHFhS0vbiCHo-fceuEyvXpKCzr_LnHyXEUsL6aVyJiX_gznUyK77AtkCVY1q0CBy-wi9jBrH-STjEZQkhzAse28N_mycL6-mbyefExbqQUbEQ6Ap9te5AOlM6uAunm-bQkpIzRUXEQNyvAH3a3o8tjQ-aKKniTRtF-PYZFKMG_1wH-_qLakXFOSDkg7Z#_=_
>>
>>
>> - George
>>
>>
>
>
> --
> George Christman
> CEO
> www.CarDaddy.com
> P.O. Box 735
> Johnstown, New York
>
>


-- 
George Christman
CEO
www.CarDaddy.com
P.O. Box 735
Johnstown, New York

Reply via email to