我发现 wso2 AM 具有 openid 功能,所以我想使用 wso2 AM(不是 wso2 IS)作为 openid 提供者。
但是在https登录时出现以下错误:
ip:9443/authenticationendpoint/openid_login.do?openid.realm
错误:
[2014-05-04 15:12:34,312] INFO - CarbonAuthenticationUtil 'admin@carbon.super [-1234]' logged in at [2014-05-04 15:12:34,311+0800]
[2014-05-04 15:12:38,481] INFO - AuthenticationAdmin 'admin@carbon.super [-1234]' logged out at [2014-05-04 15:12:38,0480]
[2014-05-04 15:12:40,684] INFO - CarbonAuthenticationUtil 'admin@carbon.super [-1234]' logged in at [2014-05-04 15:12:40,684+0800]
[2014-05-04 15:13:05,249] ERROR - MPAuthenticationProvider login failed. Trying again..
SASL authentication failed:
at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java:209)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:341)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:301)
at org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider.login(MPAuthenticationProvider.java:176)
at org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider.authenticate(MPAuthenticationProvider.java:73)
at org.wso2.carbon.identity.provider.OpenIDProviderService.authenticateWithXMPP(OpenIDProviderService.java:151)
at org.wso2.carbon.identity.provider.OpenIDProviderService.authenticateWithOpenID(OpenIDProviderService.java:109)
at org.wso2.carbon.identity.provider.openid.client.OpenIDAdminClient.authenticateWithOpenID(OpenIDAdminClient.java:133)
at org.wso2.carbon.identity.provider.openid.handlers.OpenIDHandler.handleRequestFromLoginPage(OpenIDHandler.java:554)
at org.wso2.carbon.identity.provider.openid.handlers.OpenIDHandler.processRequest(OpenIDHandler.java:131)
at org.wso2.carbon.identity.provider.openid.servlets.OpenIDProviderServlet.service(OpenIDProviderServlet.java:53)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
我知道我应该配置UseMultifactorAuthentication为 true in indentity.xml,但是如何解决错误?