Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

OpenID with Crowd is redirecting to localhost

Philip Colmer
Philip Colmer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 15, 2013

I'm trying to get moinmoin to allow users to authenticate using the OpenID support provided by Crowd. When I click on the Login button in moinmoin, I then enter my CrowdID, click on the Login button and it is my expectation at this point that the browser should be redirected to the CrowdID page. However, the browser is instead redirected to localhost:8095/openidserver.

I cannot see anywhere in the Crowd configuration where this can be set/changed. Can someone please tell me what I've overlooked?

Thanks.

Philip

Answer
Watch
Like Chad Netzer likes this
1584 views

5 answers

1 accepted

0 votes
Answer accepted
Philip Colmer
Philip Colmer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 19, 2013

In the absence of any further progress on this, I'm going to close this question. I've stopped using OpenID with Crowd until version 3.6 gets released so if the problem is still there then, I'll open a new question.

So, unaswered unfortunately but I'm a bit fed up with getting daily emails reminding me that the question is still open.

Reply
1 vote
Philip Colmer
Philip Colmer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 23, 2013

It has been a while since I looked at this ...

2013-01-24 16:58:01,100 main INFO [service.soap.client.SoapClientPropertiesImpl] Loading property: 'application.login.url' : 'http://localhost:8095/openidserver'

I think that this is held in crowd-openidserver-webapp/WEB-INF/classes/crowd.properties. Currently, I have "application.login.url" set to the FQDN of my server, but "crowd.server.url" is still set to "http://localhost:8095/crowd/services".

We've now implemented OpenID authentication with Crowd and these values seem to be working for us. There are definitely a lot of places where you need to set the URLs :-)

Reply
1 vote
Michael Dirks
Michael Dirks
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 23, 2013

Did you find an answer for this? I had the same problem. The previous entry by Philip helped me find the culprit. Inside the apache-tomcat/WEB-INF/classes folder there is a crowd.properties file. That is where the 'application.login.url' and 'crowd.server.url' are set to locatlhost. Once you change those to FQDN, it works like it should.

View More Comments
lkampsnider
lkampsnider August 21, 2013

Thanks Michael, you led me to the right place to change the URLs.

Like
Reply
0 votes
Philip Colmer
Philip Colmer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 23, 2013

I've changed the MoinMoin configuration now to try and force authentication against Crowd rather than have the user paste their Crowd URL into the login box.

MoinMoin is redirecting to Crowd where I am prompted to log in but, having logged in, no redirection back to MoinMoin takes place!

I'm using the capability within MoinMoin and OpenID to use a forced service:

fs = OpenIDServiceEndpoint()

fs.type_uris = OPENID_2_0_TYPE

fs.server_url = 'https://login.example.com:8443/openidserver'

fs.claimed_id = 'http://specs.openid.net/auth/2.0/identifier_select'

auth = [ OpenIDAuth(forced_service=fs) ]

I did find a answer suggesting that Crowd might not be supporting OpenID in this manner (https://answers.atlassian.com/questions/6940/solved-http-specs-openid-net-auth-2-0-identifier_select-and-openid-2-0-xrds) but it isn't clear whether or not the modifications made by Warren have been incorporated into Crowd, or if Atlassian have made the appropriate changes themselves.
One of the reasons why I wanted to use Crowd sitting on top of LDAP in the first place was for the SSO/OpenID functionality and I don't understand why I cannot get this to work.
Philip

Reply
0 votes
Tiago Comasseto
Tiago Comasseto
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 15, 2013

Hey,

I'd start by reviewing this configuration. Also, what URLs do you have into your $Crowd_home/crowd.properties file?

Cheers

View More Comments
Philip Colmer
Philip Colmer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 15, 2013

Thanks for the reply. The Base URL is the correct fully-qualified URL and all three checkboxes are ticked.

If I untick "Allow localhost authentications", that resolves the problem, but I'm somewhat concerned by the explanation of what this feature is supposed to do:

"Enabling localhost authentication prevents OpenID-enabled sites from directly accessing your end-users' local machines."

So if I disable localhost authentication, an OpenID-enabled site can potentially access my own local machine now? But if I enable it, the login process doesn't work :-(.

Like
Philip Colmer
Philip Colmer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 15, 2013

I spoke too soon :-(.

It doesn't look like that option is affecting whether or not this works.

The OpenID login works if I am already logged into CrowdID. If I am, then moinmoin redirects to CrowdID where I'm asked if I want to approve the web site and then I'm redirected back. If I'm not logged into CrowdID already, I get the localhost redirect error.

Looking at crowd.properties, there are two entries where URLs are specified - crowd.server.url and application.login.url. Both of these are FQDNs and not localhost.

Like
Philip Colmer
Philip Colmer
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 23, 2013

Looking at the logs when Crowd starts up, I can see two places where it mentions localhost:

2013-01-24 16:58:01,100 main INFO [service.soap.client.SoapClientPropertiesImpl] Loading property: 'application.login.url' : 'http://localhost:8095/openidserver'

2013-01-24 16:58:01,102 main INFO [service.soap.client.SoapClientPropertiesImpl] Loading property: 'crowd.server.url' : 'http://localhost:8095/crowd/services/'
I do not know where they are configured, though, or why they say localhost:8095 rather than the FQDN of the server and 8443, which is the new port it is on.
Like
Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security