Canonical SSO provider

SpreadUbuntu 403 on login

Asked by Evan Boldt

People can no longer log into spreadubuntu through either the spreadubuntu.org or older spreadubuntu.neomenlo.org domains. I'm wondering if the protocol changed or if we just need to re-validate our trust roots.

If the protocol changed, what should we upgrade our drupal 6.x module to?
We were using https://code.launchpad.net/~canonical-isd-hackers/drupal-launchpad/6.x-trunk but taht hasn't been updated lately.

Question information

Language:
English Edit question
Status:
Solved
For:
Canonical SSO provider Edit question
Assignee:
No assignee Edit question
Solved by:
Evan Boldt
Solved:
Last query:
Last reply:
Revision history for this message
David Owen (dsowen) said : 		#1

Evan,

Thanks for your question. I see the 403 page you mention when I try to login with the little LP button (but I may also not have the right team membership or whatever anyway). But I also notice that I get a 403 when navigating to the registration page. I don't know if this is at all related.

As far as I can tell, SSO seems to be doing the right stuff. Can you find the reason why a 403 is being returned? Is it because of a blanket-protection of the URL in an Apache front-end? The SSO response seems invalid? The repsonse is valid but the membership is wrong? Etc.

Revision history for this message
Evan Boldt (echowarp) said : 		#2

It turns out that my host reverted some whitelisted mod_sec rules. I had already had them whitelist it once before, so it didn't occur to me until you suggested that.

Thanks. Sorry for jumping the gun and blaming you guys.