0

Login pop up problem

Hi,
I've recently noticed that there is some problem with authorization pop up in Internet Explorer (tested with version 7 and 8). When I'm opnening popup with login form I see often that page cannot be displayed. But sometimes when login form is displayed correctly than the same problem is on second page with "accept" button. And sometimes it's working with no problems. I had this situation on different machines and in different networks. Also i saw the same situation on Facebook where is contacts import from yahoo so I believe that this is not problem with my implementation. I didn't noticed that situation on Firefox. When page wasn't displayed Fiddler returns this info:
QUOTE
HTTPS connection failed.

System.Security.Authentication.AuthenticationException: A call to SSPI failed, see inner exception. ---> System.ComponentModel.Win32Exception: The token supplied to the function is invalid
--- End of inner exception stack trace ---
at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
at Fiddler.Pipe.Connect(Boolean bCreateConnectTunnel, IPEndPoint remoteEP, Boolean bSecureTheSocket, String sCertCN, String sClientCertificateFilename, String sPoolingKey)
at Fiddler.Session.Execute(Object objThreadstate)


Maybe there was made some change with SSL on Yahoo servers recently or something else which could cause that problem?
What can I do with this?
Similar situation is on BBauth API too.

Thanks

by
3 Replies
  • Hi Joe,

    If you have access to tool such as wget (http://www.gnu.org/software/wget/)
    or curl (http://curl.haxx.se/), you can try commands similar to the following:

    wget -S -d https://api.login.yahoo.com/oauth/v2/get_request_token

    It outputs something like:

    ----------------------------------------------------------------------------
    Initiating SSL handshake.
    Handshake successful; connected socket 3 to SSL handle 0x08ad41a8
    certificate:
    subject: /C=US/ST=California/L=Santa Clara/O=Yahoo! Inc./OU=Yahoo/CN=*.login.yahoo.com
    issuer: /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
    X509 certificate successfully verified and matches host api.login.yahoo.com
    ----------------------------------------------------------------------------

    As you can see, the cerficate is issued to "*.login.yahoo.com". If the library
    you use doesn't do wildcard matching, it may throw an invalid cert error.

    I think you can try applying all the crucial patches to your servers first
    and see if it helps. If not, then you may have to contact the library vendor
    for assistance.

    Thanks,

    Thanks,
    Yu Wang
    Yahoo! Membership Team
    0
  • Hi,

    Thanks for response. I've checked certificate and I have no problems with this.
    Here is more detailed most common situation which I observed.
    1. I have request token with URL to open login popup: https://api.login.yahoo.com/oauth/v2/reques...h_token=haxcuem
    2. This URL redirects to https://login.yahoo.com/config/login?.src=o...ner=&.pd=...
    where i can see login form.
    3. When submit form I'm redirected to https://login.yahoo.com/config/login_verify2? and this URL I can see in my address bar in IE and very often I see there that page cannot be displayed.
    But sometimes it works and I see next page.
    In IEWatch I observed that when I'm on https://login.yahoo.com/config/login_verify2? there are some redirects:
    at first to https://api.login.yahoo.com/oauth/v2/reques...x9n9&crumb= with no problems
    and then to https://api.login.yahoo.com/oauth/v2/reques...umb=HcM3AQFHzoU
    In that last redirect is a problem. When page is not displayed I have no response status and no IP detected in IEWatch for this redirect.
    I still see https://login.yahoo.com/config/login_verify2? URL in adress bar so page was not redirected.
    But sometimes I am redirected to that last url and I can see page with "Agree" button to allow sharing Yahoo! info and everything works fine.
    Please notice that this situation is only in IE browser and observed in IE7, IE8, on Windows XP and Windows Vista on different computers in different places all with actual updates
    and also not only on my page - I saw the same situation on Facebook's Yahoo API implementation.
    Also notice that there is not always problem with redirects above - sometimes when I see page with login form than instead of application details in appInfo iframe I see that page cannot be displayed
    and sometimes it stops with https://login.yahoo.com/config/login? (without query string paramaters) URL in address bar.
    0
  • Hi Joe,

    I cannot reproduce this problem as you said. When you see the
    https://login.yahoo.com/config/login page cannot be displayed
    next time, can you please view the page source and copy it here?

    Thanks,
    Yu Wang
    0

Recent Posts

in OAuth General Discussion YDN SDKs