stackoom
  简体   繁体   中英

Security Error in google app Engine

 原文  2012-08-17 08:23:31       java/ google-app-engine/ browser

Question

i am trying to make an application in google app engine i am trying to authenticate a user in my google app. it is working perfectly but when i enter user name and password of a user browser shows me a warning This is probably not the site you are looking for!

You attempted to reach www.onemoredemo.appspot.com, but instead you actually reached a server identifying itself as *.appspot.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of www.onemoredemo.appspot.com. You cannot proceed because the website operator has requested heightened security for this domain.

here is my servlet code 

public class HelloWorld9Servlet extends HttpServlet {
    public void doGet(HttpServletRequest req, HttpServletResponse resp)
            throws IOException {
        OAuthConsumer consumer;
        OAuthProvider provider;
        provider=new DefaultOAuthProvider("https://accounts.google.com/o/oauth2/auth",)
        ;
         signer = new OAuthHmacSigner();

                 signer.clientSharedSecret = Constants.CONSUMER_SECRET;

    consumer=new DefaultOAuthConsumer(Constants.CLIENT_ID,Constants.CLIENT_SECRET);

    String redirect_uri="https://accounts.google.com/o/oauth2/auth?client_id="+
            Constants.CLIENT_ID+"&redirect_uri="
            +Constants.REDIRECT_URL+"&response_type="
            +Constants.response_type+"&scope="
            +Constants.SCOPE;


        resp.sendRedirect(redirect_uri);


    }

for redirecting him to google authentication page can any one please tell why i am getting this warning and how to remove this. you can see the demonstration i hosted this app on onemoredemo.appspot.com

1 answers

solution1
 0  2012-08-17 08:48:21

The wildcard https certificate that google uses covers *.appspot.com and *.*.appspot.com , but not all browsers accept this. Some browsers (notably Firefox) complains about using *.*.appspot.com certificate.

See: Wildcard subdomains on appengine over https on firefox

Which browser are you using?

Edit:

Solutions:

  1. Use ssl with custom domain , ie www.onemoredemo.com
  2. Use only domain matching *.appspot.com , ie onemoredemo.appspot.com
  3. Use alternate hostname notation as described in docs : replace . with -dot- , ie use www-dot-onemoredemo.appspot.com

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question 403 Redirect Error - Spring Google App Engine Security Security in Android - Google app engine system google app engine cloud endpoint security Security problems for google app engine webservices Spring security openid on Google App Engine GSON on Google App Engine throws a Security Exception Google App Engine - Spring Security Issue (java.security.AccessControlException) Spring-security OAuth2 gives server error on Google App Engine Google App Engine 500 error error with google app engine deploy
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM