From 69dc1fe361ef17505bcf7fe3e5fd5baf9cee39a4 Mon Sep 17 00:00:00 2001
From: Amanda Anganes <aanganes@mitre.org>
Date: Wed, 11 Apr 2012 17:08:15 -0400
Subject: [PATCH] Removing our custom authorization endpoint and token endpoint
 urls, as well as the filter required by those custom urls (in web.xml), fixes
 the infinite redirect problem. This has been submitted as an issue to the
 SECOAUTH team.

---
 .../spring/appServlet/servlet-context.xml     |  9 +++----
 .../src/main/webapp/WEB-INF/web.xml           | 24 +++++++++----------
 2 files changed, 17 insertions(+), 16 deletions(-)

diff --git a/openid-connect-server/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml b/openid-connect-server/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml
index 2033d04af..44c5c2981 100644
--- a/openid-connect-server/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml
@@ -53,10 +53,11 @@
 	<!-- SECOAUTH Authorization Server, with our custom token granter plugged in -->
 	<oauth:authorization-server client-details-service-ref="defaultOAuth2ClientDetailsEntityService" 
 		token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter"
-		user-approval-handler-ref="userApprovalHandler"
-		authorization-endpoint-url="/openidconnect/auth" token-endpoint-url="/openidconnect/token"
-		user-approval-page="redirect:/oauth/confirm_access"
-		>
+		user-approval-handler-ref="userApprovalHandler">
+		
+<!-- 		authorization-endpoint-url="/openidconnect/auth" token-endpoint-url="/openidconnect/token" -->
+<!-- 		user-approval-page="redirect:/oauth/confirm_access" -->
+<!-- 		> -->
 		<oauth:authorization-code authorization-code-services-ref="authCodeServices" />
 	</oauth:authorization-server>
 
diff --git a/openid-connect-server/src/main/webapp/WEB-INF/web.xml b/openid-connect-server/src/main/webapp/WEB-INF/web.xml
index 4b063fb7b..5f357fe47 100644
--- a/openid-connect-server/src/main/webapp/WEB-INF/web.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/web.xml
@@ -17,19 +17,19 @@
 	</listener>
 
 	<!-- Since we defined a custom authorization-endpoint-url, we need an additional filter: -->
-	<filter>
-	    <filter-name>oauth2EndpointUrlFilter</filter-name>
-	    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-	    <init-param>
-	        <param-name>contextAttribute</param-name>
-	        <param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.appServlet</param-value>
-	    </init-param>
-	</filter>
+<!-- 	<filter> -->
+<!-- 	    <filter-name>oauth2EndpointUrlFilter</filter-name> -->
+<!-- 	    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> -->
+<!-- 	    <init-param> -->
+<!-- 	        <param-name>contextAttribute</param-name> -->
+<!-- 	        <param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.appServlet</param-value> -->
+<!-- 	    </init-param> -->
+<!-- 	</filter> -->
 	
-	<filter-mapping>
-	    <filter-name>oauth2EndpointUrlFilter</filter-name>
-	    <url-pattern>/*</url-pattern>
-	</filter-mapping>
+<!-- 	<filter-mapping> -->
+<!-- 	    <filter-name>oauth2EndpointUrlFilter</filter-name> -->
+<!-- 	    <url-pattern>/*</url-pattern> -->
+<!-- 	</filter-mapping> -->
 
 	<!-- filter through Spring Security -->
 	<filter>