I have been investigating whether GoogleLoginService can substitute for ClientLogin (see http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html) on Google App Engine.
To use ClientLogin, I solicit the username and password from the user in a dialog and exchange them on the Google server (https:// www.google.com/accounts/ClientLogin) for a 203-character string called "Auth". This "Auth" string can then be exchanged for a cookie on the application server (http://myapp.appspot.com/_ah/login?auth=...). The "Value" of this obtained cookie is a 460-character string. The cookie can be used from then on to maintain the user session. I was able to obtain the "authtoken", aka "SID", using the GoogleLoginService method described in this thread. The "authtoken" obtained through this method also happened to be 203 characters. I was hoping that the "authtoken" might be substituted for the "Auth" string in the ClientLogin process, thus bypassing the need to solicit the username/password. Sadly, this appears not to be the case. ClientLogin returns a "500" Server Error rather than the "204" I usually get with a good login. So unless anyone out there is aware to the contrary, my conclusion is that you must prompt the user for their password if you want an authenticated App Engine session. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
