Yes, I was assuming that if the user (in the browser) signed into another account then that new user would be returned by the UserService.
I don't think it is a problem for a real world situation, but for testing it gave me surprising results. For quick account swapping I can provide an app sign-out link. But it does seem that it would be hard to have different logins in different browser windows, which I would like for testing. On 5 Aug, 17:09, "Nick Johnson (Google)" <[email protected]> wrote: > On Wed, Aug 5, 2009 at 3:21 PM, Martyn<[email protected]> wrote: > > > I'm sorry, I am clearly missing something here. And it looks like > > it's an unwarranted assumption on my part. > > > I had assumed, that the Google user authentication could be used in > > place of a conventional application login. > > That's entirely correct. > > > > > I have followed this to create a pattern such that the current Google > > user can be directly associated with an application user, and that > > for any request I could use the UserService to get a handle on the > > current user and then lookup my application user. > > Also fine. > > > > > So "logging out" for me, meant the user "signing out" of their Google > > account. > > Is the user logging out by clicking a 'logout' link you provided them > (using the Users API), or by logging out on some other Google service? > If the latter, it's quite possible that doing so would not log the > user out of all their App Engine apps immediately, yes. If you want a > user to be able to log out immediately, you need to provide them with > a logout link. > > > > > > > > > I will now RTFL on user authentication and see what I can learn. > > > Sorry if I've been wasting your time. > > > - Martyn > > > On Aug 5, 2:52 pm, "Nick Johnson (Google)" <[email protected]> > > wrote: > >> On Wed, Aug 5, 2009 at 2:20 PM, Martyn<[email protected]> > >> wrote: > > >> > Are you suggesting that I need to do something in my App for each > >> > request to ensure the current user returned is valid? > > >> We're suggesting that we don't have enough information to determine > >> where the problem is - certainly not enough information to conclude > >> that the Users API is erroneously returning a logged in user after you > >> have logged out. > > >> Have you tried logging the below information, and checking the admin > >> console logs to verify what output is generated after you request the > >> page after logging out? > > >> -Nick Johnson > > >> > I have no control if the user changes their account sign-in in another > >> > browser window. > > >> > My debug code is > > >> > UserService us = UserServiceFactory.getUserService(); > >> > User usr = us.getCurrentUser(); > > >> > StringBuffer buf = new StringBuffer(); > >> > buf.append("<table > >> > class='omStatus'><tr><th>Property</th><th>Value</ > >> > th</tr>"); > >> > buf.append("<tr><td>Nickname</td><td>" + > >> > usr.getNickname() + "</td</ > >> > tr>"); > >> > buf.append("<tr><td>EMail</td><td>" + usr.getEmail() + > >> > "</td</tr>"); > >> > buf.append("<tr><td>Auth Domain</td><td>" + > >> > usr.getAuthDomain() + "</ > >> > td</tr>"); > >> > buf.append("</table>"); > > >> > return buf.toString(); > > >> > On Aug 5, 2:01 pm, Holger <[email protected]> wrote: > >> >> You really need to give more details. > > >> >> > this cannot be explained by a cookie problem. > > >> >> ?????????????? How can you know? > > >> >> What's the url where I can test? > > >> >> Who wrote that code? > > >> >> How does the code look like? > > >> -- > >> Nick Johnson, Developer Programs Engineer, App Engine > > -- > Nick Johnson, Developer Programs Engineer, App Engine --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
