Ah sorry I get it - the /_ah/login_required pattern is caught by the '/' handler...gotcha. Hard to make a 'nice' default behaviour for that one then I guess. Cheers.
On 31 May 2010 19:47, Scott Ellis <[email protected]> wrote: > Thanks Lorenzo, but I had no security constraint on _ah/login_required at > that time. I got the redirection loop when I didn't handle the > _ah/login_required pattern at all (as I mentioned - no change to the app, > just flipped the 'openid' switch in the admin console) - which I know is > contrary to the documentation. Nevertheless it was surprising (an > override-able default handler would be nice :) and I wondered if it is to be > expected, or if something else might have gone wrong. I guess behaviour is > undefined when you don't follow instructions. > > > On 31 May 2010 17:20, l.denardo <[email protected]> wrote: > >> I found the same error in Java: it's due to the way that login URL is >> generated, which is different for pages with "required login" and >> pages out of this constraint. >> If a page is under security constraint login always redirects to _ah/ >> login_required, even if that is the uri you're requesting. Otherwise >> login link is correct. >> >> You should be able to get around it by simply removing _ah/ >> login_required from the list of urls for which you state a security >> constraint (in Java, this means removing _ah/login_required from the >> url-pattern list in the web-resource-collection of web.xml. >> >> By the way there's a similar issue with logout, I posted something on >> this group. >> >> I hope this helps >> >> Lorenzo >> >> On May 30, 12:10 pm, Scott Ellis <[email protected]> wrote: >> > Thanks wesley. I'm sure you're on to it, but Google Apps accounts and >> > Marketplace integration examples would be more than useful. >> > >> > On 29 May 2010 12:18, Wesley C (Google) >> > <[email protected] >> > <wesc%[email protected]><wesc%[email protected]<wesc%[email protected]> >> > >> > >> > > wrote: >> > > hey all, >> > >> > > just an FYI that our team is working on an OpenID article to >> > > complement the online docs that have more explanations and example >> > > code... stay tuned! >> > >> > > -- wesley >> > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >> > > "Core Python Programming", Prentice Hall, (c)2007,2001 >> > > "Python Fundamentals", Prentice Hall, (c)2009 >> > > http://corepython.com >> > >> > > wesley.j.chun :: wesc+api-at-google-dot-com >> > > developer relations :: google app engine >> > > @app_engine :: googleappengine.blogspot.com >> > >> > > -- >> > > You received this message because you are subscribed to the Google >> Groups >> > > "Google App Engine" group. >> > > To post to this group, send email to >> [email protected]. >> > > To unsubscribe from this group, send email to >> > > [email protected]<google-appengine%[email protected]> >> <google-appengine%[email protected]<google-appengine%[email protected]> >> > >> > > . >> > > For more options, visit this group at >> > >http://groups.google.com/group/google-appengine?hl=en. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Google App Engine" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]<google-appengine%[email protected]> >> . >> For more options, visit this group at >> http://groups.google.com/group/google-appengine?hl=en. >> >> > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
