I refer here to that page you are redirected after you login to GAE app with your google account, which asks your permission to access your google account.
Put this toghether with custom domain and https and you get my problem. My configuration: - developed myapp.appspot.com - configured custom domain myapp.mydomain.com to point to myapp - myapp is making use of GAE login service - need for https posts from custom domain (!), solved as follows: - - page is loaded in HTTP from http://myapp.mydomain.com - - some submit HTTPS URLs are hardcoded in the page, as https://myapp.appspot.com/someservice - - same domain policy resolved server side by means of http headers - GAE login service applies both to http://myapp.mydomain.com handler AND https://myapp.appspot.com/someservice handler The workflow is: 1. user not yet authenticated 2. user browse http://myapp.mydomain.com (not ssl) 3. user is redirected to google account login page 4. user logins 5. user is redirected to the abovementioned page: myapp is requesting permission to access user's google account 6. user grants his permission 7. user is in - OK 8. *Now comes the problem:* 9. user makes a submit to https://myapp.appspot.com/someservice (so that data is ssl transmitted), which is loginrequired decorated 10. login is ok, user is not again redirected to the login page (I think this is because the google login is cross application (the same should appen if the user was already logged in into gmail, to say) 11. but now https://myapp.appspot.com/ is *again* requesting permission to access user's google account - and this is the problem The user is prompted *TWICE* to grant permission to myapp to access his account: - once when he browse to http://myapp.mydomain.com - and another one when he submits data to https://myapp.appspot.com/someservice My user doesn't like it and me too !!! I suspect this is because the user answer (Allow or No Thanks) is saved server side with respect to the URL of the app and not with respect to some other unique id of the app. But aside from my suspects I have no idea how to solve it or at least work it around. Thank you for your patience in reading up to here. Any help would be appreciated. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/AXVIcvrnfmgJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
