Hi Antoine, Glad you got that figured out. You should be able to have login required on your apps, just as before. You'll just need to be sure to define a handler for login_required (as is explained in the article). Note that you won't get redirected to it on the dev server, so you'll need to directly go to the url to test it out.
Robert On Wed, Feb 1, 2012 at 04:42, Antoine <[email protected]> wrote: > Ok, I ve found out. > > this should be the URL for Google Apps domains : > > www.google.com/accounts/o8/site-xrds?hd=example.com > > > > On Feb 1, 4:59 pm, Antoine <[email protected]> wrote: >> Thank you for your answer. >> >> I tried to follow this tutorial (I dont know why I didnt find it >> before... :s ). >> >> However, I have a question left. >> >> I decided to let the user choose his domain by clicking on his domain >> link. >> >> I deleted the "login required" in app.yaml and modified my main.py >> such as... >> >> My python looks like : >> >> ------------------------------------------- >> # >> #code >> # >> >> providers = { >> 'prov 1' : 'google.com/a/domain.com', >> 'prov 2' : 'google.com/a/subdomain1.com', >> 'prov 3' : 'google.com/a/subdomain2.com' >> # add more here >> >> } >> >> # >> #code >> # >> >> else: >> self.response.out.write('Hello world! Sign in at: ') >> for name, uri in providers.items(): >> self.response.out.write('[<a href="%s">%s</a>]' % >> (users.create_login_url(federated_identity=uri), name)) >> >> # >> #code >> # >> >> ------------------------------------------- >> >> However links are not redirecting user... >> I guess it should work, if you do this yourelf, that each Google Apps >> domain should be used as a direct provider federated entities ? >> >> What should I do to have Google Apps domains login page after clicking >> on a link (and get redirection to my app after authentication against >> Google, of course) ? >> I guess I dont have the right link/approach because, with myopenid.com >> it's working (redirecting). >> >> thx in advance >> Antoine >> >> On Jan 31, 1:34 pm, Robert Kluin <[email protected]> wrote: >> >> >> >> >> >> >> >> > HeyAntoine, >> > Use OpenID / Federated login. You can provide users with a list of >> > subdomains, or check them against that. I usually either give users >> > the option to enter their domain or email address (from which I can >> > deduce the domain), then redirect them to the proper page. It is >> > pretty straight forward to do. >> >> > I think Wesley's article on federated login provides all the basics. >> > http://code.google.com/appengine/articles/openid.html >> >> > Robert >> >> > On Sun, Jan 29, 2012 at 22:57,Antoine<[email protected]> wrote: >> > > Hi everyone, >> >> > > I am working on a simple application (actually a website) on Google >> > > App Engine. >> > > This application should be accessible only for a selected Google Apps >> > > domains list. >> >> > > These domains are corporate Google Apps subdomains. One Google Apps >> > > account domain handle several subdomains, one for each business unit. >> >> > > I would like to restrict my apps to those domain. >> >> > > However, there is only 3 ways to secure my app (Application Settings / >> > > Authentication Options in Google App Engine Console) : >> > > - Google Accounts API >> > > - Google App Domain >> > > - Open ID (Federated Login) >> >> > > For the first one, it can work, however, as we are using Federation >> > > Login for all Google Apps domains, we dont want the user to login >> > > twice : one on the Google Account Sign-in webpage which is displayed >> > > automatically when we choose Google Accounts, and then on the >> > > federation page. >> > > Because with this Google App Engine authentication, the user is first >> > > redirected to :http://accounts.google.com >> > > then enter its credentials Google Apps, then Google tell him that >> > > federation is working for this domain so he just need to Click to be >> > > redirected. >> > > This is not user friendly. >> >> > > Second one, works only with one Google App Primary domain. Subdomain >> > > doesnt work with this feature... >> >> > > Maybe third one, Open ID/ Federated login, can work, but how ? >> >> > > Thx >> > >Antoine >> >> > > -- >> > > You received this message because you are subscribed to the Google >> > > Groups "Google App Engine" group. >> > > To post to this group, send email to [email protected]. >> > > To unsubscribe from this group, send email to >> > > [email protected]. >> > > For more options, visit this group >> > > athttp://groups.google.com/group/google-appengine?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
