Hi, ClientLogin isn't really designed for web applications. And in fact we discourage using it for such, since it is designed for "installed applications".
http://code.google.com/apis/accounts/AuthForInstalledApps.html The preferred method for delegating authentication to Google is called AuthSub. Unfortunately, it's not available for Google Apps users yet. http://code.google.com/apis/accounts/AuthForWebApps.html If you use ClientLogin as the authenticator for a web application like how you're describing, you may run into CAPTCHA challenges, since from ClientLogin point of view it looks like you are trying to authenticate frequently from a single IP address. ClientLogin will consider it suspicious activity, since the pattern is similar to e.g. a program trying to guess credentials. This page has some info on ClientLogin CAPTCHAs: http://code.google.com/support/bin/topic.py?topic=11282 Can you tell more about why you would want to enable SSO yet delegate authentication back to Google? Most admins use SSO because they already have user credentials in their system and they just want to transparently enable those users to access Google Apps. On the other hand, usually when admins creates a domain and wants Google to manage user credentials, they do not enable SSO. -alex On Jan 29, 6:38 am, RNBY <[EMAIL PROTECTED]> wrote: > The solution I use now (Again, I don't know if it's the right > solution, but hey it works). > > I request an Authentication key with the ClientLogin by passing in the > username and password. > If I get back an authenticated key I use SSO to sign the user in. > > RNBY > > On Jan 28, 10:57 am, RNBY <[EMAIL PROTECTED]> wrote: > > > Hi, > > I have SSO enabled. > > This prevents the users to login through the google login page. > > > I made a form where the user can put in his email and password. > > I pass this username and password > > tohttps://www.google.com/accounts/ClientLoginandget back a > > authentication key if the credentials where valid. > > > I then tried to redirect the user then to > > string URL = "http://mail.google.com/a/"; + domainName + "/? > > AuthEventSource=SSO&auth=" + > > authKey + "&husr=" + email.Text + "&shva=1"; > > > It then gets redirecteed to our SSO signin page instead to the users > > email. > > > Is this the right method to do this, if not what would be the right > > way to do it. > > > RNBY --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
