I suppose I could use cookies to remember the user. But, it would be nice if when a user clicked on "Inbox" from the GTalk context menu, the user was just forwarded directly to https://mail.google.com/a/domain.edu/acs
Thanks for the info. I suspected I might have to use cookies. -- Will G. On Mar 5, 9:05 am, "Julian (Google)" <[EMAIL PROTECTED]> wrote: > Hi, > > Thanks Jon for sharing this. > > That will work and it is simple to implement, just mind your internal > policies for cookies, especially on Admin accounts. > > Julian. > > On Mar 5, 2:44 pm, "Jon.Mitchiner" <[EMAIL PROTECTED]> wrote: > > > > > For my education account, I have SSO enabled, and if I open mail > > through Google Talk, it will open the page directly without asking me > > to log in if I'm using a computer on the domain with Active > > Directory. As for how this was possible, I'm not sure to the > > specifics as I used LTech to develop the page for me and this was done > > by doing something with cookies. So this is a feature with how you > > set up SSO, not something enabled in Google Talk. > > > For the first time user, when they open the SSO log in page, there is > > an option for the user to click on a link using the Computer's domain > > credentials. If the user clicks on that link, then a cookie is > > created, and then they log into Google Apps without being asked to > > enter their username and password. Once a user does this, then Google > > Talk will immediately open the mail link. > > > I don't see this as a security issue as we have mandatory screen saver > > timeouts on the domain, so this protects the user somewhat. > > > Jon > > > On Mar 5, 6:31 am, "Julian (Google)" <[EMAIL PROTECTED]> wrote: > > > > Hi, > > > > At the moment the behavior is that the users has to login to the > > > browser session when the browser opens, with SSO or not. The main > > > reason for this would be security. They maybe a work around for this, > > > my concern would be that when using auto login on Google Talk and > > > bypassing the login page gives access to all emails (and more apps) if > > > someone else is using the computer. > > > > does anyone else have any ideas on this? > > > > Julian. > > > > On Mar 4, 1:52 pm, Will Gillen <[EMAIL PROTECTED]> wrote: > > > > > Hi Group, > > > > > We use GoogleApps for EDU, and use SSO to allow users to use forms > > > > authentication to sign into our Active Directory for authentication, > > > > then pass the SAML to Google. Basically we're using a nearly > > > > unmodified version of the .NET sample for SSO authentication. > > > > > We have a central password management tool which allows our users to > > > > update their passwords on all of our systems. This tool also updates > > > > password on Google (to keep our AD passwords and GoogleApps passwords > > > > in sync). > > > > > Many of our users also use GoogleTalk client to have Instant Messaging > > > > and email notification on their desktop. However, when a user uses > > > > the GTalk client to open their GoogleApps mailbox, they are prompted > > > > with our SSO sign-on page. We would like to add something to our SSO > > > > sign-on page to detect that they are using their GTalk client and > > > > perform some kind of auto-login from that point, so they are not > > > > prompted for their password on the SSO page. > > > > > Is that possible? If so, how (any examples are welcome). > > > > > Thanks!- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
