Hi Vladimir, Google Apps gadget authentication does not work the same if you redirect to a third party website instead of the start page. Also, altering the RelayState is not supported by SAML.
If you replace the Google Apps gadgets with custom web applications, you can use AuthSub to gain access to user data. AuthSub is designed to work with SSO enabled domains, however SSO does not bypass prompting the user permission for the third party to access his data. In other words, authentication and authorization are separate activities. With the exception of the Email gadget, the Google Apps gadgets render as if the user is not signed in. This is because the start page is designed to be renderable even if a user is not signed in, and the (legacy) Google Gadgets API does not provide a method to determine whether a user is signed in. But as you noted, the Google Calendar gadget is awkwardly missing a sign in link. -alex On May 25, 10:38 pm, Vladimir Solomenchuk <[EMAIL PROTECTED]> wrote: > > In step 6, when the ID provider passes the SAML response back to the > > web application, are you grabbing the SAML response and making a > > cookie out of that? I'm thinking if you could do that then you could > > introduce the data in that cookie into the bespoke apps(widgets) in > > the site to authenticate with google. > > I have no access to user data (because different domains) > Looks like every service has its own authentication.For example, you > have to visit calendar page for work with calendar widget and google > talk page for google talk. Even on ig page calendar widget will not > work without visiting calendar page. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
