Thanks Julian, That's what I was unfortunately suspecting :-( Cheers, -Patricia
Patricia Goldweic [EMAIL PROTECTED] > -----Original Message----- > From: [email protected] > [mailto:[EMAIL PROTECTED] On Behalf Of > Julian (Google) > Sent: Monday, August 18, 2008 6:01 AM > To: Google Apps APIs > Subject: [google-apps-apis] Re: is there a way to avoid the > intermediate page for SSO domains? > > > Hi Patricia, > > Unfortunately for private Google Sites the intermediate page > cannot be avoided, it is part of the Sites login flow as a > user can authenticate to different private/shared Sites from > different domains. Other services like Calendar or Docs do > not have this intermediate page. > > Cheers, > Julian. > > On Aug 14, 3:33 pm, "Patricia Goldweic" <[EMAIL PROTECTED]> > wrote: > > Hi Julian, > > Thanks for replying. Sorry for the relative vagueness of my > first email. > > Here is the situation: > > 1- My program (on behalf of the current user) requests a page such > > ashttp://sites.google.com/a/ourtestdomain.edu, > > Orhttp://sites.google.com/a/ourtestdomain.edu/a-test-site. > > 2- Google comes up with a page (this is what I call the > intermediate > > page) with two buttons: the first one says 'Sign in to > ourtestdomain'; > > the second one says 'sign in to another domain'. > > 3- Once the 'sign in to ourtestdomain' button is clicked on, Google > > proceeds with the SSO process (that is, it sends a SAML > request to our > > SSO web app, which will somehow obtain the user credentials and > > proceed to authenticate the user). This proceeds as > expected, with the > > user then getting logged in to our domain, and directly > accessing one of the urls above. > > > > As I mentioned earlier, step 2 appears to come up ONLY if our sites > > domain is configured so that content can be shared with > other domains > > (which is what we need). > > So my main question is whether we can avoid step 2 in the above > > sequence, so as to provide users with access to the desired > document in only one click. > > > > It would also be useful to understand more of the following: > > 1- Is the intermediate page always supposed to show up when content > > can be shared with other domains, or can this be controlled somehow? > > 2- Do the different Google Apps services differ in terms of > whether we > > should expect or not such a page? (we are interested in calendar, > > sites and docs at this point) Thanks in advance for your answers, > > -Patricia > > > > Patricia Goldweic > > [EMAIL PROTECTED] > > > > > -----Original Message----- > > > From: [email protected] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Julian > > > (Google) > > > Sent: Thursday, August 14, 2008 8:18 AM > > > To: Google Apps APIs > > > Subject: [google-apps-apis] Re: is there a way to avoid the > > > intermediate page for SSO domains? > > > > > Hi Patricia, > > > > > I think I don't understand completely your scenario, could you > > > please add some details on the pages/URLs you are > requesting and the > > > intermediate page. > > > > > When SSO is set up for Google Apps, the SSO login page > should show > > > up when a user is accessing a Google Property (Docs, Gmail, > > > Calendar, etc). Once the user authenticates a redirection should > > > occur to the original requested page, after the first > login, the SSO > > > login page should not show up again until the session > expires (user > > > closes the browser or signs-out). > > > > > If you have a problem with the redirection, I recommend > you to check > > > the RelayStay parameter, your SSO implementation should read this > > > web parameter from the URL to be able to redirect the user to the > > > appropriate page. > > > > > Cheers, > > > Julian. > > > > > On Aug 12, 9:02 pm, "Patricia Goldweic" > <[EMAIL PROTECTED]> > > > wrote: > > > > Hi, > > > > I've successfully set up SSO for a test Google Apps Domain. > > > My current > > > > problem is that users are being presented with an intermediate > > > > page whenever they try to access content in the domain, which > > > > tries to confirm that they actually want to login to > that domain, > > > > as > > > opposed to > > > > some other, external domain. (once they click on a button, they > > > > are logged into my domain without having to enter login > > > information, which > > > > tells me that the SSO code that I've set up is actually > > > working fine). > > > > I've noticed that this ONLY happens when I set up > services in the > > > > domain so that content can be shared with people OUTSIDE of the > > > > domain. So my question is: is there a way to get rid of such > > > > intermediate page, given that we DO want to share content > > > with users outside of the domain? > > > > -Patricia > > > > > > Patricia Goldweic > > > > [EMAIL PROTECTED] > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
