Hi Anirudh, I have some questions, and i always know you will come up with answers. I will appreciate if you answer all listed questions, at the below space of each question specifically. (1) I am using Microsoft visual studio 2008 for SSO Experiment, as at this moment it is difficult to get visual studio 2005 for free download.(if you know any link then always feel free to send.) (2) As i do not find the path "C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\.." in Microsoft visual studio 2008,i actually find (makecert.exe & pvk2pfx.exe) files in "c:\Program files\Microsoft SDKS\windows\v6.0A\makecert.exe & pvk2pfx.exe".This second path is working nicely in visual studio 2008. (3) The interesting thing which I find while running these two files on command prompt according to documentation is that, after running makecert.exe it asks for password / confirm password. Which password should I enter?? Is it the Google apps password? I generated certificate using my valid password. In general I created three certificates in my “key” folder ( mycert.cer/mycert.pvk/ mycert.pfx).I used Mono software of Google for command prompt execution. (4) As in Google documentation it is stated something for xcalcls. What is that??? Actually I downloaded xcalcls. But I am unable to use this tool effectively. "C:\Program Files\Support Tools\xcacls.exe" mycert.pfx /e /g MYCOMPUTERNAME\ASPNET:R (5) Another issue is how to give permission in IIS 7 .I mean what is “Run the Permissions Wizard on the GoogleAppsSso Virtual Directory to set it up as a public website”??? (6) I tested my final application by putting http://localhost/GoogleAppsSso/Prompt.aspx and http://My domain name/GoogleAppsSso/Prompt.aspx but http://mail.google.com/a/<My Domain name> do not contact http://localhost/GoogleAppsSso/Prompt.aspx
(7) At the end of documentation it is mentioned like “Customizing authentication and authorization logic -------------------------------------------------- Edit the Page_Load method in C:\projects\Google.Apps.SingleSignOn\web \SingleSignOn.aspx.cs to place restrictions on who can log in to Google Apps for this domain. The sample application does not verify the credentials. It may be helpful in development to view the SAML request, SAML response, and RelayState values. To see this information, edit C: \projects\Google.Apps.SingleSignOn\web\Web.config and set the Google.Apps.SingleSignOn.Url to SingleSignOnDebug.aspx instead of SingleSignOn.aspx.” But it is also not solving the problem??? On Aug 25, 6:40 am, "Anirudh (Google)" <[EMAIL PROTECTED]> wrote: > Hi Arkesh, > > What error message do you on the console see when you run the command > line utilities i.e. makecert.exe and pvk2pfx.exe ? > > Running the following command generates the certificate with public > key (.cer) and the private key (.pvk): > "c:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin > \makecert.exe" -r -pe -n "CN=My Domain" -sky exchange -sv mycert.pvk > mycert.cer > > Post running that command, you need to run: > "C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin > \pvk2pfx.exe" -pvk mycert.pvk -spc mycert.cer -pfx mycert.pfx > to generate the .pfx file for your SSO assembly consumption. > > -Anirudh > > On Aug 24, 5:59 am, Arkesh <[EMAIL PROTECTED]> wrote: > > > Hi Everybody, > > I want to implement Google single sign on for my organization > > website. > > I used Google api SSO .NET Client library.Link is as > > belowhttp://code.google.com/apis/apps/libraries_and_samples.htmlhttp://cod... > > > there is a read me file for documentation. > > I am pasting the read me doucmentation here at the end of this > > message. > > Actually i followed instructions according to documentation ,but hte > > real problem comes at,installing certificates > > Creating and installing a certificate > > ------------------------------------- > > > 1. Run these commands from a command prompt. If Visual Studio 2005 > > is installed in a different location, change the commands accordingly. > > > cd \projects\Google.Apps.SingleSignOn\key > > > "C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin > > \makecert.exe" -r -pe -n "CN=My Domain" -sky exchange -sv mycert.pvk > > mycert.cer > > > "C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin > > \pvk2pfx.exe" -pvk mycert.pvk -spc mycert.cer -pfx mycert.pfx > > > makecert.exe will generate two files: > > > mycert.cer - certificate which contains the public key > > mycert.pvk - contains the private key > > > pvk2pfx.exe will generate one file: > > > mycert.pfx - contains the private key, usable by .NET framework > > > Read about these utilities on MSDN: > > > makecert.exe > > http://msdn2.microsoft.com/en-us/library/bfsktky3(VS.80).aspx > > > pvk2pfx.exe > > http://msdn2.microsoft.com/en-us/library/aa387764.aspx > > > 2. Verify, and grant if necessary, read permission to the ASP.NET > > user to read the mycert.pfx file. One way to do this is through the > > file properties Security tab. If you have the xcacls utility > > installed, > > > "C:\Program Files\Support Tools\xcacls.exe" mycert.pfx /e /g > > MYCOMPUTERNAME\ASPNET:R > > > ------------------ > > if i run "C:\Program Files\Microsoft Visual Studio 8\Common7\Tools > > \Bin\pvk2pfx.exe" -pvk mycert.pvk -spc mycert.cer -pfx mycert.pfx > > at commnad prompt it do not allows me to run the command with -r -pe - > > n "CN=My Domain" -sky exchange -sv mycert.pvk mycert.cer > > options > > > is there is any solutions to make it simple but clear???? > > > ================ > > > This sample C# ASP.NET application can be used as a SAML Identity > > Provider for the Google Apps Single Sign-On service. > > > See this article at the Google Code website for an introduction to the > > Google Apps Single Sign-On service: > > >http://code.google.com/apis/apps/sso/saml_reference_implementation.html > > > Building the sample application with Microsoft Visual Studio 2005 > > ----------------------------------------------------------------- > > > 1. Extract the .zip file to a local directory, e.g. C:\projects > > \Google.Apps.SingleSignOn. The contents are: > > > key - test certificates > > src - C# source code > > web - ASP.NET source code > > VS2005.sln - Visual Studio 2005 solution file. > > > 2. Open the C:\projects\Google.Apps.SingleSignOn\VS2005.sln solution > > file in Visual Studio 2005. > > > 3. Build the solution. > > > 4. The executables are in C:\projects\Google.Apps.SingleSignOn\web > > \bin > > > Installing the sample application in Internet Information Services > > ------------------------------------------------------------------ > > > 1. Open the IIS management console. > > > 2. Create a new Virtual Directory to C:\projects > > \Google.Apps.SingleSignOn\web, e.g. GoogleAppsSso > > > 3. Run the Permissions Wizard on the GoogleAppsSso Virtual Directory > > to set it up as a public website. > > > Creating and installing a certificate > > ------------------------------------- > > > 1. Run these commands from a command prompt. If Visual Studio 2005 > > is installed in a different location, change the commands accordingly. > > > cd \projects\Google.Apps.SingleSignOn\key > > > "C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin > > \makecert.exe" -r -pe -n "CN=My Domain" -sky exchange -sv mycert.pvk > > mycert.cer > > > "C:\Program Files\Microsoft Visual Studio 8\Common7\Tools\Bin > > \pvk2pfx.exe" -pvk mycert.pvk -spc mycert.cer -pfx mycert.pfx > > > makecert.exe will generate two files: > > > mycert.cer - certificate which contains the public key > > mycert.pvk - contains the private key > > > pvk2pfx.exe will generate one file: > > > mycert.pfx - contains the private key, usable by .NET framework > > > Read about these utilities on MSDN: > > > makecert.exe > > http://msdn2.microsoft.com/en-us/library/bfsktky3(VS.80).aspx > > > pvk2pfx.exe > > http://msdn2.microsoft.com/en-us/library/aa387764.aspx > > > 2. Verify, and grant if necessary, read permission to the ASP.NET > > user to read the mycert.pfx file. One way to do this is through the > > file properties Security tab. If you have the xcacls utility > > installed, > > > "C:\Program Files\Support Tools\xcacls.exe" mycert.pfx /e /g > > MYCOMPUTERNAME\ASPNET:R > > > 3. Go to the Google Apps control panel for your domain. In the > > Advanced tools Single sign-on section, upload mycert.cer as > > Verification certificate. > > > 4. Also in the Advanced tools Single Sign-On section, set the Sign-in > > page URL tohttp://localhost/GoogleAppsSso/Prompt.aspx. The localhost > > URL is for testing. Substitute your server's domain name after > > testing. > > > 5. Edit C:\projects\Google.Apps.SingleSignOn\web\Web.config and set > > the correct path for Google.Apps.SingleSignOn.PfxFile as created in > > step 1. > > > Testing the sample application > > ------------------------------ > > > 1. Open a browser to Google Apps emailhttp://mail.google.com/a/<your > > domain name> > > > 2. Verify that the browser redirects to the sample > > applicationhttp://localhost/GoogleAppsSso/Prompt.aspx > > > 3. Enter a valid Google Apps username and any value for password. > > (See below for customizing the authentication and authorization > > logic.) > > > 4. Verify that after you sign in you are able access Google Apps > > email. > > > Customizing authentication and authorization logic > > -------------------------------------------------- > > > Edit the Page_Load method in C:\projects\Google.Apps.SingleSignOn\web > > \SingleSignOn.aspx.cs to place restrictions on who can log in to > > Google Apps for this domain. The sample application does not verify > > the credentials. > > > It may be helpful in development to view the SAML request, SAML > > response, and RelayState values. To see this information, edit C: > > \projects\Google.Apps.SingleSignOn\web\Web.config and set the > > Google.Apps.SingleSignOn.Url to SingleSignOnDebug.aspx instead of > > SingleSignOn.aspx. > > > Acknowledgements > > ---------------- > > > This sample application is derived from a more complete SSO/ > > Provisioning application written by Bill Mers <[EMAIL PROTECTED]>. We > > thank him for his contribution to this open-source project. > > > Bugs/Feedback > > ------------- > > > Join the Google Apps APIs group and let us know ways we can improve > > the sample code. > > >http://groups.google.com/group/google-apps-apis --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
