Sourabh, Public/private keys are only used to ensure secure communications between the backend of your service and Google.
Here is a basic process of how a user gets to a secured service when SSO is enabled: 1) user requests something that requires a password 2) user is sent to *your* server to authenticate 3) your service either grants or denies access to the user 4) your service forwards them to Google with a RSA/DSA signed token containing their GApps username 5) Google "takes your word for it" and logs them in to their account If you are confused about how to setup your RSA/DSA keys, take a look at this fantastic tutorial: http://code.google.com/apis/apps/articles/sso-keygen.html And, there are tutorials for a number of common SSO products: Shibboleth 2: http://code.google.com/apis/apps/articles/shibboleth2.0.html PingFederate: http://code.google.com/apis/apps/articles/pingfederate.html JA-SIG CAS: http://www.ja-sig.org/wiki/display/CASUM/SAML+2.0+(Google+Accounts+Integration) Good luck. Sam On Sep 11, 12:45 pm, "sourabh modi" <[EMAIL PROTECTED]> wrote: > o..k, you interpreted questions correctly, i might be conceptually wrong, > thanks for your response... > > On Fri, Sep 12, 2008 at 1:11 AM, Met Sacramento <[EMAIL PROTECTED]> wrote: > > > Saurabh, > > > I'm a bit confused about your questions. > > > 1) RSA/DSA keys are not generated for each user - only for each > > domain. > > 2) What do you mean by "web service" that uses "google's SSO service"? > > The application you are designing to integrate with Google Apps? > > > Sam > > > On Sep 10, 9:54 pm, saurabh <[EMAIL PROTECTED]> wrote: > > > Hi, > > > i had two questions about SSO, > > > 1. How are RSA/DSA keys generated for different users on server. > > > 2. Please refer me the web service which uses google's SSO service. > > > > Thank You > > > Sourabh Modi --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
