That's what I was meaning...still my low-level English doesn't help to explain :-)
What I did was to deploy a servlet in _ah/login_required, which generated login URL (assuming Google as an openID provider) and redirected to it using standard servlet redirection. I had /* pattern in security-constraint resource list to require login for all pages in my application, and so caugth also /_ah/ under security constraint: that led to the UserService generate login methods to return _ah/login_required as a login url, and so I got stuck in a redirection loop. My servlet was in fact redirecting to its own address. Removing _ah/login_required from the pages under security constraint (that is, using explicit paths for the pages I had in my app instead of /*) resolved it. UserService generates the correct login url when called from the servlet. I hope this is clearer Regards Lorenzo On May 31, 12:01 pm, Scott Ellis <m...@scottellis.com.au> wrote: > Ah sorry I get it - the /_ah/login_required pattern is caught by the '/' > handler...gotcha. Hard to make a 'nice' default behaviour for that one then > I guess. Cheers. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appeng...@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.