[google-appengine] Re: Redirection problems after enabling OpenID
I commented out the filter in the web.xml file and I have the same problem, so it is not the filter. Basically I am using the default GWT program when you install the Google plug-in for Eclipse, and i just enable OpenID in the application dashboard. Is there something else I have to do to get OpenID to work. Below is my web.xml http://java.sun.com/dtd/web-app_2_3.dtd";> IdentityCheck /* greetServlet com.kodak.intersystem.appspot.server.GreetingServiceImpl greetServlet /intersystem_webapp/greet Intersystem_webapp.html index.html Protected Site /* * CONFIDENTIAL -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
[google-appengine] Re: Redirection problems after enabling OpenID
Basically I have set up the following filter...
package com.kodak.intersystem.appspot.server;
import java.io.IOException;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import com.google.appengine.api.users.User;
import com.google.appengine.api.users.UserService;
import com.google.appengine.api.users.UserServiceFactory;
public class IdentityFilterImpl implements Filter
{
private FilterConfig filterConfig;
private static final Logger log =
Logger.getLogger(IdentityFilterImpl.class.getName());
//@Override
public void destroy()
{
}
//@Override
public void doFilter(ServletRequest servletRequest, ServletResponse
servletResponse, FilterChain filterChain)
throws IOException, ServletException
{
log.info("Identity filter processed a " +
getFilterConfig().getInitParameter("logType") + " request");
UserService userService = UserServiceFactory.getUserService();
User user = userService.getCurrentUser();
if (user != null)
{
log.warning("Identity filter user.getAuthDomain()= "
+ user.getAuthDomain());
log.warning("Identity filter user.getEmail())= "
+ user.getEmail());
log.warning("Identity filter user.getFederatedIdentity() = "
+ user.getFederatedIdentity());
log.warning("Identity filter user.getNickname() = "
+ user.getNickname());
log.warning("Identity filter user.getUserId()= "
+ user.getUserId());
log.warning("Identity filter user.toString() = "
+ user.toString());
//resp.setContentType("text/plain");
//resp.getWriter().println("Hello, " +
user.getNickname());
}
else
{
log.severe("Identity filter - uknown user");
}
filterChain.doFilter(servletRequest, servletResponse);
}
//@Override
public void init(FilterConfig filterConfig) throws ServletException
{
this.filterConfig = filterConfig;
}
public FilterConfig getFilterConfig() { return filterConfig; }
}
Is it the filter that is causing the problem?
Cheers, Eric
On May 29, 11:30 pm, Bert wrote:
> Hey Eric,
>
> In the request handler where you're redirected to after login with
> OpenId, make sure that handler doesn't cause the redirect loop. So
> look how you're checking for logged in user before redirecting to the
> login page again.
>
> Cheers,
> Rob
>
> On May 29, 6:40 pm, Eric Kolotyluk wrote:
>
>
>
>
>
>
>
> > I tried clearing the cookies and restarting the browser several times,
> > but that did not seem to help.
>
> > Cheers, Eric
--
You received this message because you are subscribed to the Google Groups
"Google App Engine" group.
To post to this group, send email to google-appengine@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine?hl=en.
[google-appengine] Multiple Instances of the Same App
I remember reading some policy that Google prohibits people people from basically running the same app under different registration. I gather one reason for this is so that people don't exploit the free nature of apps, or so that Google is not replicating essentially the same app everywhere. What ever the reason I don't want to violate Google's policies. We have an app we want to develop for our customers, but we essentially want each customer to have their own instance of the app for quotas and billing purposes. Basically, if our customers want the service, they would pay Google directly, rather than us figuring out who uses what and billing our customers. It would also make it easy for our software to automatically create the customer's app on app engine and keep it up-to-date. An alternative design would be to have some way to invoke a central app, but for service operations and quota have some way to bill things to a specific account. Does Google have any way to do this that does not violate the policies? The alternative for us is setting up a separate account for each customer on either Amazon, Microsoft, or some other cloud, and essentially giving each customer their own VM instance. There are pros and cons to this, as there are with using the Google PAAS, and I am trying to figure out what our best options are. Cheers, Eric -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
[google-appengine] Re: Redirection problems after enabling OpenID
I tried clearing the cookies and restarting the browser several times, but that did not seem to help. Cheers, Eric -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
Re: [google-appengine] Understanding Security
OK, I finally got around to trying this. Works like a charm. Thanks for such a simple fix to my problem Cheers, Eric On 2011-05-14 10:15 AM, Erick Fleming wrote: Actually I was wrong I on the last point. If you use appengine_web.xml [1] to configure your static files as "excluded" then appengine won't move them to the "static" server. Therefore, you can use a statandard filtering mechanism for those files. [1] http://code.google.com/appengine/docs/java/config/appconfig.html#Including_and_Excluding_Files -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
[google-appengine] Redirection problems after enabling OpenID
After enabling the OpenID Federated Authentication on my app, when I go to my app (via Firefox) I get the following The page isn't redirecting properly Firefox has detected that the server is redirecting the request for this address in a way that will never complete. This problem can sometimes be caused by disabling or refusing to accept cookies. Chrome gives me more or less the same response, but way more verbose. IE9 just chokes. I've seen these kind of redirect problems before with Google Apps, and after a while they just magically went away. Should I just wait and try again another day, or just give up on trying to get OpenID to work? Cheers, Eric -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
Re: [google-appengine] Understanding Security
Woo-Hoo! Thanks, I can't wait to try that, but I'm don't working for the day. Cheers, Eric On 2011-05-14 10:15 AM, Erick Fleming wrote: Actually I was wrong I on the last point. If you use appengine_web.xml [1] to configure your static files as "excluded" then appengine won't move them to the "static" server. Therefore, you can use a statandard filtering mechanism for those files. [1] http://code.google.com/appengine/docs/java/config/appconfig.html#Including_and_Excluding_Files -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
Re: [google-appengine] Understanding Security
If I understand what you are saying, I could make every URL map to a servlet, and let the servlet return the specific static pages. Or can I just put my folder of HTML into the resources section, and not have to write another servlet? Cheers, Eric On 2011-05-13 6:52 PM, Erick Fleming wrote: You are correct. Google stores and serves static files differently than Filters/Servlets/Resources. I know of two alternatives: 1. Store your files as resources 2. Store static content in Datastore Erick On Fri, May 13, 2011 at 6:49 PM, Eric Kolotyluk mailto:eric.koloty...@gmail.com>> wrote: I've been playing around with security in my test app, and was hoping someone could confirm my understanding of things. I have the following in my web.xml Protected Site /* * CONFIDENTIAL Which as far as I can tell forces everyone through the Google login no matter what URL they use. Is this correct? I also have IdentityCheck /* Which as far as I can tell only invokes the filter if a servlet is being invoked. It will not invoke a filter for any static content such as an HTML file. Is this correct? I wanted to set up a second level of authentication to force people to register another identity with the site, and I thought I could do this with the filter by comparing their google ID with a of previously authenticated google IDs. That is, they would only have to go through second level authentication once, and then the app would automatically them through once they authenticated their Google ID. But if filters only run when invoking a servlet, then static content cannot be protect this way because the second level of authentication will never get invoked. Am I understanding this all correctly? Is there any other mechanism I can use to implement this second level of authentication that does cover static content too? Cheers, Eric -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com <mailto:google-appengine@googlegroups.com>. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com <mailto:google-appengine%2bunsubscr...@googlegroups.com>. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
[google-appengine] Understanding Security
I've been playing around with security in my test app, and was hoping someone could confirm my understanding of things. I have the following in my web.xml Protected Site /* * CONFIDENTIAL Which as far as I can tell forces everyone through the Google login no matter what URL they use. Is this correct? I also have IdentityCheck /* Which as far as I can tell only invokes the filter if a servlet is being invoked. It will not invoke a filter for any static content such as an HTML file. Is this correct? I wanted to set up a second level of authentication to force people to register another identity with the site, and I thought I could do this with the filter by comparing their google ID with a of previously authenticated google IDs. That is, they would only have to go through second level authentication once, and then the app would automatically them through once they authenticated their Google ID. But if filters only run when invoking a servlet, then static content cannot be protect this way because the second level of authentication will never get invoked. Am I understanding this all correctly? Is there any other mechanism I can use to implement this second level of authentication that does cover static content too? Cheers, Eric -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com. To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
