[appengine-java] Re: Automatic logout via Google Login Service ?
As I.denardo said our application stores the email addresses of the users in the datastore and check if the user is in the datastore. Not all users can use our application and some can use some parts of the application. If its a paid application you need to check the domain also if its paid or not etc. So you need a mechanism to check if the users domain is allowed to use the application and if the user is granted to use the application. I don't know you application but at some point you may need to have users in your datastore to apply user permissions and payment system. And you need to email them at some point and instead of usin google data api every time you can use your own datastore and update users when a user with domain admin rights logs in or maybe you can leave it to the admin to click sync users button like system which will use less resources for you. I use both systems, when an admin rights user logs in I sync users once a day and I've a button for syncing users if admin needs to do it manually. Oh I forgot also when a user tries to login and their domain found in datastore and paid but user is not in datastore I use google data api to fetch user details and if domain admin user I grant login otherwise I alert the user to get in contact with his/her system admins. If you need some sample code please tell. -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
[appengine-java] Re: Automatic logout via Google Login Service ?
Hello, I don't know if this can work for you... In our app we authorize users recording email addresses in datastore. WE use a custom admin page where we add user emails (or entire domains) to allow users to access our app. When a user logs in, we check if he's authorized and we serve the application if he is, otherwise we prompt an error message. Maybe you can call an immediate redirect to logout url from your serving page so unauthorized users get immediately logged out. Notice that this requires you to set up a user authorization mchanism on your own. There's no option to filter users using regular APIs. This is a lack I hope will be removed, and maybe one of the improvements from AppEngine for business (the central management console seems to go towards this direction). Furthermore, I guess there's no way to generate User objects from a user email address. You need to know an auth domain to get the unique identifier, and that seems something hard to guess especially if you use openID (I never tested this, so maybe I'm wrong). Using only the email address to filter users is not the best thing to do, but it's ok for us. Hope this can be useful Regards Lorenzo On Oct 21, 6:30 am, Didier Durand durand.did...@gmail.com wrote: Hello, I implemented UserService with GWT to get the login service of Google Accounts. Works fine with the provided login and logout links. But, Google Accounts will accept login for all the accounts it knows (much much more than my application with a few users only) How can I force logout of a user that Google Accounts accepts right after the login because my application doesn't know this user ? Thanks didier -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
[appengine-java] Re: Automatic logout via Google Login Service ?
An article with a sum up from the GWT team: http://googlewebtoolkit.blogspot.com/2010/10/using-dynamic-host-page-for-gwt-apps.html The way we serve our GWT app (embedded in JSP) is very similar, only we have one more filter. On Oct 21, 12:33 pm, l.denardo lorenzo.dena...@gmail.com wrote: Hello, I don't know if this can work for you... In our app we authorize users recording email addresses in datastore. WE use a custom admin page where we add user emails (or entire domains) to allow users to access our app. When a user logs in, we check if he's authorized and we serve the application if he is, otherwise we prompt an error message. Maybe you can call an immediate redirect to logout url from your serving page so unauthorized users get immediately logged out. Notice that this requires you to set up a user authorization mchanism on your own. There's no option to filter users using regular APIs. This is a lack I hope will be removed, and maybe one of the improvements from AppEngine for business (the central management console seems to go towards this direction). Furthermore, I guess there's no way to generate User objects from a user email address. You need to know an auth domain to get the unique identifier, and that seems something hard to guess especially if you use openID (I never tested this, so maybe I'm wrong). Using only the email address to filter users is not the best thing to do, but it's ok for us. Hope this can be useful Regards Lorenzo On Oct 21, 6:30 am, Didier Durand durand.did...@gmail.com wrote: Hello, I implemented UserService with GWT to get the login service of Google Accounts. Works fine with the provided login and logout links. But, Google Accounts will accept login for all the accounts it knows (much much more than my application with a few users only) How can I force logout of a user that Google Accounts accepts right after the login because my application doesn't know this user ? Thanks didier -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
[appengine-java] Re: Automatic logout via Google Login Service ?
An article with a sum up from the GWT team: http://googlewebtoolkit.blogspot.com/2010/10/using-dynamic-host-page-for-gwt-apps.html The way we serve our GWT app (embedded in JSP) is very similar, only we have one more filter. On Oct 21, 12:33 pm, l.denardo lorenzo.dena...@gmail.com wrote: Hello, I don't know if this can work for you... In our app we authorize users recording email addresses in datastore. WE use a custom admin page where we add user emails (or entire domains) to allow users to access our app. When a user logs in, we check if he's authorized and we serve the application if he is, otherwise we prompt an error message. Maybe you can call an immediate redirect to logout url from your serving page so unauthorized users get immediately logged out. Notice that this requires you to set up a user authorization mchanism on your own. There's no option to filter users using regular APIs. This is a lack I hope will be removed, and maybe one of the improvements from AppEngine for business (the central management console seems to go towards this direction). Furthermore, I guess there's no way to generate User objects from a user email address. You need to know an auth domain to get the unique identifier, and that seems something hard to guess especially if you use openID (I never tested this, so maybe I'm wrong). Using only the email address to filter users is not the best thing to do, but it's ok for us. Hope this can be useful Regards Lorenzo On Oct 21, 6:30 am, Didier Durand durand.did...@gmail.com wrote: Hello, I implemented UserService with GWT to get the login service of Google Accounts. Works fine with the provided login and logout links. But, Google Accounts will accept login for all the accounts it knows (much much more than my application with a few users only) How can I force logout of a user that Google Accounts accepts right after the login because my application doesn't know this user ? Thanks didier -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
[appengine-java] Re: Automatic logout via Google Login Service ?
Hi, I assume that your application can distinguish between the user who is logged (as Google Accounts user) is a part of your application or not. You can try doing something like this (for automatic logout)... String link = userService.createLogoutURL(callbackUrl); if(!userInMyApp(request.getUserPrincipal())) { response.sendRedirect(link); return; } -Gaurav www.mastergaurav.com On Oct 21, 9:30 am, Didier Durand durand.did...@gmail.com wrote: Hello, I implemented UserService with GWT to get the login service of Google Accounts. Works fine with the provided login and logout links. But, Google Accounts will accept login for all the accounts it knows (much much more than my application with a few users only) How can I force logout of a user that Google Accounts accepts right after the login because my application doesn't know this user ? Thanks didier -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.