SSO,使用Google Apps用户数据库 [英] SSO, using Google Apps user database
问题描述
我发现了如何从Google Apps实施SSO的大量资源,换句话说,当登录Google Apps时,使用了第三方用户数据库来对用户进行身份验证.
I have found loads of resources on how to implement SSO from Google Apps, in other words using a third party user database to authenticate users when logging into Google Apps.
我想反过来做;我们正在制作供内部使用的Web应用程序,并且我们已经对我们满意的Google Apps进行了有效的部署.我想通过Google Apps管理用户,并且希望用户使用其Google Apps凭据登录.
I want to do it the other way around; we are making a web application for internal use, and we already have a functioning deployment of Google Apps we are quite satisfied with. I want to manage my users from Google Apps, and I want the users to log in using their Google Apps credentials.
完全有可能获得其凭据,然后使用提供的凭据自动尝试登录Google的服务器,但这并不是理想的解决方案.
It would be quite possible to take their credentials, then automatically attempt to log in on Google's servers using the credentials provided, but that's not exactly an ideal solution.
有什么建议吗?
推荐答案
在Provisioning API部分(code.google.com/Google Apps/Management API's/Provisioning)中查看ClientLogin API.
Have a look at the ClientLogin API, in the Provisioning API section (code.google.com / Google Apps / Management API's / Provisioning )
它使您可以验证给定用户名和密码的用户.
It allows you to authenticate users given their username and password.
请注意,OpenID是执行此操作的一种更好的方法,而您的帖子中没有任何内容可以解释为什么这不是更好的选择.
Note that OpenID is a MUCH better way of doing this, and nothing in your post explains why this would not be a better choice.
ClientLogin问题:
Problems with ClientLogin:
- Google会不喜欢您(他们希望人们使用OAuth等)
- 您偶尔会收到403和验证码错误
- 这里没有SSO,与OpenID不同
最后一点实际上很重要-自己管理登录听起来像是个好主意,但对于大多数用户而言,BUT并不是首选...
That last point is actually important - managing the login yourself sounds like a good idea BUT is not the preferred option for most users...
这篇关于SSO,使用Google Apps用户数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
