Reputation: 785
Google App Engine - Multiple User sessions
My application uses Google OAuth2 alongside Spring security. The sample implementation is here.
The problem is >> I have multiple users signed in my chrome browser.User can be normal Google user or Google Apps Domain user as well. I dont get why my application redirects to https://appengine.google.com/_ah/loginform?state=####.
After I select a user from the provided options , UserService interface takes credentials of the user selected. But again after this I am prompted with account chooser page.
In my application I have used createLoginURL() of UserService to redirect user to login page. Also if I select a different user from the account chooser page, the one prompted second, the UserService still retains the credentials of the user selected from the first page.
The problem I am stuck in here is how to update my UserService according to the user selected. Also if user switches to second account from Google's page (search,drive,mail etc.) , how can I re-instantiate UserService with the changed user's credentials . Is there any way I could use 'authUser' or 'session_state' of request headers or any other values to trigger an event in application due to the user change. I am aware of the fact that sessions on Google App Engine are maintained using datastore entity '_ah_SESSION' and I have a cron to remove the expired ones as well in place. Everything works fine if browser has just one user logged into Google.
In short, how to maintain multiple user sign-in details using UserService interface?
Upvotes: 1
Views: 296
Answers (1)
Reputation: 3591
If you've observed that which user is logged-in to your app is independent of which user is signed-in and active in another tab for a google service like gmail or drive, this is, as you explained, due to the storage of session cookies on your app, and the fact that they aren't updated on any "signal" from the gmail, drive, etc. tab. If you'd like to manage multiple sign-ins on App Engine using the Users service, you should star and poke this public issue tracker feature request.
Upvotes: 0
Related Questions
- How to deal with Sessions in Google App Engine?
- AppEngine and sessions
- Authentication Strategy for GAE
- GAE webapp2 session: the correct process of creating and checking sessions
- google app engine session
- Online Users in an AppEngine Website
- Google App Engine User Registration System
- AppEngine: creating my own UserService?
- Using sessions in GAE/J
- How exactly do Google App Engine for Java sessions work?