17 messages in com.googlegroups.google-enterprise-developerRe: Error in my OneBox query| From | Sent On | Attachments |
|---|---|---|
| Scot Hershman | 13 Feb 2007 10:48 | |
| jdandrea | 14 Feb 2007 20:54 | |
| Scot Hershman | 15 Feb 2007 15:58 | |
| Scot Hershman | 16 Feb 2007 04:41 | |
| jdandrea | 16 Feb 2007 11:08 | |
| Scot Hershman | 17 Feb 2007 06:28 | |
| jdandrea | 17 Feb 2007 21:34 | |
| Scot Hershman | 21 Feb 2007 05:02 | |
| jdandrea | 27 Feb 2007 11:49 | |
| Scot Hershman | 28 Feb 2007 04:33 | |
| jdandrea | 28 Feb 2007 06:35 | |
| Scot Hershman | 28 Feb 2007 08:29 | |
| jdandrea | 28 Feb 2007 08:59 | |
| jdandrea | 02 Mar 2007 19:02 | |
| jdandrea | 02 Mar 2007 19:53 | |
| Scot Hershman | 03 Mar 2007 08:01 | |
| jdandrea | 03 Mar 2007 12:09 |
| Subject: | Re: Error in my OneBox query |
|---|---|
| From: | jdandrea (jdan...@gmail.com) |
| Date: | 02/28/2007 08:59:32 AM |
| List: | com.googlegroups.google-enterprise-developer |
On Feb 28, 11:29 am, "Scot Hershman" <scot...@gmail.com> wrote:
Where is this [access=a] setting located?
When you perform a search (and depending on your search form settings in the front-end), access might be passed as a query string parameter. Just like "q" for the query. Same idea. Nothing you need to pass along via OneBox though.
Ultimately I would like it to google to execute these onebox queries with the credentials of the user doing the search. The reason for this is if I hit a database and want to only return matches related to that person.
Ah-ha! But recall this:
The GSA_ prefixed elements allow authentication between the GSA and the provider. This is performed on behalf of all end-users.
To clarify s'more, if you use those GSA_ prefixed elements, the OneBox is using that single login ("your special creds") but you are NOT letting the end-user provide their creds.
Now you've just confirmed you really _do_ want to use the end-user creds. Good! However ...
At no time do I ever want a dialog box popping up asking the user for his/her credentials.
If the GSA doesn't get their credentials (even at least once), how will the OneBox module be able to pass them along? I suppose if they're somehow cached or already in-play, that will be enough, but be aware that it's possible they will be challenged at least once just to get their creds into the slipstream.
In short, try using basic auth but don't fill in the GSA_prefixed elements, like so:
<security userAuth="basic"> <GSA_username/> <GSA_password/> </security>
This will engage basic authentication (if needed). Do a secure search by picking "public and secure content" and this should, in turn, instigate a basic authentication pop-up if necessary.
-- Joe D'Andrea Liquid Joe LLC +1 (908) 781-0323