Google User Directory
September 9 2012, 11:54 PM
The JanRain plugin (which lets users log in with accounts from Facebook and Twitter) is excellent for public logins - but what about internal logins? At Daemon we found that JanRain authentication was TOO flexible for applications where we simply wanted federated logins for our team. Google oAuth is exactly what we were after, and it has the added advantage of letting us disable old users from a central location. So we've created a new plugin to integrate it into FarCry.
Here is how to set it up:
Part 1: Google Configuration
- Open the Google API Console in a browser
- Create a new project
- In API Access, create a client ID
You will need to add the links FarCry will be using to this config:- redirect uri: http://[your domain here]/index.cfm?type=gudLogin&view=displayLogin
- javascript origin: http://[your domain here]
- You will need the Client ID and Client Secret - either copy them, or keep the window open
Part 2: FarCry Configuration
- Add the googleud plugin (https://farcry.jira.com/svn/GUD/trunk) to the project; milestone for an official "Version 1" will be added soon
- Update the application
- Put the Google Client ID and Client Secret into the Google User Directory config
- Deploy the new content types - gudUser and gudGroup
- Create a Google user group (Admin -> General Admin -> User Directory -> Group Groups) for your email domain
- Add your group to the appropriate FarCry roles (Admin -> General Admin -> Roles & Permissions -> Roles)
But wait, there's more!
Often you will have an existing account in the application you have added GoogleUD to. This can lead to issues with:
- history tracking
- content ownership
- the old account won't be disabled if the Google account is
So in the Webtop there is a utility for merging an existing account into your Google login account.
