Staff‎ > ‎Geoff Kneller‎ > ‎

Geoff's Cloud Computing Blog

Designing for Google Apps Marketplace SSO Part 1 - Background

posted Mar 11, 2010, 10:04 AM by Geoffrey Kneller

One thing that becomes clear right away is that for your app to be accepted into Google Apps Marketplace, it must support Single Sign On using OpenID. How this applies to a Google Web Toolkit application written for Google App Engine isn't quite clear from the documentation: this blog post attempts to sort that out.

First off, it's important to consider some background on who the user will be in this scenario, and how they will be set up:
  1. The user will be someone from a business that has bought Google Apps Standard, Google Apps Premiere, or Google Apps Educational edition.
  2. The user's domain administrator will have purchased and installed your app for everyone in the domain. You can't, as far as I can tell, have an app for just some of the users in the domain: it's going to be deployed to everyone.
  3. The user already has a Google Apps account set up, with their user name / e-mail address, a nickname (perhaps their real name), and a password. They probably sign into it first thing in the morning to access their web-based e-mail and calendar.
  4. Authentication of the user may not be happening on a Google server; the user's organization may have set up authentication back to their organizational LDAP server.
How is sign-in of such a user with a Google Web Toolkit Google App Engine application written in Java managed? A servlet running on the App Engine server uses the Google Accounts API to do something like this:

// Check if the user is logged in 
if(userService.isUserLoggedIn()) { 
    // Get the current user 
    User user = userService.getCurrentUser(); 
    if(user != null) { 
        // Copy strings 
        String id = user.getUserId(); 
        String authDomain = user.getAuthDomain(); 
        String email = user.getEmail(); 
        String nickname = user.getNickname(); 

        // Copy admin status 
        Boolean appAdmin = userService.isUserAdmin();

And then the results could be sent back to the client as a response to an RPC. Sign-in can be enforced by making the appropriate additions to web.xml for the application.

The Google Accounts API gets you access to the user's Google account, but this isn't the same thing as OpenID. In order to meet the requirements for Google Apps Marketplace, we'll have more work to do.

Getting Ready for Google Apps Marketplace

posted Mar 11, 2010, 8:16 AM by Geoffrey Kneller

Google has now opened up Google Apps Marketplace, and if you're a developer of cloud computing applications using Google App Engine, you'll want to get involved! In this post, I'll begin to describe the process of getting an app ready for the marketplace from a developer's perspective.

From a high-level perspective, here are the steps to get an app ready for the marketplace:

  1. Build an application. It appears that it doesn't have to be a Google App Engine app - any cloud computing application that meets certain standards (discussed below) will work. Google has put up a tutorial of how to do this, with a non-Java application. I'll be presenting a Java tutorial using Google Web Toolkit and Google App Engine on these pages over the next few weeks.
  2. Understand some design issues. There are a few things the application developer should know going into the design effort. Google has an application lifecycle document available, and there are some key points on it that a developer should understand:
    • There are data access API's for mail, calendar, sites, spreadsheets, and contacts, so you should understand how to integrate with the user's existing Google apps data using these APIs if it's important to your app.
    • Google will provide a universal navigation menu bar in Google Apps with your app as a link on the 'More' item on the left menu, based on a manifest that you provide.
    • The dashboard can be used to give a domain administrator access to additional configuration settings for your app. 
  3. Implement Single Sign-On. Your app has to support OpenID Single Sign On. Google has some good documentation up for doing this, and there appear to be libraries already available in a variety of the languages people do web development in. We'll be implementing this as part of our Java tutorial later on, but if you're designing a new app from scratch, it would be good to understand this crucial piece of the puzzle up front.
  4. Create a Manifest. You'll need to create an XML manifest file to describe your app to the Google Apps marketplace.
  5. Sign Up. There are a few steps to sign up and publish your application. You will need to:
    • Sign in to the marketplace application using your Google account.
    • Create a vendor profile, with information like your company name, address, and what you do.
    • Create a listing for your application. You can create a listing for a product, or for professional services. Note that your first listing will require you to pay $100. You'll have to provide information on your product such as a name, overview, and pricing details. You can also add marketing collaterals like a video or screenshots.
    • You can then submit your listing for the Google approval process.
So that's a basic list of what it takes to get going. In future posts, we'll go into more detail on the design issues and SSO implementation with a simple Java app.

1-2 of 2