Is the user API for Google App Engine too strict?

Question

Is the user API for Google App Engine too strict?

Looking at the Google App Engine APIs, it seems that despite all its great features, the user API is extremely limited. It seems you can only authenticate people who have a Google account, or use an OpenID account, or through some kind of OAuth kung fu (confirmation of connection with a Facebook account, etc.).

This, apparently, is the main stumbling block for everyone who wants to create a proprietary user database by creating user accounts in the application. In short, I do not want my users to use or create a Google account to access my application.

Has anyone else encountered this restriction and was it a transaction trespasser to use GAE? Am I missing something? In an application, can I deploy my own Spring security system and use my own user API? Comments on this are greatly appreciated. Thanks.

+4

google-app-engine

Tom motley Aug 20 '10 at 17:04

source share

2 answers

Drew sears · Answer 1 · 2010-08-20T17:20:54+0000

You can completely ignore the Users API and implement your own authentication system, as in any other hosting environment. Nothing in App Engine allows you to do this.

The user API is just convenient if you want to spare yourself the need to re-implement everything and save your users from the inconvenience of filling out another registration form and remembering a different set of credentials.

Gopi · Answer 2 · 2010-08-21T03:19:15+0000

You can always implement your own user management system.

In my application, I used spring-security for this purpose. spring security 3.0.1 works great with application 1.3.5. There may be some problems with other versions of both. I found the links below extremely useful:

Is the user API for Google App Engine too strict?

More articles: